Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 20-04-2017 Uruchomiony przez Łukasz (administrator) ŁUKASZ-PC (22-04-2017 00:18:43) Uruchomiony z C:\Users\Łukasz\Downloads Załadowane profile: Łukasz (Dostępne profile: Łukasz) Platform: Windows 7 Ultimate Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 9 (Domyślna przeglądarka: "C:\Program Files (x86)\Hipmy\Application\chrome.exe" "%1") Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe (Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (ExWzp Pvt Ltd.) C:\Program Files (x86)\WinZipper\winzipersvc.exe (IEC) C:\Program Files (x86)\BikaQRss\BikaQ.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe () C:\Users\Łukasz\AppData\Local\AMD\amd.exe (Apple Inc.) D:\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Apple Inc.) D:\Bonjour\mDNSResponder.exe () C:\Users\Łukasz\AppData\Local\clean\Kyubey.exe () C:\Users\Łukasz\AppData\Roaming\jcfic\UvConverter.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe () C:\Users\Łukasz\AppData\Roaming\Kyubey\Kyubey.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe (Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe (MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe (MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe (Apple Inc.) D:\iTunes\iTunesHelper.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Apple Inc.) D:\iPod\bin\iPodService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe (Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.1\Lightshot.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE (Google Inc.) C:\Program Files (x86)\Hipmy\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Hipmy\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Hipmy\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Hipmy\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Hipmy\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Hipmy\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Hipmy\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Hipmy\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Hipmy\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Hipmy\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Hipmy\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Hipmy\Application\chrome.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe () C:\ProgramData\Bagbin\Bagbin.exe () C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe (Google Inc.) C:\Program Files (x86)\Hipmy\Application\chrome.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Google Inc.) C:\Program Files (x86)\Hipmy\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Hipmy\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Hipmy\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Hipmy\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Hipmy\Application\chrome.exe (Winziper Pvt Ltd.) C:\Program Files (x86)\WinZipper\winziper.exe (Google Inc.) C:\Program Files (x86)\Hipmy\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Hipmy\Application\chrome.exe ==================== Rejestr (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [iTunesHelper] => D:\iTunes\iTunesHelper.exe [303928 2017-03-22] (Apple Inc.) HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-16] (Intel Corporation) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation) HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [1047536 2013-11-12] (MSI) HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] () HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation) HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-21-4264678522-3618739240-1028856009-1000\...\MountPoints2: {02d00b86-220f-11e4-bde4-448a5b604310} - F:\autorun.exe HKU\S-1-5-21-4264678522-3618739240-1028856009-1000\...\MountPoints2: {55e8e8a3-8ea6-11e4-8603-448a5b604310} - G:\Startme.exe HKU\S-1-5-21-4264678522-3618739240-1028856009-1000\...\MountPoints2: {55e8e8dc-8ea6-11e4-8603-448a5b604310} - G:\Startme.exe HKU\S-1-5-21-4264678522-3618739240-1028856009-1000\...\MountPoints2: {9e2af773-1b10-11e4-bdb3-448a5b604310} - F:\CMADownloader.exe HKU\S-1-5-21-4264678522-3618739240-1028856009-1000\...\Winlogon: [Shell] C:\ProgramData\ethernet-53\ethernet-9.exe -81,explorer.exe <==== UWAGA HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2016-09-01] (Microsoft Corporation) IFEO\MRT.exe: [Debugger] C:\Windows\TEMP\wea6624.tmp\Gubed.exe -Yrrehs IFEO\taskmgr.exe: [Debugger] GroupPolicy: Ograniczenia - Chrome <======= UWAGA CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Winsock: Catalog5-x64 07 D:\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{BE2E826D-3C4F-4E97-9640-B7FF65DC9BE5}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nuesearch.com/?type=hp&ts=1472034743&z=8f8e5e9ea164e42f0802c6bg6z8m8o0eecez3m3z5c&from=eve0822&uid=ST1000DM003-1CH162_Z1DA3RS3XXXXZ1DA3RS3 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nuesearch.com/?type=hp&ts=1472034743&z=8f8e5e9ea164e42f0802c6bg6z8m8o0eecez3m3z5c&from=eve0822&uid=ST1000DM003-1CH162_Z1DA3RS3XXXXZ1DA3RS3 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-4264678522-3618739240-1028856009-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nuesearch.com/search/?type=ds&ts=1473858127&z=fc4308013f8788c8831f333g2z3m6cab7w7b7gbo1q&from=qks0914&uid=ST1000DM003-1CH162_Z1DA3RS3XXXXZ1DA3RS3&q={searchTerms} HKU\S-1-5-21-4264678522-3618739240-1028856009-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nuesearch.com/?type=hp&ts=1472034743&z=8f8e5e9ea164e42f0802c6bg6z8m8o0eecez3m3z5c&from=eve0822&uid=ST1000DM003-1CH162_Z1DA3RS3XXXXZ1DA3RS3 HKU\S-1-5-21-4264678522-3618739240-1028856009-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://pl.msn.com/?pc=UP97&ocid=UP97DHP HKU\S-1-5-21-4264678522-3618739240-1028856009-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nuesearch.com/?type=hp&ts=1472034743&z=8f8e5e9ea164e42f0802c6bg6z8m8o0eecez3m3z5c&from=eve0822&uid=ST1000DM003-1CH162_Z1DA3RS3XXXXZ1DA3RS3 HKU\S-1-5-21-4264678522-3618739240-1028856009-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1473858127&z=fc4308013f8788c8831f333g2z3m6cab7w7b7gbo1q&from=qks0914&uid=ST1000DM003-1CH162_Z1DA3RS3XXXXZ1DA3RS3&q={searchTerms} HKU\S-1-5-21-4264678522-3618739240-1028856009-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.msn.com/?pc=SL5M&ocid=SL5MDHP&osmkt=pl-pl SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1491052061&z=053f3a7b7d8b8b64c8fc857g8z6t6g1e2wco4e9q7g&from=gggn1&uid=ST1000DM003-1CH162_Z1DA3RS3XXXXZ1DA3RS3&q={searchTerms} SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1491052061&z=053f3a7b7d8b8b64c8fc857g8z6t6g1e2wco4e9q7g&from=gggn1&uid=ST1000DM003-1CH162_Z1DA3RS3XXXXZ1DA3RS3&q={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1491052061&z=053f3a7b7d8b8b64c8fc857g8z6t6g1e2wco4e9q7g&from=gggn1&uid=ST1000DM003-1CH162_Z1DA3RS3XXXXZ1DA3RS3&q={searchTerms} SearchScopes: HKLM-x32 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1491052061&z=053f3a7b7d8b8b64c8fc857g8z6t6g1e2wco4e9q7g&from=gggn1&uid=ST1000DM003-1CH162_Z1DA3RS3XXXXZ1DA3RS3&q={searchTerms} SearchScopes: HKU\S-1-5-21-4264678522-3618739240-1028856009-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1491052061&z=053f3a7b7d8b8b64c8fc857g8z6t6g1e2wco4e9q7g&from=gggn1&uid=ST1000DM003-1CH162_Z1DA3RS3XXXXZ1DA3RS3&q={searchTerms} SearchScopes: HKU\S-1-5-21-4264678522-3618739240-1028856009-1000 -> NTURL hxxp://www.bing.com/search?FORM=UWDFNU&PC=SL5M&q={searchTerms}&src=IE-TopResult SearchScopes: HKU\S-1-5-21-4264678522-3618739240-1028856009-1000 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = SearchScopes: HKU\S-1-5-21-4264678522-3618739240-1028856009-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1491052061&z=053f3a7b7d8b8b64c8fc857g8z6t6g1e2wco4e9q7g&from=gggn1&uid=ST1000DM003-1CH162_Z1DA3RS3XXXXZ1DA3RS3&q={searchTerms} BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems Incorporated) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\javvv\bin\ssv.dll [2017-03-15] (Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\javvv\bin\jp2ssv.dll [2017-03-15] (Oracle Corporation) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-08-22] (McAfee, Inc.) Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-08-22] (McAfee, Inc.) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-08-22] (McAfee, Inc.) Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-08-22] (McAfee, Inc.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-01-02] (Skype Technologies) FireFox: ======== FF ProfilePath: C:\Users\Łukasz\AppData\Roaming\Mozilla\Firefox\Profiles\4utt9d3b.default [2017-04-01] FF NewTab: Mozilla\Firefox\Profiles\4utt9d3b.default -> hxxp://www.luckysearch123.com?type=hp&ts=1481560687&from=2c231209&uid=st1000dm003-1ch162_z1da3rs3xxxxz1da3rs3&z=58e37f13fb414b802713a79gazeb8gcwaq7ebq2bcq FF DefaultSearchEngine: Mozilla\Firefox\Profiles\4utt9d3b.default -> luck FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\4utt9d3b.default -> luck FF SelectedSearchEngine: Mozilla\Firefox\Profiles\4utt9d3b.default -> luck FF Homepage: Mozilla\Firefox\Profiles\4utt9d3b.default -> hxxp://www.amisites.com/?type=hp&ts=1484747297&z=14a152999ef2b726d7871b1g9zbb8z3m3z2meo0t0q&from=che0812&uid=ST1000DM003-1CH162_Z1DA3RS3XXXXZ1DA3RS3 FF Extension: (Adblock Plus) - C:\Users\Łukasz\AppData\Roaming\Mozilla\Firefox\Profiles\4utt9d3b.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-01-14] FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2016-05-24] FF SearchPlugin: C:\Users\Łukasz\AppData\Roaming\Mozilla\Firefox\Profiles\4utt9d3b.default\searchplugins\amisites.xml [2017-02-07] FF SearchPlugin: C:\Users\Łukasz\AppData\Roaming\Mozilla\Firefox\Profiles\4utt9d3b.default\searchplugins\luck.xml [2017-02-08] FF SearchPlugin: C:\Users\Łukasz\AppData\Roaming\Mozilla\Firefox\Profiles\4utt9d3b.default\searchplugins\nuesearch.xml [2016-08-24] FF SearchPlugin: C:\Users\Łukasz\AppData\Roaming\Mozilla\Firefox\Profiles\4utt9d3b.default\searchplugins\ourluckysites.xml [2017-04-05] FF SearchPlugin: C:\Users\Łukasz\AppData\Roaming\Mozilla\Firefox\Profiles\4utt9d3b.default\searchplugins\startpageing123.xml [2017-02-21] FF ProfilePath: C:\Users\Łukasz\AppData\Roaming\Firefox\Firefox\Profiles\4utt9d3b.default [2017-04-19] FF NewTab: Firefox\Firefox\Profiles\4utt9d3b.default -> hxxp://www.luckysearch123.com?type=hp&ts=1481560687&from=2c231209&uid=st1000dm003-1ch162_z1da3rs3xxxxz1da3rs3&z=58e37f13fb414b802713a79gazeb8gcwaq7ebq2bcq FF DefaultSearchEngine: Firefox\Firefox\Profiles\4utt9d3b.default -> luck FF SearchEngineOrder.1: Firefox\Firefox\Profiles\4utt9d3b.default -> luck FF SelectedSearchEngine: Firefox\Firefox\Profiles\4utt9d3b.default -> luck FF Homepage: Firefox\Firefox\Profiles\4utt9d3b.default -> about:home FF Extension: (SimilarWeb) - C:\Users\Łukasz\AppData\Roaming\Firefox\Firefox\Profiles\4utt9d3b.default\Extensions\@DA3566E2-F709-11E5-8E87-A604BC8E7F8B.xpi [2017-01-19] [Brak podpisu cyfrowego] FF Extension: (FF Adr) - C:\Users\Łukasz\AppData\Roaming\Firefox\Firefox\Profiles\4utt9d3b.default\Extensions\@H99KV4DO-UCCF-9PFO-9ZLK-8RRP4FVOKD9O.xpi [2017-01-18] [Brak podpisu cyfrowego] FF Extension: (English (US) Language Pack) - C:\Users\Łukasz\AppData\Roaming\Firefox\Firefox\Profiles\4utt9d3b.default\Extensions\langpack-en-US@firefox.mozilla.org.xpi [2017-01-18] [Brak podpisu cyfrowego] FF Extension: (Adblock Plus) - C:\Users\Łukasz\AppData\Roaming\Firefox\Firefox\Profiles\4utt9d3b.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-01-14] FF SearchPlugin: C:\Users\Łukasz\AppData\Roaming\Firefox\Firefox\Profiles\4utt9d3b.default\searchplugins\amisites.xml [2017-01-18] FF SearchPlugin: C:\Users\Łukasz\AppData\Roaming\Firefox\Firefox\Profiles\4utt9d3b.default\searchplugins\luck.xml [2017-01-18] FF SearchPlugin: C:\Users\Łukasz\AppData\Roaming\Firefox\Firefox\Profiles\4utt9d3b.default\searchplugins\nuesearch.xml [2016-08-24] FF SearchPlugin: C:\Users\Łukasz\AppData\Roaming\Firefox\Firefox\Profiles\4utt9d3b.default\searchplugins\searchinme.xml [2017-01-18] FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi FF HKLM-x32\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\Łukasz\AppData\Roaming\Mozilla\Firefox\Profiles\4utt9d3b.default\extensions\deskCutv2@gmail.com => nie znaleziono FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_148.dll [2017-04-12] () FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_148.dll [2017-04-12] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> D:\javvv\bin\dtplugin\npDeployJava1.dll [2017-03-15] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> D:\javvv\bin\plugin2\npjp2.dll [2017-03-15] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-05-21] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-08] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-08] (NVIDIA Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Brak pliku] FF Plugin HKU\S-1-5-21-4264678522-3618739240-1028856009-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Łukasz\AppData\Local\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-11] (Google Inc.) FF Plugin HKU\S-1-5-21-4264678522-3618739240-1028856009-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Łukasz\AppData\Local\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-11] (Google Inc.) Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=pl-pl CHR StartupUrls: Default -> "hxxp://www.nuesearch.com/?type=hp&ts=1472034743&z=8f8e5e9ea164e42f0802c6bg6z8m8o0eecez3m3z5c&from=eve0822&uid=ST1000DM003-1CH162_Z1DA3RS3XXXXZ1DA3RS3" CHR DefaultSearchURL: Default -> hxxp://www.ourluckysites.com/search/?type=ds&ts=1491052061&z=053f3a7b7d8b8b64c8fc857g8z6t6g1e2wco4e9q7g&from=gggn1&uid=ST1000DM003-1CH162_Z1DA3RS3XXXXZ1DA3RS3&q={searchTerms} CHR DefaultSearchKeyword: Default -> ourluckysites CHR Profile: C:\Users\Łukasz\AppData\Local\Google\Chrome\User Data\Default [2017-04-22] CHR Extension: (AdBlock) - C:\Users\Łukasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-02-08] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Łukasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-08] CHR Extension: (Chrome Media Router) - C:\Users\Łukasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-08] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-4264678522-3618739240-1028856009-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx StartMenuInternet: Google Chrome.CM3O6BD3SLWN53C2ZID4LQYV44 - c:\users\Łukasz\appdata\local\google\chrome\application\chrome.exe Opera: ======= StartMenuInternet: (HKLM) OperaStable - C:\Program Files (x86)\Opera\Launcher.exe ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 3DM; C:\Users\Łukasz\AppData\Local\3DM\Kitty.dll [754688 2017-04-19] (kitty.exe) [Brak podpisu cyfrowego] R2 AMD; C:\Users\Łukasz\AppData\Local\AMD\amd.exe [252928 2017-04-11] () [Brak podpisu cyfrowego] R2 Apple Mobile Device Service; D:\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-03-17] (Apple Inc.) R2 AppleSrv; C:\ProgramData\Apple\Apple Application\DeviceCfg.dll [118784 2017-03-15] () [Brak podpisu cyfrowego] R2 Apple_Cfg; C:\ProgramData\Apple\Apple Application Support\Support.dll [112640 2017-02-23] () [Brak podpisu cyfrowego] R2 BagbinP; C:\ProgramData\Bagbin\Bagbin.exe [422272 2016-08-22] () R2 Bonjour Service; D:\Bonjour\mDNSResponder.exe [462096 2015-08-12] (Apple Inc.) R2 clean; C:\Users\Łukasz\AppData\Local\clean\Kyubey.exe [114688 2017-04-06] () [Brak podpisu cyfrowego] R2 Convxxxx; C:\Users\Łukasz\AppData\Roaming\jcfic\UvConverter.exe [376832 2017-02-06] () [Brak podpisu cyfrowego] R2 FirefoxU; C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe [106160 2017-01-18] () R2 IlS; C:\ProgramData\Tencent\QQ\report\report.dll [340480 2016-10-20] () [Brak podpisu cyfrowego] R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Brak podpisu cyfrowego] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) S3 intelsba; C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [54976 2013-07-25] (Intel Corporation) R3 iPod Service; D:\iPod\bin\iPodService.exe [689464 2017-03-22] (Apple Inc.) R2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [131024 2016-12-02] (Elex do Brasil Participações Ltda) R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-01] () R3 iThemes5; C:\Program Files (x86)\Common Files\Services\iThemes.dll [459264 2017-02-13] () [Brak podpisu cyfrowego] <==== UWAGA R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation) R2 Kitty; C:\Users\Łukasz\AppData\Local\Kitty\Kitty.dll [754688 2017-04-19] (kitty.dll) [Brak podpisu cyfrowego] R2 Kyubey; C:\Users\Łukasz\AppData\Roaming\Kyubey\Kyubey.exe [236032 2017-04-01] () [Brak podpisu cyfrowego] R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [163592 2016-08-22] (McAfee, Inc.) R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161776 2013-09-09] (MSI) R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD.) S3 PAExec; C:\Windows\PAExec.exe [189112 2017-03-16] (Power Admin LLC) S2 SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [24576 2014-04-23] (Realtek Semiconductor.) [Brak podpisu cyfrowego] R2 Themes; C:\Windows\system32\themeservice.dll [44544 2009-07-14] (Microsoft Corporation) [DependOnService: iThemes5]<==== UWAGA R2 WinSAPSvc; C:\Users\Łukasz\AppData\Roaming\WinSAPSvc\WinSAP.dll [568320 2017-04-21] (winsap) [Brak podpisu cyfrowego] R2 WINSNARE; C:\Users\Łukasz\AppData\Roaming\WINSNARE\WinSnare.dll [1291776 2017-04-05] (InterSect Alliance Pty Ltd) [Brak podpisu cyfrowego] <==== UWAGA R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [1982576 2016-09-14] (ExWzp Pvt Ltd.) [Brak podpisu cyfrowego] <==== UWAGA S2 Archer; C:\Program Files (x86)\WinArcher\Archer.dll [X] S2 bilibili; C:\Program Files (x86)\bilibili\bilibili.dll [X] S2 ed2kidle; "C:\Program Files (x86)\amuleC1\ed2k.exe" -downloadwhenidle [X] S2 GubedZL; C:\Program Files (x86)\Gubed\GubedZL.dll [X] S2 Gubed_WMI; C:\Program Files (x86)\Gubed_WMI\Gubed_WMI.exe -s [X] S2 GubZL; C:\Program Files (x86)\Gub\GubZL.dll [X] S2 InterHop; "C:\Program Files (x86)\InterHop\InterHop.exe" {2C8E8C85-942B-451C-8243-97A089265577} [X] S3 MozillaMaintenance; "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice_tmp.exe" [X] S2 qkseeService; C:\Program Files (x86)\qksee\qkseeSvc.exe [X] S2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [X] S2 SpyHunter 4 Service; "C:\Program Files\Enigma Software Group\SpyHunter\Sh4Service.exe" [X] R2 WinDefend; %ProgramFiles%\Windows Defender\mpsvc.dll [X] S2 WMPNetworkSvc; "%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe" [X] ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2017-03-14] () R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21408 2013-08-01] () R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21920 2013-08-01] () R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-01] () R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [262344 2016-05-23] (Elex do Brasil Participações Ltda) S3 iSafeKrnlBoot; C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys [55056 2016-05-23] (Elex do Brasil Participações Ltda) R1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [110112 2016-05-23] (Elex do Brasil Participações Ltda) R1 iSafeKrnlMon; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [52440 2016-05-23] (Elex do Brasil Participações Ltda) R1 iSafeKrnlR3; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [103904 2016-05-23] (Elex do Brasil Participações Ltda) R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [52392 2016-05-19] (Elex do Brasil Participações Ltda) R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-08-01] () R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation) R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.) R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.) R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI) S3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2017-02-23] (NVIDIA Corporation) S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X] S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X] S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X] S3 MBfilt; system32\drivers\MBfilt64.sys [X] S3 MSICDSetup; \??\E:\CDriver64.sys [X] S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X] S3 NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [X] S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-04-22 00:18 - 2017-04-22 00:19 - 00031289 ____C C:\Users\Łukasz\Downloads\FRST.txt 2017-04-22 00:18 - 2017-04-22 00:18 - 00000000 ___DC C:\FRST 2017-04-22 00:17 - 2017-04-22 00:17 - 02424832 ____C (Farbar) C:\Users\Łukasz\Downloads\FRST64.exe 2017-04-22 00:12 - 2017-04-22 00:13 - 00002508 ____C C:\RannohDecryptor.1.9.6.1_22.04.2017_00.12.31_log.txt 2017-04-22 00:12 - 2017-04-22 00:12 - 00591870 ____C C:\Users\Łukasz\Downloads\rannohdecryptor (1).zip 2017-04-22 00:12 - 2017-01-25 20:11 - 00735112 _____ (Kaspersky Lab ZAO) D:\\RannohDecryptor.exe 2017-04-22 00:12 - 2017-01-25 20:11 - 00735112 _____ (Kaspersky Lab ZAO) D:\\RannohDecryptor.exe 2017-04-21 23:37 - 2017-04-21 23:41 - 19639826 ____C C:\XoristDecryptor.2.5.1.0_21.04.2017_23.37.44_log.txt 2017-04-21 23:37 - 2017-04-21 23:37 - 00801040 ____C (Kaspersky Lab ZAO) C:\Users\Łukasz\Downloads\xoristdecryptor (2).exe 2017-04-21 23:37 - 2017-04-21 23:37 - 00801040 ____C (Kaspersky Lab ZAO) C:\Users\Łukasz\Downloads\Niepotwierdzony 486140.crdownload 2017-04-21 23:36 - 2017-04-21 23:37 - 00002136 ____C C:\WildfireDecryptor.1.0.0.2_21.04.2017_23.36.32_log.txt 2017-04-21 23:36 - 2017-04-21 23:36 - 02805099 ____C C:\Users\Łukasz\Downloads\WildfireDecryptor.zip 2017-04-21 23:36 - 2016-08-24 13:44 - 02933184 _____ (Kaspersky Lab ZAO) D:\\WildfireDecryptor.exe 2017-04-21 23:36 - 2016-08-24 13:44 - 02933184 _____ (Kaspersky Lab ZAO) D:\\WildfireDecryptor.exe 2017-04-21 23:07 - 2017-04-21 23:29 - 12295964 ____C C:\XoristDecryptor.2.5.1.0_21.04.2017_23.07.58_log.txt 2017-04-21 23:07 - 2017-04-21 23:07 - 01218912 ____C C:\Users\Łukasz\Downloads\CoinVaultDecryptor.zip 2017-04-21 23:07 - 2017-04-21 23:07 - 00801040 ____C (Kaspersky Lab ZAO) C:\Users\Łukasz\Downloads\xoristdecryptor.exe 2017-04-21 23:07 - 2017-04-21 23:07 - 00002046 ____C C:\CoinVaultDecryptor.1.0.0.4_21.04.2017_23.07.25_log.txt 2017-04-21 23:05 - 2017-04-21 23:06 - 00002498 ____C C:\RannohDecryptor.1.9.6.1_21.04.2017_23.05.13_log.txt 2017-04-21 23:05 - 2017-04-21 23:05 - 00591870 ____C C:\Users\Łukasz\Downloads\rannohdecryptor.zip 2017-04-21 23:03 - 2017-04-21 23:04 - 00002418 ____C C:\RakhniDecryptor.1.17.17.0_21.04.2017_23.03.26_log.txt 2017-04-21 23:03 - 2017-04-21 23:03 - 05212623 ____C C:\Users\Łukasz\Downloads\RakhniDecryptor.zip 2017-04-21 20:54 - 2017-04-21 20:54 - 00003546 ____C C:\Users\Łukasz\Downloads\calendar_1.ics 2017-04-19 19:46 - 2017-04-19 19:46 - 00444853 ____C C:\Users\Łukasz\Downloads\1.39 The Umbrella 1.1.rar 2017-04-19 13:41 - 2017-04-19 13:41 - 00000000 ____D D:\Programy\MIO 2017-04-19 07:45 - 2017-04-19 07:45 - 00000000 ___DC C:\Users\Łukasz\AppData\Local\3DM 2017-04-18 09:11 - 2017-04-21 11:43 - 00000000 ____C C:\Windows\SysWOW64\22 2017-04-17 23:06 - 2017-04-17 23:06 - 00000000 ____D D:\\Rockstar Games 2017-04-17 23:06 - 2017-04-17 23:06 - 00000000 ____D D:\\Rockstar Games 2017-04-17 22:28 - 2017-04-17 22:28 - 00000000 ____D D:\\EXTERNAL MENU 2017-04-17 22:28 - 2017-04-17 22:28 - 00000000 ____D D:\\EXTERNAL MENU 2017-04-17 22:00 - 2017-04-17 22:00 - 00000305 ____H D:\\.iTunes Preferences.plist 2017-04-17 22:00 - 2017-04-17 22:00 - 00000305 ____H D:\\.iTunes Preferences.plist 2017-04-17 22:00 - 2017-04-17 22:00 - 00000000 ____D D:\\Automatycznie dodaj do iTunes 2017-04-17 22:00 - 2017-04-17 22:00 - 00000000 ____D D:\\Automatycznie dodaj do iTunes 2017-04-17 21:48 - 2017-04-17 21:48 - 00001521 ____C C:\Users\Public\Desktop\iTunes.lnk 2017-04-17 21:48 - 2017-04-17 21:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2017-04-17 21:46 - 2017-04-17 22:04 - 00000000 ____D D:\\iTunes 2017-04-17 21:46 - 2017-04-17 22:04 - 00000000 ____D D:\\iTunes 2017-04-17 21:39 - 2017-04-17 21:39 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2017-04-17 21:39 - 2017-04-17 21:39 - 00000000 ____D C:\Windows\System32\Tasks\Apple 2017-04-17 21:38 - 2017-04-17 21:39 - 00000000 ____D D:\\Apple 2017-04-17 21:38 - 2017-04-17 21:39 - 00000000 ____D D:\\Apple 2017-04-17 21:38 - 2017-04-17 21:38 - 00000000 ____D D:\\Bonjour 2017-04-17 21:38 - 2017-04-17 21:38 - 00000000 ____D D:\\Bonjour 2017-04-17 21:28 - 2017-04-17 20:56 - 257659208 _____ (Apple Inc.) D:\\iTunes64Setup.exe 2017-04-17 21:28 - 2017-04-17 20:56 - 257659208 _____ (Apple Inc.) D:\\iTunes64Setup.exe 2017-04-14 16:05 - 2017-04-14 16:05 - 00000000 ____C C:\Windows\SysWOW64\33 2017-04-14 16:04 - 2017-04-21 11:43 - 00000000 ____C C:\Windows\SysWOW64\11 2017-04-13 12:18 - 2017-04-19 07:44 - 00000000 ___DC C:\Users\Łukasz\AppData\Local\SNARE 2017-04-13 12:18 - 2017-04-18 09:11 - 00000000 ___DC C:\Users\Łukasz\AppData\Local\Kitty 2017-04-10 11:53 - 2017-04-10 12:30 - 00000000 ___DC C:\Users\Łukasz\AppData\Local\SNARER 2017-04-07 14:09 - 2017-04-07 14:09 - 00000000 ___DC C:\Users\Łukasz\AppData\Local\AMD 2017-04-06 13:50 - 2017-04-06 14:51 - 00000000 ___DC C:\Users\Łukasz\AppData\Roaming\SNARER 2017-04-06 13:50 - 2017-04-06 13:50 - 00002059 ____C C:\Users\Public\Desktop\Google Chrome.lnk 2017-04-05 23:02 - 2017-04-05 23:02 - 00000000 ___DC C:\Users\Łukasz\Documents\Add-in Express 2017-04-05 19:29 - 2017-04-05 19:29 - 00000000 ___DC C:\Users\Łukasz\AppData\Local\clean 2017-03-28 00:00 - 2017-03-28 00:00 - 00000000 ___DC C:\Users\Łukasz\AppData\Roaming\clean 2017-03-26 18:41 - 2017-03-26 18:41 - 06885158 _____ D:\\Lektury.rar 2017-03-26 18:41 - 2017-03-26 18:41 - 06885158 _____ D:\\Lektury.rar 2017-03-26 18:41 - 2017-03-26 18:41 - 00000000 ____D D:\\Ziwa 2017-03-26 18:41 - 2017-03-26 18:41 - 00000000 ____D D:\\Ziwa 2017-03-26 18:41 - 2017-03-26 18:41 - 00000000 ____D D:\\Wybrana 2017-03-26 18:41 - 2017-03-26 18:41 - 00000000 ____D D:\\Wybrana ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-04-22 00:13 - 2017-03-14 23:46 - 00000000 ____C C:\report.dat 2017-04-22 00:12 - 2014-12-31 11:44 - 00000000 ____D D:\\UPGRADE 2017-04-22 00:12 - 2014-12-31 11:44 - 00000000 ____D D:\\UPGRADE 2017-04-22 00:08 - 2009-07-14 06:45 - 00023376 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-04-22 00:08 - 2009-07-14 06:45 - 00023376 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-04-22 00:06 - 2015-09-12 14:05 - 00000000 ____D D:\\iphone oli po raz 3 2017-04-22 00:06 - 2015-09-12 14:05 - 00000000 ____D D:\\iphone oli po raz 3 2017-04-22 00:03 - 2017-03-14 23:46 - 00000000 ____C C:\report1.dat 2017-04-22 00:03 - 2017-03-14 23:44 - 00000000 ____C C:\temp.dat 2017-04-22 00:02 - 2016-07-17 10:22 - 00005068 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Łukasz-PC-Łukasz Łukasz-PC 2017-04-22 00:01 - 2017-03-02 00:14 - 00000000 ____C C:\Windows\SysWOW64\4 2017-04-22 00:01 - 2016-03-25 14:25 - 4219453440 ___SH D:\\pagefile.sys 2017-04-22 00:01 - 2016-03-25 14:25 - 4219453440 ___SH D:\\pagefile.sys 2017-04-22 00:01 - 2014-03-07 19:43 - 00000000 ____D C:\ProgramData\NVIDIA 2017-04-22 00:01 - 2014-03-07 16:39 - 00065536 _____ C:\Windows\system32\Ikeext.etl 2017-04-22 00:01 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-04-22 00:00 - 2014-03-07 21:06 - 00000000 ___DC C:\Users\Łukasz\AppData\Local\CrashDumps 2017-04-21 23:47 - 2009-07-14 07:08 - 00032596 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2017-04-21 23:41 - 2017-03-14 03:14 - 00000000 ___DC C:\Windows\pss 2017-04-21 23:05 - 2014-03-07 20:27 - 00000390 _____ C:\Windows\Tasks\update-S-1-5-21-4264678522-3618739240-1028856009-1000.job 2017-04-21 22:02 - 2014-03-07 20:24 - 00000000 ____D D:\\Steam 2017-04-21 22:02 - 2014-03-07 20:24 - 00000000 ____D D:\\Steam 2017-04-21 20:51 - 2014-06-15 23:28 - 00000390 _____ C:\Windows\Tasks\update-sys.job 2017-04-21 11:43 - 2017-02-13 13:43 - 00000000 ___DC C:\Users\Łukasz\AppData\Roaming\WinSAPSvc 2017-04-21 11:43 - 2017-01-18 14:48 - 00003594 _____ C:\Windows\System32\Tasks\Milimili 2017-04-19 22:04 - 2014-03-07 13:16 - 00000000 ___DC C:\Users\Łukasz 2017-04-19 20:26 - 2014-03-07 17:53 - 00000000 ____D D:\\LOL 2017-04-19 20:26 - 2014-03-07 17:53 - 00000000 ____D D:\\LOL 2017-04-19 20:10 - 2017-03-16 22:57 - 00000000 ____D D:\\GTA 5 2017-04-19 20:10 - 2017-03-16 22:57 - 00000000 ____D D:\\GTA 5 2017-04-19 16:51 - 2017-01-02 13:28 - 00000000 ___DC C:\Users\Łukasz\AppData\LocalLow\Mozilla 2017-04-19 14:55 - 2015-02-05 23:14 - 00000000 ___DC C:\Users\Łukasz\AppData\LocalLow\Temp 2017-04-19 13:41 - 2017-03-16 14:36 - 00000000 ____D D:\\Programy 2017-04-19 13:41 - 2017-03-16 14:36 - 00000000 ____D D:\\Programy 2017-04-19 11:41 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing 2017-04-17 21:46 - 2015-07-02 10:17 - 00000000 ____D D:\\iPod 2017-04-17 21:46 - 2015-07-02 10:17 - 00000000 ____D D:\\iPod 2017-04-17 21:41 - 2009-07-14 05:20 - 00000000 ___DC C:\Windows\inf 2017-04-17 21:27 - 2014-03-08 00:01 - 00000000 ____D C:\Windows\System32\Tasks\Games 2017-04-16 01:34 - 2016-08-20 19:56 - 00000000 ____D D:\\google chrome download 2017-04-16 01:34 - 2016-08-20 19:56 - 00000000 ____D D:\\google chrome download 2017-04-15 00:02 - 2016-05-21 10:12 - 00000000 ____D D:\\21;05;2016 2017-04-15 00:02 - 2016-05-21 10:12 - 00000000 ____D D:\\21;05;2016 2017-04-12 12:49 - 2016-07-05 13:49 - 00004554 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier 2017-04-12 12:49 - 2016-07-05 12:02 - 00004412 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2017-04-12 12:49 - 2014-03-07 17:43 - 00802904 ____C (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2017-04-12 12:49 - 2014-03-07 17:43 - 00144472 ____C (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2017-04-12 12:49 - 2014-03-07 17:43 - 00000000 ___DC C:\Windows\SysWOW64\Macromed 2017-04-12 12:49 - 2014-03-07 17:43 - 00000000 ___DC C:\Windows\system32\Macromed 2017-04-11 20:26 - 2016-10-31 19:13 - 00003660 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4264678522-3618739240-1028856009-1000UA 2017-04-11 20:26 - 2016-10-31 19:13 - 00003388 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4264678522-3618739240-1028856009-1000Core 2017-04-10 11:52 - 2016-10-31 19:13 - 00002712 ____C C:\Users\Łukasz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-04-06 13:51 - 2014-03-07 13:17 - 00001641 ____C C:\Users\Łukasz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk 2017-04-06 13:51 - 2014-03-07 13:17 - 00001494 ____C C:\Users\Łukasz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2017-04-06 13:50 - 2017-03-15 16:39 - 00002194 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-04-05 23:02 - 2016-03-25 14:29 - 00000000 ____D C:\ProgramData\WinZip 2017-04-05 22:03 - 2017-03-15 22:01 - 00000571 ____C C:\Users\Public\Desktop\Grand Theft Auto V.lnk 2017-04-05 21:29 - 2017-01-18 15:48 - 00000000 ___DC C:\Users\Łukasz\AppData\Roaming\WinSnare 2017-04-03 19:44 - 2014-03-07 19:58 - 00000000 ___DC C:\Users\Łukasz\AppData\Roaming\Skype 2017-04-02 16:32 - 2017-03-19 18:23 - 00000000 ____D D:\\Cheat Engine 6.6 2017-04-02 16:32 - 2017-03-19 18:23 - 00000000 ____D D:\\Cheat Engine 6.6 2017-04-01 15:45 - 2017-03-02 00:14 - 00000000 ____C C:\Windows\SysWOW64\3 ==================== Pliki w katalogu głównym wybranych folderów ======= 2017-04-17 22:00 - 2017-04-17 22:00 - 0000305 ____H () D:\.iTunes Preferences.plist 2016-08-20 15:49 - 2016-02-28 13:02 - 324863025 _____ () D:\1 runda.MOV 2017-01-10 23:53 - 2017-01-10 23:53 - 0049102 _____ () D:\12273134_983353258377301_904078499_n.jpg 2016-12-06 15:40 - 2016-12-06 15:40 - 0084145 _____ () D:\14610974_1204661459579812_2453289286176633599_n.jpg 2016-12-06 16:05 - 2016-12-06 16:05 - 0054182 _____ () D:\14702295_1204661109579847_5767236625988627094_n.jpg 2016-12-06 16:05 - 2016-12-06 16:05 - 0023775 _____ () D:\14718829_1204661099579848_8822844223332498761_n.jpg 2016-12-06 15:40 - 2016-12-06 15:40 - 0031973 _____ () D:\14724520_1204661242913167_2808361469560137128_n.jpg 2016-12-06 15:40 - 2016-12-06 15:40 - 0029608 _____ () D:\14753959_1204661376246487_6647403274312514966_o.jpg 2016-12-06 15:40 - 2016-12-06 15:40 - 0018725 _____ () D:\14890582_1204661166246508_2074920952418586108_o.jpg 2016-12-03 12:26 - 2016-12-03 12:26 - 0103223 _____ () D:\15219510_1388216984546508_3388096778698386074_n.jpg 2016-12-03 14:02 - 2016-12-03 14:02 - 0032879 _____ () D:\15318026_10205955106757028_7073130721269739085_n.jpg 2016-12-19 23:17 - 2016-12-19 23:17 - 0043875 _____ () D:\15337510_1736785383306630_5758677152469011966_n.jpg 2016-12-21 20:07 - 2016-12-21 20:07 - 0021332 _____ () D:\15420990_1255366191176005_7476557667390960896_n.jpg 2016-12-13 18:15 - 2016-12-13 18:23 - 0246076 _____ () D:\15491910_1414871885192282_691562675_o.jpg 2016-12-13 18:15 - 2016-12-13 18:16 - 0135865 _____ () D:\15497537_1414872068525597_1115708857_n.jpg 2016-12-21 20:07 - 2016-12-21 20:07 - 0048087 _____ () D:\15541300_1255366284509329_202491756627848150_n.jpg 2016-12-21 20:07 - 2016-12-21 20:07 - 0025031 _____ () D:\15541683_1255366234509334_8960563064113995831_n.jpg 2016-08-20 15:49 - 2016-02-28 13:06 - 284529142 _____ () D:\2 runda.MOV 2016-08-20 15:49 - 2016-02-28 13:08 - 273454365 _____ () D:\3 runda.MOV 2017-03-15 21:44 - 2017-03-15 21:44 - 283201840 _____ (NVIDIA Corporation) D:\350.12-desktop-win8-win7-winvista-64bit-international-whql.exe 2016-01-03 19:18 - 2016-01-03 19:18 - 0000000 _____ () D:\872_12639372_MVM_0.tmp 2016-01-03 19:18 - 2016-01-03 19:18 - 0000000 _____ () D:\872_12639372_MVM_1.tmp 2016-01-03 19:18 - 2016-01-03 19:18 - 0000000 _____ () D:\872_12639372_MVM_2.tmp 2016-01-03 19:18 - 2016-01-03 19:18 - 0000000 _____ () D:\872_12639372_MVM_3.tmp 2016-01-03 19:18 - 2016-01-03 19:18 - 0000000 _____ () D:\872_12639372_MVM_4.tmp 2016-01-03 19:18 - 2016-01-03 19:18 - 0000000 _____ () D:\872_12639372_MVM_5.tmp 2016-01-03 19:18 - 2016-01-03 19:18 - 0000000 _____ () D:\872_12639372_MVM_6.tmp 2016-01-03 19:18 - 2016-01-03 19:18 - 0000000 _____ () D:\872_12639372_MVM_7.tmp 2016-01-03 19:18 - 2016-01-03 19:18 - 0000000 _____ () D:\872_12639372_MVM_8.tmp 2016-01-03 19:18 - 2016-01-03 19:18 - 0000000 _____ () D:\872_12639372_MVM_9.tmp 2017-03-16 19:19 - 2017-03-16 20:00 - 0015835 _____ () D:\a1fb2190944f7d51bf47e8abdb78a336.docx 2017-03-02 23:00 - 2016-08-10 17:27 - 0007680 _____ (Microsoft Corporation) D:\api-ms-win-crt-runtime-l1-1-0.dll 2010-06-02 06:21 - 2010-06-02 06:21 - 1347354 _____ () D:\Apr2005_d3dx9_25_x64.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 1078962 _____ () D:\Apr2005_d3dx9_25_x86.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 1397830 _____ () D:\Apr2006_d3dx9_30_x64.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 1115221 _____ () D:\Apr2006_d3dx9_30_x86.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0916430 _____ () D:\Apr2006_MDX1_x86.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 4162630 _____ () D:\Apr2006_MDX1_x86_Archive.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0179133 _____ () D:\Apr2006_XACT_x64.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0133103 _____ () D:\Apr2006_XACT_x86.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0087101 _____ () D:\Apr2006_xinput_x64.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0046010 _____ () D:\Apr2006_xinput_x86.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0698612 _____ () D:\APR2007_d3dx10_33_x64.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0695865 _____ () D:\APR2007_d3dx10_33_x86.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 1607358 _____ () D:\APR2007_d3dx9_33_x64.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 1606039 _____ () D:\APR2007_d3dx9_33_x86.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0195766 _____ () D:\APR2007_XACT_x64.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0151225 _____ () D:\APR2007_XACT_x86.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0096817 _____ () D:\APR2007_xinput_x64.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0053302 _____ () D:\APR2007_xinput_x86.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 1350542 _____ () D:\Aug2005_d3dx9_27_x64.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 1077644 _____ () D:\Aug2005_d3dx9_27_x86.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0182903 _____ () D:\AUG2006_XACT_x64.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0137235 _____ () D:\AUG2006_XACT_x86.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0087142 _____ () D:\AUG2006_xinput_x64.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0046058 _____ () D:\AUG2006_xinput_x86.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0852286 _____ () D:\AUG2007_d3dx10_35_x64.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0796867 _____ () D:\AUG2007_d3dx10_35_x86.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 1800160 _____ () D:\AUG2007_d3dx9_35_x64.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 1708152 _____ () D:\AUG2007_d3dx9_35_x86.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0198096 _____ () D:\AUG2007_XACT_x64.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0153012 _____ () D:\AUG2007_XACT_x86.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0867612 _____ () D:\Aug2008_d3dx10_39_x64.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0849167 _____ () D:\Aug2008_d3dx10_39_x86.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 1794084 _____ () D:\Aug2008_d3dx9_39_x64.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 1464672 _____ () D:\Aug2008_d3dx9_39_x86.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0121772 _____ () D:\Aug2008_XACT_x64.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0092996 _____ () D:\Aug2008_XACT_x86.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0271412 _____ () D:\Aug2008_XAudio_x64.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0271038 _____ () D:\Aug2008_XAudio_x86.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0919044 _____ () D:\Aug2009_D3DCompiler_42_x64.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0900598 _____ () D:\Aug2009_D3DCompiler_42_x86.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 3112111 _____ () D:\Aug2009_d3dcsx_42_x64.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 3319740 _____ () D:\Aug2009_d3dcsx_42_x86.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0232635 _____ () D:\Aug2009_d3dx10_42_x64.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0192131 _____ () D:\Aug2009_d3dx10_42_x86.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0136301 _____ () D:\Aug2009_d3dx11_42_x64.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0105044 _____ () D:\Aug2009_d3dx11_42_x86.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0930116 _____ () D:\Aug2009_d3dx9_42_x64.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0728456 _____ () D:\Aug2009_d3dx9_42_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0122408 _____ () D:\Aug2009_XACT_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0093106 _____ () D:\Aug2009_XACT_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0273264 _____ () D:\Aug2009_XAudio_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0272642 _____ () D:\Aug2009_XAudio_x86.cab 2015-11-03 21:06 - 2015-10-15 18:32 - 734013440 _____ () D:\Blackout (2008) [DVDRip.XviD] [Lektor PL].avi 2017-03-16 18:40 - 2014-10-06 23:14 - 0019101 _____ () D:\change.log 2017-03-19 18:22 - 2017-03-19 18:22 - 11863360 _____ (Cheat Engine ) D:\CheatEngine66.exe 2017-03-16 01:38 - 2017-03-16 01:38 - 1129376 _____ (Google Inc.) D:\ChromeSetup.exe 2017-03-16 18:40 - 2014-10-07 12:46 - 0066913 _____ () D:\CustomSettingNames_en-EN.xml 2010-06-02 06:22 - 2010-06-02 06:22 - 1357976 _____ () D:\Dec2005_d3dx9_28_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 1079456 _____ () D:\Dec2005_d3dx9_28_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0212807 _____ () D:\DEC2006_d3dx10_00_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0191720 _____ () D:\DEC2006_d3dx10_00_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 1571154 _____ () D:\DEC2006_d3dx9_32_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 1574376 _____ () D:\DEC2006_d3dx9_32_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0192475 _____ () D:\DEC2006_XACT_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0145599 _____ () D:\DEC2006_XACT_x86.cab 2016-12-20 22:33 - 2011-09-23 16:41 - 0029028 _____ () D:\Dexter.S05E04.DVDRip.XviD-OiC.txt 2016-12-20 22:33 - 2011-09-23 16:41 - 0028908 _____ () D:\Dexter.S05E04.DVDRip.XviD-REWARD.txt 2016-12-20 22:33 - 2010-10-19 16:25 - 0029026 _____ () D:\Dexter.S05E04.HDTV.XviD-FQM;720p.HDTV.x264-IMMERSE.txt 2016-12-20 21:53 - 2016-12-20 21:53 - 0761951 _____ () D:\Dexter_Sezon_5.zip 2017-03-16 15:06 - 2017-03-14 17:27 - 1483776 _____ () D:\Display Driver Uninstaller.exe 2017-03-16 15:06 - 2015-09-06 13:26 - 0000224 _____ () D:\Display Driver Uninstaller.exe.config 2017-03-16 15:06 - 2017-03-14 17:27 - 0591360 _____ () D:\Display Driver Uninstaller.pdb 2015-12-22 00:23 - 2015-06-27 14:19 - 0889416 _____ (Microsoft Corporation) D:\dotNetFx40_Full_setup.exe 2017-03-16 18:40 - 2002-08-12 15:56 - 0000051 _____ () D:\downloaded_from_www.guru3d.com.nfo 2011-03-30 12:40 - 2011-03-30 12:40 - 0095576 _____ (Microsoft Corporation) D:\DSETUP.dll 2011-03-30 12:40 - 2011-03-30 12:40 - 1566040 _____ () D:\dsetup32.dll 2011-03-30 12:40 - 2011-03-30 12:40 - 0044624 _____ () D:\dxdllreg_x86.cab 2017-03-15 21:17 - 2017-03-15 21:19 - 539195824 _____ (Microsoft Corporation) D:\DXSDK_Mar09.exe 2011-03-30 12:40 - 2011-03-30 12:40 - 0097152 _____ () D:\dxupdate.cab 2017-03-16 01:39 - 2017-03-16 01:39 - 0292184 _____ (Microsoft Corporation) D:\dxwebsetup.exe 2017-03-02 22:58 - 2014-01-26 14:51 - 0000355 _____ () D:\entries_AiORuntimes.ini 2007-11-07 09:00 - 2007-11-07 09:00 - 0017734 _____ () D:\eula.1028.txt 2007-11-07 09:00 - 2007-11-07 09:00 - 0017734 _____ () D:\eula.1031.txt 2007-11-07 09:00 - 2007-11-07 09:00 - 0010134 _____ () D:\eula.1033.txt 2007-11-07 09:00 - 2007-11-07 09:00 - 0017734 _____ () D:\eula.1036.txt 2007-11-07 09:00 - 2007-11-07 09:00 - 0017734 _____ () D:\eula.1040.txt 2007-11-07 09:00 - 2007-11-07 09:00 - 0000118 _____ () D:\eula.1041.txt 2007-11-07 09:00 - 2007-11-07 09:00 - 0017734 _____ () D:\eula.1042.txt 2007-11-07 09:00 - 2007-11-07 09:00 - 0017734 _____ () D:\eula.2052.txt 2007-11-07 09:00 - 2007-11-07 09:00 - 0017734 _____ () D:\eula.3082.txt 2017-03-15 21:45 - 2015-04-13 11:16 - 0015319 ____R () D:\EULA.txt 2010-06-02 06:22 - 2010-06-02 06:22 - 1247499 _____ () D:\Feb2005_d3dx9_24_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 1013225 _____ () D:\Feb2005_d3dx9_24_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 1362796 _____ () D:\Feb2006_d3dx9_29_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 1084720 _____ () D:\Feb2006_d3dx9_29_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0178359 _____ () D:\Feb2006_XACT_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0132409 _____ () D:\Feb2006_XACT_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0194675 _____ () D:\FEB2007_XACT_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0147983 _____ () D:\FEB2007_XACT_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0054678 _____ () D:\Feb2010_X3DAudio_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0020713 _____ () D:\Feb2010_X3DAudio_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0122446 _____ () D:\Feb2010_XACT_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0093180 _____ () D:\Feb2010_XACT_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0276960 _____ () D:\Feb2010_XAudio_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0277191 _____ () D:\Feb2010_XAudio_x86.cab 2015-07-21 17:47 - 2015-07-21 17:47 - 0000040 ____H () D:\FFEF2CF84FD1 2017-03-02 23:00 - 2017-03-02 15:04 - 0014848 _____ () D:\g1.24.exe 2017-03-15 21:43 - 2017-03-15 21:43 - 79525944 ____R (NVIDIA Corporation) D:\GeForce_Experience_v3.4.0.70.exe 2017-03-15 22:24 - 2017-03-15 22:24 - 0047874 _____ () D:\ghb.jpg 2007-11-07 09:00 - 2007-11-07 09:00 - 0001110 _____ () D:\globdata.ini 2017-02-16 21:02 - 2017-02-16 21:16 - 539666480 _____ () D:\Grand Theft Auto San Andreas.iso 2017-03-13 19:46 - 2017-03-13 19:46 - 0098520 _____ () D:\gsebnnnnssn.jpg 2017-03-16 17:23 - 2017-01-22 04:19 - 69617190 _____ () D:\GTANSetup.exe 2017-03-19 22:11 - 2017-03-19 22:11 - 69323802 _____ () D:\GTANSetup.zip 2017-03-15 20:49 - 2017-03-15 16:28 - 200064104 _____ (Rockstar Games) D:\GTAV_Setup_Tool.exe 2017-03-16 18:40 - 2003-04-19 10:33 - 0000148 _____ () D:\guru3d.url 2016-12-13 14:13 - 2016-12-13 14:13 - 0018863 _____ () D:\heh.jpg 2017-03-09 16:14 - 2017-03-09 16:14 - 0030646 _____ () D:\hehnhen.jpg 2015-10-27 22:54 - 2015-11-11 02:16 - 107550862 _____ () D:\IMG_3591.MOV.ccc 2007-11-07 09:03 - 2007-11-07 09:03 - 0562688 _____ (Microsoft Corporation) D:\install.exe 2007-11-07 09:00 - 2007-11-07 09:00 - 0000843 _____ () D:\install.ini 2007-11-07 09:03 - 2007-11-07 09:03 - 0076304 _____ (Microsoft Corporation) D:\install.res.1028.dll 2007-11-07 09:03 - 2007-11-07 09:03 - 0096272 _____ (Microsoft Corporation) D:\install.res.1031.dll 2007-11-07 09:03 - 2007-11-07 09:03 - 0091152 _____ (Microsoft Corporation) D:\install.res.1033.dll 2007-11-07 09:03 - 2007-11-07 09:03 - 0097296 _____ (Microsoft Corporation) D:\install.res.1036.dll 2007-11-07 09:03 - 2007-11-07 09:03 - 0095248 _____ (Microsoft Corporation) D:\install.res.1040.dll 2007-11-07 09:03 - 2007-11-07 09:03 - 0081424 _____ (Microsoft Corporation) D:\install.res.1041.dll 2007-11-07 09:03 - 2007-11-07 09:03 - 0079888 _____ (Microsoft Corporation) D:\install.res.1042.dll 2007-11-07 09:03 - 2007-11-07 09:03 - 0075792 _____ (Microsoft Corporation) D:\install.res.2052.dll 2007-11-07 09:03 - 2007-11-07 09:03 - 0096272 _____ (Microsoft Corporation) D:\install.res.3082.dll 2016-10-08 09:33 - 2016-10-08 09:33 - 41672008 _____ () D:\iplasetup.exe 2017-04-17 21:28 - 2017-04-17 20:56 - 257659208 _____ (Apple Inc.) D:\iTunes64Setup.exe 2016-12-14 18:13 - 2016-12-14 18:13 - 0009637 _____ () D:\jabłko.jpg 2016-12-14 18:24 - 2016-12-14 18:24 - 0082515 _____ () D:\jabłko.png 2017-03-12 23:39 - 2017-03-12 23:39 - 0017750 _____ () D:\jdbndnnd.jpg 2017-03-12 00:02 - 2017-03-12 00:02 - 0005269 _____ () D:\jnrnrnrn.jpg 2017-03-15 20:49 - 2017-03-15 20:42 - 56427072 _____ (Oracle Corporation) D:\jre-8u121-windows-i586.exe 2017-03-22 20:38 - 2017-03-22 20:38 - 0010604 _____ () D:\jtrmrmrmrmr.jpg 2010-06-02 06:22 - 2010-06-02 06:22 - 1336002 _____ () D:\Jun2005_d3dx9_26_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 1064925 _____ () D:\Jun2005_d3dx9_26_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0180785 _____ () D:\JUN2006_XACT_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0133671 _____ () D:\JUN2006_XACT_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0699044 _____ () D:\JUN2007_d3dx10_34_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0698472 _____ () D:\JUN2007_d3dx10_34_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 1607774 _____ () D:\JUN2007_d3dx9_34_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 1607286 _____ () D:\JUN2007_d3dx9_34_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0197122 _____ () D:\JUN2007_XACT_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0152909 _____ () D:\JUN2007_XACT_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0867828 _____ () D:\JUN2008_d3dx10_38_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0849919 _____ () D:\JUN2008_d3dx10_38_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 1792608 _____ () D:\JUN2008_d3dx9_38_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 1463878 _____ () D:\JUN2008_d3dx9_38_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0055154 _____ () D:\JUN2008_X3DAudio_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0021905 _____ () D:\JUN2008_X3DAudio_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0121054 _____ () D:\JUN2008_XACT_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0093128 _____ () D:\JUN2008_XACT_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0269628 _____ () D:\JUN2008_XAudio_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0269024 _____ () D:\JUN2008_XAudio_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0944460 _____ () D:\Jun2010_D3DCompiler_43_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0931471 _____ () D:\Jun2010_D3DCompiler_43_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0752783 _____ () D:\Jun2010_d3dcsx_43_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0762188 _____ () D:\Jun2010_d3dcsx_43_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0235955 _____ () D:\Jun2010_d3dx10_43_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0197283 _____ () D:\Jun2010_d3dx10_43_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0138205 _____ () D:\Jun2010_d3dx11_43_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0109445 _____ () D:\Jun2010_d3dx11_43_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0937246 _____ () D:\Jun2010_d3dx9_43_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0768036 _____ () D:\Jun2010_d3dx9_43_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0124596 _____ () D:\Jun2010_XACT_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0093686 _____ () D:\Jun2010_XACT_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0277338 _____ () D:\Jun2010_XAudio_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0278060 _____ () D:\Jun2010_XAudio_x86.cab 2017-03-09 17:27 - 2017-03-09 17:27 - 0009450 _____ () D:\jurr5njrnnjnr.jpg 2017-03-16 21:01 - 2017-03-19 22:11 - 2596754 _____ () D:\latest.zip 2017-03-26 18:41 - 2017-03-26 18:41 - 6885158 _____ () D:\Lektury.rar 2017-03-15 21:45 - 2015-04-09 02:58 - 0021910 _____ () D:\license.txt 2017-03-15 21:45 - 2015-04-09 02:58 - 0148809 _____ () D:\ListDevices.txt 2017-03-02 23:36 - 2017-03-02 23:37 - 0034451 _____ () D:\main.cpp 2010-06-02 06:22 - 2010-06-02 06:22 - 0844884 _____ () D:\Mar2008_d3dx10_37_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0818260 _____ () D:\Mar2008_d3dx10_37_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 1769862 _____ () D:\Mar2008_d3dx9_37_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 1443282 _____ () D:\Mar2008_d3dx9_37_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0055058 _____ () D:\Mar2008_X3DAudio_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0021867 _____ () D:\Mar2008_X3DAudio_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0122336 _____ () D:\Mar2008_XACT_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0093734 _____ () D:\Mar2008_XACT_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0251194 _____ () D:\Mar2008_XAudio_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0226250 _____ () D:\Mar2008_XAudio_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 1067160 _____ () D:\Mar2009_d3dx10_41_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 1040745 _____ () D:\Mar2009_d3dx10_41_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 1973702 _____ () D:\Mar2009_d3dx9_41_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 1612446 _____ () D:\Mar2009_d3dx9_41_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0054600 _____ () D:\Mar2009_X3DAudio_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0021298 _____ () D:\Mar2009_X3DAudio_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0121506 _____ () D:\Mar2009_XACT_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0092740 _____ () D:\Mar2009_XACT_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0275044 _____ () D:\Mar2009_XAudio_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0273018 _____ () D:\Mar2009_XAudio_x86.cab 2017-02-16 12:10 - 2017-01-29 16:18 - 0348347 _____ () D:\matematyka_PP_A13.pdf 2017-02-16 12:10 - 2017-01-29 16:18 - 0495099 _____ () D:\matematyka_PP_A14.pdf 2017-03-16 21:02 - 2017-03-16 21:02 - 62008080 _____ (Microsoft Corporation) D:\NDP462-KB3151800-x86-x64-AllOS-ENU.exe 2010-06-02 06:22 - 2010-06-02 06:22 - 0864600 _____ () D:\Nov2007_d3dx10_36_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0803884 _____ () D:\Nov2007_d3dx10_36_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 1802058 _____ () D:\Nov2007_d3dx9_36_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 1709360 _____ () D:\Nov2007_d3dx9_36_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0046144 _____ () D:\NOV2007_X3DAudio_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0018496 _____ () D:\NOV2007_X3DAudio_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0196762 _____ () D:\NOV2007_XACT_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0148264 _____ () D:\NOV2007_XACT_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0994154 _____ () D:\Nov2008_d3dx10_40_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0965421 _____ () D:\Nov2008_d3dx10_40_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 1906878 _____ () D:\Nov2008_d3dx9_40_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 1550796 _____ () D:\Nov2008_d3dx9_40_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0054522 _____ () D:\Nov2008_X3DAudio_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0021851 _____ () D:\Nov2008_X3DAudio_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0121794 _____ () D:\Nov2008_XACT_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0092684 _____ () D:\Nov2008_XACT_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0273960 _____ () D:\Nov2008_XAudio_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0272611 _____ () D:\Nov2008_XAudio_x86.cab 2017-03-16 18:40 - 2014-10-07 00:13 - 0641024 _____ (Orbmu2k) D:\nvidiaInspector.exe 2017-03-16 18:40 - 2014-10-06 18:45 - 0000192 _____ () D:\nvidiaInspector.exe.config 2017-03-02 23:36 - 2017-02-10 20:44 - 0695808 _____ () D:\Obfuscator.exe 2010-06-02 06:22 - 2010-06-02 06:22 - 0086037 _____ () D:\Oct2005_xinput_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0045359 _____ () D:\Oct2005_xinput_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 1412902 _____ () D:\OCT2006_d3dx9_31_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 1127217 _____ () D:\OCT2006_d3dx9_31_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0182361 _____ () D:\OCT2006_XACT_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0138017 _____ () D:\OCT2006_XACT_x86.cab 2016-03-25 14:25 - 2017-04-22 00:01 - 4219453440 ___SH () D:\pagefile.sys 2017-03-16 20:29 - 2017-03-16 20:29 - 5193498 _____ () D:\pcifno.txt 2015-12-22 00:23 - 2015-06-27 14:45 - 25395997 _____ () D:\PROWin32.exe 2015-12-22 00:23 - 2015-06-27 14:45 - 55201107 _____ () D:\PROWinx64.exe 2017-04-22 00:12 - 2017-01-25 20:11 - 0735112 _____ (Kaspersky Lab ZAO) D:\RannohDecryptor.exe 2017-03-02 23:00 - 2016-10-12 10:09 - 0001983 _____ () D:\README.txt 2016-11-01 23:14 - 2016-11-01 23:14 - 0007088 _____ () D:\Screenshot_1.jpg 2016-12-14 18:12 - 2016-12-14 18:12 - 0007348 _____ () D:\Screenshot_2.jpg 2017-03-19 22:37 - 2017-03-19 22:37 - 1378066 _____ () D:\ScriptHookV_1.0.1011.1.zip 2017-03-16 23:03 - 2017-03-18 19:59 - 2596754 _____ () D:\server_0.1.386.270.zip 2017-03-15 21:45 - 2015-04-09 02:58 - 0029748 _____ () D:\setup.cfg 2017-03-15 21:45 - 2015-04-09 02:58 - 0413840 _____ (NVIDIA Corporation) D:\setup.exe 2017-03-19 18:21 - 2017-03-19 21:07 - 0001590 _____ () D:\TEN - Parac. Offsets - Money Only_BlaPanda2_CSHACKED.PL.rar 2017-03-19 23:58 - 2016-10-05 21:03 - 0006554 _____ () D:\TEN -Parac. Offsets - Money Only.CT 2016-03-25 13:41 - 2016-03-25 13:42 - 0094617 _____ () D:\Uninstal.exe 2007-11-07 09:00 - 2007-11-07 09:00 - 0005686 _____ () D:\vcredist.bmp 2017-03-16 23:05 - 2017-03-16 23:05 - 1420840 _____ (Microsoft Corporation) D:\vcredist_arm.exe 2017-03-16 21:03 - 2017-03-16 21:03 - 7194312 _____ (Microsoft Corporation) D:\vcredist_x64.exe 2017-03-16 01:40 - 2017-03-16 23:00 - 6554576 _____ (Microsoft Corporation) D:\vcredist_x86.exe 2017-03-16 23:17 - 2017-03-16 23:17 - 6503984 _____ (Microsoft Corporation) D:\vcredist_x86_2013.exe 2007-11-07 09:09 - 2007-11-07 09:09 - 1442522 _____ () D:\VC_RED.cab 2007-11-07 09:12 - 2007-11-07 09:12 - 0232960 _____ () D:\VC_RED.MSI 2017-03-16 21:02 - 2017-03-16 21:02 - 14572000 _____ (Microsoft Corporation) D:\vc_redist.x64.exe 2017-03-16 23:05 - 2017-03-16 23:05 - 13767776 _____ (Microsoft Corporation) D:\vc_redist.x86.exe 2017-03-16 17:26 - 2016-12-27 19:40 - 0010752 _____ (GTA Network) D:\Verify GTA 5 Files.exe 2017-04-21 23:36 - 2016-08-24 13:44 - 2933184 _____ (Kaspersky Lab ZAO) D:\WildfireDecryptor.exe 2017-03-02 22:58 - 2013-10-17 20:10 - 0000700 _____ () D:\WinPKG.xml 2016-10-18 16:28 - 2016-10-18 16:34 - 1810285 _____ () D:\xaEdMg55.JPG 2015-11-11 13:35 - 2015-11-11 14:25 - 0005671 ____C () C:\Users\Łukasz\AppData\Roaming\Microsoft\howto_recover_file_mhyui.html 2015-11-11 13:35 - 2015-11-11 14:25 - 0002543 ____C () C:\Users\Łukasz\AppData\Roaming\Microsoft\howto_recover_file_mhyui.txt 2015-11-11 02:15 - 2015-11-11 02:15 - 0005671 ____C () C:\Users\Łukasz\AppData\Roaming\Microsoft\howto_recover_file_twnxt.html 2015-11-11 02:15 - 2015-11-11 02:15 - 0002543 ____C () C:\Users\Łukasz\AppData\Roaming\Microsoft\howto_recover_file_twnxt.txt 2015-12-16 21:40 - 2015-12-16 21:53 - 0009211 ____C () C:\Users\Łukasz\AppData\Roaming\Microsoft\how_recover+lds.html 2015-12-16 21:40 - 2015-12-16 21:53 - 0002469 ____C () C:\Users\Łukasz\AppData\Roaming\Microsoft\how_recover+lds.txt 2015-11-11 13:31 - 2015-11-11 14:25 - 0005671 ____C () C:\Users\Łukasz\AppData\Local\howto_recover_file_mhyui.html 2015-11-11 13:31 - 2015-11-11 14:25 - 0002543 ____C () C:\Users\Łukasz\AppData\Local\howto_recover_file_mhyui.txt 2015-11-11 02:14 - 2015-11-11 02:15 - 0005671 ____C () C:\Users\Łukasz\AppData\Local\howto_recover_file_twnxt.html 2015-11-11 02:14 - 2015-11-11 02:15 - 0002543 ____C () C:\Users\Łukasz\AppData\Local\howto_recover_file_twnxt.txt 2015-12-16 21:39 - 2015-12-16 21:53 - 0009211 ____C () C:\Users\Łukasz\AppData\Local\how_recover+lds.html 2015-12-16 21:39 - 2015-12-16 21:53 - 0002469 ____C () C:\Users\Łukasz\AppData\Local\how_recover+lds.txt 2014-03-07 14:07 - 2016-01-27 01:48 - 0007604 ____C () C:\Users\Łukasz\AppData\Local\resmon.resmoncfg 2014-03-07 20:27 - 2014-03-07 20:27 - 0000003 ____C () C:\Users\Łukasz\AppData\Local\updater.log 2014-03-07 20:27 - 2016-08-07 19:56 - 0000424 ____C () C:\Users\Łukasz\AppData\Local\UserProducts.xml 2015-11-11 13:29 - 2015-11-11 13:31 - 0005671 _____ () C:\ProgramData\howto_recover_file_mhyui.html 2015-11-11 13:29 - 2015-11-11 13:31 - 0002543 _____ () C:\ProgramData\howto_recover_file_mhyui.txt 2015-11-11 02:13 - 2015-11-11 02:13 - 0005671 _____ () C:\ProgramData\howto_recover_file_twnxt.html 2015-11-11 02:13 - 2015-11-11 02:13 - 0002543 _____ () C:\ProgramData\howto_recover_file_twnxt.txt 2015-12-16 21:38 - 2015-12-16 21:39 - 0009211 _____ () C:\ProgramData\how_recover+lds.html 2015-12-16 21:38 - 2015-12-16 21:39 - 0002469 _____ () C:\ProgramData\how_recover+lds.txt ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2017-04-14 00:56 ==================== Koniec FRST.txt ============================