Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:31-08-2015 Uruchomiony przez Oskar (administrator) OSKAR-KOMPUTER (02-09-2015 20:56:29) Uruchomiony z C:\Users\Oskar\Downloads Załadowane profile: Oskar (Dostępne profile: Oskar) Platform: Windows 7 Professional Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: FF) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe (Electronic Arts) D:\Origin\Origin.exe () C:\Program Files (x86)\baidu\pps.exe (SoftBrain Technologies Ltd.) C:\Users\Oskar\AppData\Local\SmartWeb\SmartWebHelper.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe () D:\Winamp\winampa.exe (SoftBrain Technologies Ltd.) C:\Users\Oskar\AppData\Local\SmartWeb\SmartWebApp.exe () C:\ProgramData\Cyfrowy Polsat E3276\OnlineUpdate\ouc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe () C:\ProgramData\DatacardService\HWDeviceService64.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe () C:\Program Files (x86)\00000000-1440931890-0000-0000-D8CB8A7719CA\jnsj646.tmp (MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe () C:\Windows\System32\PnkBstrA.exe () C:\Program Files (x86)\00000000-1440931890-0000-0000-D8CB8A7719CA\knse6B3B.tmp (TODO: <公司名>) C:\Program Files (x86)\SFK\SSFK.exe () C:\Program Files (x86)\00000000-1440931890-0000-0000-D8CB8A7719CA\hnsu2859.tmp (DTools LIMITED) C:\ProgramData\7WdsManPro7\WdsManPro.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe () C:\Program Files (x86)\SFK\SFKEX64.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7659736 2014-11-26] (Realtek Semiconductor) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation) HKLM\...\Run: [gpuminer] => C:\Users\Oskar\AppData\Roaming\cpuminer\sgminer\start.cmd HKLM\...\Run: [ethminer] => C:\Users\Oskar\AppData\Roaming\cpuminer\ethminer\start.cmd HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-06-27] (Intel Corporation) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated) HKLM-x32\...\Run: [WinampAgent] => D:\Winamp\winampa.exe [37888 2009-07-01] () HKLM-x32\...\Run: [mbot_pl_014010075] => [X] HKLM-x32\...\Run: [gmsd_pl_005010075] => [X] HKLM-x32\...\Run: [gmsd_pl_005010077] => [X] HKLM-x32\...\Run: [SmartWeb] => C:\Users\Oskar\AppData\Local\SmartWeb\SmartWebHelper.exe [270368 2015-02-17] (SoftBrain Technologies Ltd.) HKLM-x32\...\Run: [gmsd_pl_005010078] => [X] HKU\S-1-5-21-2505426920-1216122659-2116753120-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd) HKU\S-1-5-21-2505426920-1216122659-2116753120-1000\...\Run: [SRS Audio Sandbox] => "C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe" /hideme HKU\S-1-5-21-2505426920-1216122659-2116753120-1000\...\Run: [EADM] => D:\Origin\Origin.exe [3638256 2015-09-02] (Electronic Arts) HKU\S-1-5-21-2505426920-1216122659-2116753120-1000\...\Run: [apphide] => C:\Program Files (x86)\baidu\pps.exe [77824 2015-08-12] () HKU\S-1-5-21-2505426920-1216122659-2116753120-1000\...\Run: [GoogleChromeAutoLaunch_E8492C7F197945B686B8F8B162495816] => "C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe" --no-startup-window Startup: C:\Users\Oskar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartWeb.lnk [2015-09-02] ShortcutTarget: SmartWeb.lnk -> C:\Users\Oskar\AppData\Local\SmartWeb\SmartWebHelper.exe (SoftBrain Technologies Ltd.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci..) Tcpip\Parameters: [DhcpNameServer] 192.168.1.20 Tcpip\..\Interfaces\{6FEFBAF4-6551-4CDD-AB6F-4A151BB38AEE}: [NameServer] 199.203.131.145,82.163.143.167 Tcpip\..\Interfaces\{6FEFBAF4-6551-4CDD-AB6F-4A151BB38AEE}: [DhcpNameServer] 192.168.1.20 Tcpip\..\Interfaces\{E9474EB1-E67E-45C1-81B3-7830543FEDBC}: [DhcpNameServer] 212.2.96.53 212.2.96.54 Internet Explorer: ================== HKU\S-1-5-21-2505426920-1216122659-2116753120-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pl-pl/?ocid=iehp StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1441204139&z=0f52c1748fdfc879651f107g2zfz5g1o2e6zce9efg&from=face&uid=ST1000DM003-1ER162_Z4Y5CRQLXXXXZ4Y5CRQL FireFox: ======== FF ProfilePath: C:\Users\Oskar\AppData\Roaming\Mozilla\Firefox\Profiles\c8l8r4pn.default-1439758053601 FF NewTab: chrome://quick_start/content/index.html FF DefaultSearchEngine: istartsurf FF SelectedSearchEngine: istartsurf FF Homepage: google.pl FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB) FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-17] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-17] (NVIDIA Corporation) FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [2015-09-02] (globalUpdate) FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [2015-09-02] (globalUpdate) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.) FF SearchPlugin: C:\Users\Oskar\AppData\Roaming\Mozilla\Firefox\Profiles\c8l8r4pn.default-1439758053601\searchplugins\istartsurf.xml [2015-09-02] FF SearchPlugin: C:\Users\Oskar\AppData\Roaming\Mozilla\Firefox\Profiles\c8l8r4pn.default-1439758053601\searchplugins\mystartsearch.xml [2015-09-01] FF Extension: Default SearchProtected - C:\Users\Oskar\AppData\Roaming\Mozilla\Firefox\Profiles\c8l8r4pn.default-1439758053601\Extensions\defsearchp@gmail.com [2015-09-01] FF Extension: deskCut - C:\Users\Oskar\AppData\Roaming\Mozilla\Firefox\Profiles\c8l8r4pn.default-1439758053601\Extensions\deskCutv2@gmail.com [2015-09-01] FF Extension: Mini - Adblocker - C:\Users\Oskar\AppData\Roaming\Mozilla\Firefox\Profiles\c8l8r4pn.default-1439758053601\Extensions\kjvahutejrddder@__mvnirephhrw.com [2015-08-21] FF Extension: 15756614ffb8498bb961bce537ea94fe - C:\Users\Oskar\AppData\Roaming\Mozilla\Firefox\Profiles\c8l8r4pn.default-1439758053601\Extensions\{15756614-ffb8-498b-b961-bce537ea94fe} [2015-09-02] FF Extension: Adblock Plus - C:\Users\Oskar\AppData\Roaming\Mozilla\Firefox\Profiles\c8l8r4pn.default-1439758053601\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-08-30] FF HKLM-x32\...\Firefox\Extensions: [defsearchp@gmail.com] - C:\Users\Oskar\AppData\Roaming\Mozilla\Firefox\Profiles\c8l8r4pn.default-1439758053601\extensions\defsearchp@gmail.com FF HKLM-x32\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\Oskar\AppData\Roaming\Mozilla\Firefox\Profiles\c8l8r4pn.default-1439758053601\extensions\deskCutv2@gmail.com FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\prefs.js [2015-09-02] Chrome: ======= CHR Profile: C:\Users\Oskar\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Oskar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-02] CHR Extension: (Google Docs) - C:\Users\Oskar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-02] CHR Extension: (Google Drive) - C:\Users\Oskar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-02] CHR Extension: (YouTube) - C:\Users\Oskar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-02] CHR Extension: (Google Search) - C:\Users\Oskar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-01] CHR Extension: (Google Sheets) - C:\Users\Oskar\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-02] CHR Extension: (Chrome Web Store Payments) - C:\Users\Oskar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-02] CHR Extension: (Gmail) - C:\Users\Oskar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-02] ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S2 Cyfrowy Polsat E3276. RunOuc; C:\Program Files (x86)\Cyfrowy Polsat E3276\UpdateDog\ouc.exe [650240 2013-01-23] () [Brak podpisu cyfrowego] R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation) S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608 2015-09-02] (globalUpdate) [Brak podpisu cyfrowego] <==== UWAGA S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608 2015-09-02] (globalUpdate) [Brak podpisu cyfrowego] <==== UWAGA R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] () R2 jimocoso; C:\Program Files (x86)\00000000-1440931890-0000-0000-D8CB8A7719CA\jnsj646.tmp [227328 2015-08-30] () [Brak podpisu cyfrowego] R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD.) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation) S3 Origin Client Service; D:\Origin\OriginClientService.exe [2057736 2015-09-02] (Electronic Arts) R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-09-02] () R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-08-30] () R2 qizimoto; C:\Program Files (x86)\00000000-1440931890-0000-0000-D8CB8A7719CA\knse6B3B.tmp [1341952 2015-09-02] () [Brak podpisu cyfrowego] R2 SSFK; C:\Program Files (x86)\SFK\SSFK.exe [411648 2015-09-02] (TODO: <公司名>) [Brak podpisu cyfrowego] R2 totyseku; C:\Program Files (x86)\00000000-1440931890-0000-0000-D8CB8A7719CA\hnsu2859.tmp [137728 2015-08-30] () [Brak podpisu cyfrowego] R2 WdsManPro; C:\ProgramData\7WdsManPro7\WdsManPro.exe [709288 2015-09-02] (DTools LIMITED) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-05-15] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-07-30] (Disc Soft Ltd) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-24] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation) S0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2015-07-30] (Duplex Secure Ltd.) S3 SRS_SSCFilter; C:\Windows\System32\drivers\srs_sscfilter_amd64.sys [346992 2009-12-15] () S3 cpuz134; \??\C:\Users\Oskar\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X] S3 MSICDSetup; \??\E:\CDriver64.sys [X] S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X] S1 wsafd_1_10_0_19; system32\drivers\wsafd_1_10_0_19.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-09-02 20:56 - 2015-09-02 20:56 - 00015205 _____ C:\Users\Oskar\Downloads\FRST.txt 2015-09-02 20:54 - 2015-09-02 20:56 - 00000000 ____D C:\FRST 2015-09-02 20:54 - 2015-09-02 20:54 - 02188800 _____ (Farbar) C:\Users\Oskar\Downloads\FRST64.exe 2015-09-02 18:42 - 2015-09-02 18:42 - 00000000 ____D C:\Users\Oskar\AppData\Local\SRS Labs 2015-09-02 18:24 - 2015-09-02 18:24 - 00076152 _____ C:\Windows\system32\PnkBstrA.exe 2015-09-02 18:14 - 2015-09-02 18:14 - 00000000 ____D C:\Users\Oskar\AppData\Local\PunkBuster 2015-09-02 18:10 - 2015-09-02 18:10 - 00000000 ____D C:\Users\Oskar\AppData\Local\ESN 2015-09-02 18:09 - 2015-09-02 18:09 - 01640768 _____ C:\Users\Oskar\Downloads\battlelog-web-plugins_2.7.1_162 (3).exe 2015-09-02 18:08 - 2015-09-02 18:08 - 01640768 _____ C:\Users\Oskar\Downloads\battlelog-web-plugins_2.7.1_162 (2).exe 2015-09-02 18:06 - 2015-09-02 18:06 - 01640768 _____ C:\Users\Oskar\Downloads\battlelog-web-plugins_2.7.1_162 (1).exe 2015-09-02 18:04 - 2015-09-02 20:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-09-02 17:58 - 2015-09-02 17:58 - 00056272 _____ C:\Users\Oskar\AppData\Local\GDIPFONTCACHEV1.DAT 2015-09-02 17:45 - 2015-09-02 18:41 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins 2015-09-02 17:45 - 2015-09-02 17:45 - 01640768 _____ C:\Users\Oskar\Downloads\battlelog-web-plugins_2.7.1_162(1).exe 2015-09-02 17:40 - 2015-09-02 18:43 - 00001173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-09-02 17:40 - 2015-09-02 18:43 - 00001161 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2015-09-02 17:40 - 2015-09-02 17:44 - 00000000 ____D C:\Users\Oskar\AppData\Local\Mozilla 2015-09-02 16:51 - 2015-09-02 16:51 - 00000000 __SHD C:\Users\Oskar\AppData\Local\EmieUserList 2015-09-02 16:51 - 2015-09-02 16:51 - 00000000 __SHD C:\Users\Oskar\AppData\Local\EmieSiteList 2015-09-02 16:46 - 2015-09-02 20:46 - 00001018 _____ C:\Windows\Tasks\68XUS6xmXYyA01HMNGDAVql.job 2015-09-02 16:46 - 2015-09-02 20:46 - 00001002 _____ C:\Windows\Tasks\m0IMI5GXB1HuaJi.job 2015-09-02 16:46 - 2015-09-02 16:46 - 00004056 _____ C:\Windows\System32\Tasks\68XUS6xmXYyA01HMNGDAVql 2015-09-02 16:46 - 2015-09-02 16:46 - 00004040 _____ C:\Windows\System32\Tasks\m0IMI5GXB1HuaJi 2015-09-02 16:45 - 2015-09-02 16:45 - 00003960 _____ C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA 2015-09-02 16:44 - 2015-09-02 20:46 - 00000958 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job 2015-09-02 16:44 - 2015-09-02 16:49 - 00000962 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job 2015-09-02 16:44 - 2015-09-02 16:44 - 00003706 _____ C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore 2015-09-02 16:44 - 2015-09-02 16:44 - 00000000 ____D C:\Program Files (x86)\globalUpdate 2015-09-02 16:29 - 2015-09-02 16:30 - 00000000 ____D C:\ProgramData\7WdsManPro7 2015-09-02 16:28 - 2015-09-02 16:49 - 00000000 ____D C:\Users\Oskar\AppData\Local\SmartWeb 2015-09-02 16:28 - 2015-09-02 16:28 - 00004046 _____ C:\Windows\System32\Tasks\SmartWeb Upgrade Trigger Task 2015-09-02 16:18 - 2015-09-02 16:19 - 08427004 _____ C:\Users\Oskar\Downloads\SRS Audio Sandbox 1.10.2.0 + Crack.rar 2015-09-01 21:33 - 2015-09-02 18:44 - 00000000 ____D C:\Users\Oskar\AppData\Roaming\mystartsearch 2015-09-01 21:33 - 2015-09-01 21:33 - 00850728 _____ C:\Users\Oskar\Downloads\Taylor Swift - Wildest Dreams.mp3.crdownload 2015-09-01 17:46 - 2015-09-02 18:41 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP3.job 2015-09-01 17:46 - 2015-09-02 18:41 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP2.job 2015-09-01 17:46 - 2015-09-02 17:06 - 00000378 _____ C:\Windows\Tasks\APSnotifierPP1.job 2015-09-01 17:46 - 2015-09-02 16:46 - 00002828 _____ C:\Windows\System32\Tasks\APSnotifierPP1 2015-09-01 17:46 - 2015-09-02 16:46 - 00002826 _____ C:\Windows\System32\Tasks\APSnotifierPP3 2015-09-01 17:46 - 2015-09-02 16:46 - 00002826 _____ C:\Windows\System32\Tasks\APSnotifierPP2 2015-09-01 17:43 - 2015-09-02 20:46 - 00000000 ____D C:\Program Files (x86)\SFK 2015-09-01 17:42 - 2015-09-02 18:43 - 00000000 ____D C:\Users\Oskar\AppData\Roaming\istartsurf 2015-09-01 17:42 - 2015-09-01 17:42 - 00000000 __SHD C:\Users\Oskar\AppData\Roaming\AnyProtectEx 2015-09-01 17:42 - 2015-09-01 17:42 - 00000000 ____D C:\Program Files (x86)\predm 2015-09-01 16:12 - 2015-09-01 16:12 - 00000000 ____D C:\ProgramData\SWdsManProS 2015-09-01 15:30 - 2015-09-01 15:31 - 00000000 ____D C:\ProgramData\ZWdsManProZ 2015-09-01 15:00 - 2015-09-01 15:00 - 00040960 _____ (Benq Corporation) C:\Users\Oskar\Downloads\auto.exe 2015-09-01 15:00 - 2015-09-01 15:00 - 00040960 _____ (Benq Corporation) C:\Users\Oskar\Downloads\auto (1).exe 2015-09-01 14:49 - 2015-09-01 17:44 - 00000000 ____D C:\ProgramData\BWdsManProB 2015-09-01 14:48 - 2015-09-02 18:43 - 00001370 _____ C:\Users\Oskar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder.lnk 2015-09-01 14:48 - 2015-09-01 17:43 - 00000000 ____D C:\Users\Oskar\AppData\Roaming\WarThunder 2015-09-01 14:48 - 2015-09-01 14:48 - 00003546 _____ C:\Windows\System32\Tasks\WarThunder sun 2015-09-01 14:48 - 2015-09-01 14:48 - 00003546 _____ C:\Windows\System32\Tasks\WarThunder sat 2015-09-01 14:40 - 2015-09-02 20:46 - 00000988 _____ C:\Windows\Tasks\hx2l1QDJ.job 2015-09-01 14:40 - 2015-09-02 20:46 - 00000986 _____ C:\Windows\Tasks\XOgRRQc.job 2015-09-01 14:40 - 2015-09-01 14:40 - 00004026 _____ C:\Windows\System32\Tasks\hx2l1QDJ 2015-09-01 14:40 - 2015-09-01 14:40 - 00004024 _____ C:\Windows\System32\Tasks\XOgRRQc 2015-09-01 14:39 - 2015-09-01 14:39 - 00000000 ____D C:\Program Files (x86)\aacd5a02-d834-41c1-a45d-ae9d06d0d37d 2015-09-01 14:37 - 2015-09-01 14:37 - 00000000 ____D C:\ProgramData\iWdsManProi 2015-08-30 22:03 - 2015-09-02 20:46 - 00001024 _____ C:\Windows\Tasks\Tlvhzk07T0BX8uGETTTheDhqyJ.job 2015-08-30 22:03 - 2015-09-02 20:46 - 00001024 _____ C:\Windows\Tasks\QOJ68PnLfAZp3YqZRoxGXW2hRT.job 2015-08-30 22:03 - 2015-09-01 16:13 - 00000000 ____D C:\AdwCleaner 2015-08-30 22:03 - 2015-08-30 22:04 - 00004062 _____ C:\Windows\System32\Tasks\Tlvhzk07T0BX8uGETTTheDhqyJ 2015-08-30 22:03 - 2015-08-30 22:03 - 01605632 _____ C:\Users\Oskar\Downloads\AdwCleaner.pl 5.003.exe 2015-08-30 22:03 - 2015-08-30 22:03 - 00004062 _____ C:\Windows\System32\Tasks\QOJ68PnLfAZp3YqZRoxGXW2hRT 2015-08-30 22:03 - 2015-08-30 22:03 - 00000000 ____D C:\Program Files (x86)\5cb735eb-ce8a-488f-b0c0-2f8e2ba62278 2015-08-30 21:57 - 2015-08-31 10:25 - 00000000 ____D C:\ProgramData\gWdsManProg 2015-08-30 21:16 - 2015-09-02 18:45 - 00000000 ____D C:\Program Files (x86)\0890524a-9bb9-472a-8fcf-986abf7b3d79 2015-08-30 21:16 - 2015-08-30 21:16 - 01640768 _____ C:\Users\Oskar\Downloads\battlelog-web-plugins_2.7.1_162.exe 2015-08-30 21:12 - 2015-08-30 21:12 - 00000000 ____D C:\ProgramData\UWdsManProU 2015-08-30 21:09 - 2015-09-02 18:43 - 00002275 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-08-30 21:09 - 2015-09-01 15:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-08-30 21:09 - 2015-08-30 21:09 - 00000000 ____D C:\Users\Oskar\AppData\Local\Google 2015-08-30 21:04 - 2015-09-02 20:46 - 00001042 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-08-30 21:04 - 2015-09-02 18:09 - 00001046 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-08-30 21:04 - 2015-08-30 21:09 - 00000000 ____D C:\Program Files (x86)\Google 2015-08-30 21:04 - 2015-08-30 21:04 - 00929360 _____ (Google Inc.) C:\Users\Oskar\Downloads\ChromeSetup.exe 2015-08-30 21:04 - 2015-08-30 21:04 - 00004042 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-08-30 21:04 - 2015-08-30 21:04 - 00003790 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-08-30 21:01 - 2015-09-02 18:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-08-30 17:17 - 2015-08-30 17:17 - 00000000 ____D C:\Users\Oskar\Documents\Battlefield 4 2015-08-30 17:15 - 2015-08-30 17:15 - 01640768 _____ C:\Users\Oskar\Desktop\battlelog-web-plugins_2.7.1_162.exe 2015-08-30 17:14 - 2015-09-02 18:48 - 00226168 _____ C:\Windows\SysWOW64\PnkBstrB.exe 2015-08-30 17:14 - 2015-08-30 17:14 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe 2015-08-30 13:52 - 2015-08-30 13:52 - 00000000 ____D C:\Users\Oskar\AppData\Roaming\Macromedia 2015-08-30 13:50 - 2015-08-30 13:50 - 00000000 ____D C:\Windows\SysWOW64\Flash 2015-08-30 13:39 - 2015-08-30 13:40 - 00000000 ____D C:\ProgramData\8WdsManPro8 2015-08-30 13:18 - 2015-09-02 20:46 - 00001026 _____ C:\Windows\Tasks\woAVvW3ebAEHc0kZmEbU2rCxBMf.job 2015-08-30 13:18 - 2015-08-30 13:18 - 00004064 _____ C:\Windows\System32\Tasks\woAVvW3ebAEHc0kZmEbU2rCxBMf 2015-08-30 13:03 - 2015-09-01 16:11 - 00000434 _____ C:\task.vbs 2015-08-30 13:01 - 2015-08-30 13:01 - 00159144 _____ (Microsoft Corporation) C:\Users\Oskar\Downloads\WindowsActivationUpdate.exe 2015-08-30 13:01 - 2015-08-30 13:01 - 00000000 ____D C:\ProgramData\5WdsManPro5 2015-08-30 13:01 - 2015-08-30 13:01 - 00000000 ____D C:\Program Files (x86)\baidu 2015-08-30 12:55 - 2015-08-30 12:55 - 00003158 _____ C:\Windows\System32\Tasks\{7FA17890-9A80-41BC-8090-2C293F601561} 2015-08-30 12:53 - 2015-09-02 18:42 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7 2015-08-30 12:52 - 2009-06-10 23:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hp.bak 2015-08-30 12:51 - 2015-09-02 17:58 - 00000000 ____D C:\Program Files (x86)\00000000-1440931890-0000-0000-D8CB8A7719CA 2015-08-30 12:50 - 2015-08-30 12:50 - 00000000 ____D C:\Users\Oskar\AppData\Roaming\Opera Software 2015-08-30 12:47 - 2015-09-02 16:29 - 00000102 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat 2015-08-30 12:47 - 2015-08-30 13:03 - 00000000 ____D C:\ProgramData\update 2015-08-30 12:47 - 2015-08-30 12:55 - 00000000 ____D C:\Program Files (x86)\Opera 2015-08-30 12:47 - 2015-08-30 12:48 - 00000000 ____D C:\ProgramData\FWdsManProF 2015-08-30 11:59 - 2015-08-30 11:59 - 00000000 ____D C:\Users\Oskar\AppData\Roaming\Milestone 2015-08-30 11:58 - 2015-08-30 11:58 - 00001994 _____ C:\Users\Public\Desktop\Zagraj w MotoGP14.lnk 2015-08-30 11:58 - 2015-08-30 11:58 - 00000000 ____D C:\ProgramData\Solidshield 2015-08-30 10:46 - 2015-08-30 10:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Milestone S.r.l 2015-08-30 10:46 - 2015-08-30 10:46 - 00000000 ____D C:\Program Files (x86)\Milestone 2015-08-30 10:37 - 2015-08-30 15:51 - 00000865 _____ C:\Users\Public\Desktop\Battlefield 4.lnk 2015-08-30 10:37 - 2015-08-30 15:51 - 00000849 _____ C:\Users\Public\Desktop\Battlefield 4(64 bit).lnk 2015-08-30 10:37 - 2015-08-30 10:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4 2015-08-30 10:30 - 2015-08-30 21:15 - 00000000 ____D C:\Users\Oskar\AppData\Roaming\Pointstone 2015-08-30 10:30 - 2015-08-30 10:30 - 00000000 ____D C:\Windows\System32\Tasks\Pointstone 2015-08-29 17:37 - 2015-08-29 17:37 - 00130026 _____ C:\Windows\DPINST.LOG 2015-08-28 11:11 - 2015-08-28 15:42 - 00000000 ____D C:\Users\Oskar\AppData\Roaming\Origin 2015-08-28 11:10 - 2015-09-02 18:42 - 00000000 ____D C:\Users\Oskar\AppData\Local\Origin 2015-08-28 10:57 - 2015-09-02 20:46 - 00000000 ____D C:\ProgramData\Origin 2015-08-28 10:57 - 2015-08-30 16:46 - 00000000 ____D C:\ProgramData\Electronic Arts 2015-08-28 10:57 - 2015-08-28 10:57 - 00000524 _____ C:\Users\Public\Desktop\Origin.lnk 2015-08-28 10:57 - 2015-08-28 10:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin 2015-08-14 21:45 - 2015-07-03 06:28 - 00065896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2015-08-14 21:45 - 2015-07-03 06:28 - 00047976 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2015-08-14 20:52 - 2015-08-14 20:52 - 00061328 _____ (PhraseProfessor) C:\Windows\system32\Drivers\ppfd_vt_1_10_0_22.sys 2015-08-14 20:52 - 2015-08-14 20:52 - 00057744 _____ (PhraseProfessor) C:\Windows\system32\Drivers\ppfd_vw_1_10_0_22.sys 2015-08-10 15:26 - 2015-08-26 23:13 - 00000000 ____D C:\Users\Oskar\AppData\Roaming\TS3Client 2015-08-10 15:26 - 2015-08-10 15:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client 2015-08-10 15:23 - 2015-08-10 15:25 - 31071896 _____ (TeamSpeak Systems GmbH) C:\Users\Oskar\Downloads\TeamSpeak3-Client-win64-3.0.17.exe 2015-08-09 16:58 - 2015-08-09 16:58 - 00000079 _____ C:\Program Files (x86)\prefs.js 2015-08-09 16:58 - 2015-08-09 16:58 - 00000000 ____D C:\Program Files (x86)\new metroTab 2015-08-09 11:34 - 2015-08-11 21:26 - 00000000 ____D C:\Users\Oskar\AppData\Roaming\Winamp 2015-08-09 11:34 - 2015-08-09 11:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp 2015-08-09 11:26 - 2015-08-09 11:26 - 00000000 ____D C:\ProgramData\SRS Labs 2015-08-09 11:25 - 2009-12-15 14:41 - 00346992 _____ C:\Windows\system32\Drivers\SRS_SSCFilter_amd64.sys 2015-08-09 11:21 - 2015-08-09 11:21 - 00000000 ____D C:\Program Files (x86)\Website Blocker Beta 2015-08-09 11:19 - 2015-08-16 22:45 - 00000000 ____D C:\ProgramData\15292328255022779719 2015-08-09 11:18 - 2015-09-02 17:18 - 00000364 _____ C:\Windows\Tasks\EasyReduce.job 2015-08-09 11:18 - 2015-08-09 11:18 - 00003276 _____ C:\Windows\System32\Tasks\EasyReduce 2015-08-05 18:41 - 2015-09-01 15:41 - 00000080 _____ C:\Users\Oskar\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦 2015-08-05 18:40 - 2015-08-05 18:47 - 00000000 ____D C:\Users\Oskar\Documents\Rockstar Games 2015-08-05 18:39 - 2015-08-20 21:51 - 00000000 ____D C:\Program Files\Rockstar Games 2015-08-05 18:39 - 2015-08-20 21:51 - 00000000 ____D C:\Program Files (x86)\Rockstar Games 2015-08-05 18:30 - 2015-08-05 18:30 - 00000615 _____ C:\Users\Oskar\Desktop\GTA Online.lnk 2015-08-05 18:30 - 2015-08-05 18:30 - 00000571 _____ C:\Users\Public\Desktop\Grand Theft Auto V.lnk 2015-08-05 18:30 - 2015-08-05 18:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games 2015-08-04 17:13 - 2015-08-04 17:13 - 00000000 ____D C:\ProgramData\Steam 2015-08-04 17:12 - 2015-08-04 17:12 - 00000534 _____ C:\Users\Public\Desktop\F1 2014.lnk 2015-08-04 17:12 - 2015-08-04 17:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\F1 2014 2015-08-03 17:13 - 2015-08-03 17:13 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf 2015-08-03 17:13 - 2015-08-03 17:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories 2015-08-03 17:13 - 2015-08-03 17:13 - 00000000 ____D C:\Program Files\Microsoft Xbox 360 Accessories 2015-08-03 17:12 - 2015-08-03 17:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2015-08-03 16:34 - 2015-08-03 16:34 - 00000787 _____ C:\Users\Oskar\Desktop\GRID.lnk 2015-08-03 15:39 - 2015-08-30 10:50 - 00000000 ____D C:\Windows\system32\appmgmt 2015-08-03 15:38 - 2015-08-03 15:38 - 00000000 ____D C:\Users\Oskar\Documents\NFS SHIFT ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-09-02 20:53 - 2009-07-14 06:45 - 00039376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-09-02 20:53 - 2009-07-14 06:45 - 00039376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-09-02 20:51 - 2011-04-12 15:21 - 00739694 _____ C:\Windows\system32\perfh015.dat 2015-09-02 20:51 - 2011-04-12 15:21 - 00155268 _____ C:\Windows\system32\perfc015.dat 2015-09-02 20:51 - 2009-07-14 07:13 - 01668226 _____ C:\Windows\system32\PerfStringBackup.INI 2015-09-02 20:49 - 2015-07-30 17:30 - 00421880 _____ C:\Windows\WindowsUpdate.log 2015-09-02 20:46 - 2015-07-30 17:50 - 00000000 ____D C:\ProgramData\NVIDIA 2015-09-02 20:46 - 2014-05-16 16:46 - 00050452 _____ C:\Windows\setupact.log 2015-09-02 20:46 - 2010-11-21 05:47 - 00905400 _____ C:\Windows\PFRO.log 2015-09-02 20:46 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-09-02 18:43 - 2015-07-30 17:33 - 00001437 _____ C:\Users\Oskar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-09-02 18:42 - 2015-07-30 17:52 - 00000000 ____D C:\Users\Oskar\AppData\Local\NVIDIA Corporation 2015-09-02 18:24 - 2015-07-30 21:23 - 00226168 _____ C:\Windows\SysWOW64\PnkBstrB.ex0 2015-09-02 15:28 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD 2015-09-01 21:05 - 2009-07-14 06:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2015-09-01 14:52 - 2010-11-21 04:50 - 00000000 ____D C:\Users\Administrator 2015-09-01 14:44 - 2015-07-30 17:52 - 00000000 ____D C:\Users\Oskar\AppData\Local\NVIDIA 2015-09-01 14:31 - 2015-07-30 17:36 - 00000000 ____D C:\ProgramData\Package Cache 2015-08-31 12:51 - 2009-07-14 07:08 - 00032520 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2015-08-31 10:41 - 2015-07-30 21:00 - 00000000 ____D C:\Users\Oskar\Desktop\moje 2015-08-30 21:23 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\System 2015-08-30 17:14 - 2014-05-16 15:38 - 00443265 _____ C:\Windows\DirectX.log 2015-08-30 12:56 - 2009-07-14 05:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy 2015-08-30 12:56 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy 2015-08-30 12:53 - 2015-07-31 21:57 - 00000000 ____D C:\Users\Oskar\AppData\Roaming\NVIDIA 2015-08-30 10:51 - 2009-07-14 06:45 - 00246344 _____ C:\Windows\system32\FNTCACHE.DAT 2015-08-30 10:46 - 2015-07-30 17:37 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2015-08-30 10:37 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-08-28 10:56 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared 2015-08-14 21:46 - 2015-07-30 17:51 - 00001391 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2015-08-14 21:46 - 2015-07-30 17:49 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2015-08-03 18:31 - 2015-08-02 21:19 - 00000000 ____D C:\ProgramData\Codemasters 2015-08-03 18:31 - 2015-07-30 22:08 - 00000000 ____D C:\Users\Oskar\Documents\My Games 2015-08-03 17:42 - 2015-07-30 17:40 - 00000000 ____D C:\ProgramData\Norton ==================== Pliki w katalogu głównym wybranych folderów ======= 2015-08-09 16:58 - 2015-08-09 16:58 - 0000079 _____ () C:\Program Files (x86)\prefs.js 2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Oskar\AppData\Roaming\68XUS6xmXYyA01HMNGDAVql 2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Oskar\AppData\Roaming\68XUS6xmXYyA01HMNGDAVql.exe 2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\Oskar\AppData\Roaming\hx2l1QDJ 2015-04-20 16:05 - 2015-04-20 16:05 - 1246720 _____ () C:\Users\Oskar\AppData\Roaming\hx2l1QDJ.exe 2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\Oskar\AppData\Roaming\m0IMI5GXB1HuaJi 2015-04-20 16:05 - 2015-04-20 16:05 - 1246720 _____ () C:\Users\Oskar\AppData\Roaming\m0IMI5GXB1HuaJi.exe 2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Oskar\AppData\Roaming\QOJ68PnLfAZp3YqZRoxGXW2hRT 2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Oskar\AppData\Roaming\QOJ68PnLfAZp3YqZRoxGXW2hRT.exe 2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\Oskar\AppData\Roaming\Tlvhzk07T0BX8uGETTTheDhqyJ 2015-04-20 16:05 - 2015-04-20 16:05 - 1246720 _____ () C:\Users\Oskar\AppData\Roaming\Tlvhzk07T0BX8uGETTTheDhqyJ.exe 2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\Oskar\AppData\Roaming\woAVvW3ebAEHc0kZmEbU2rCxBMf 2015-04-20 16:05 - 2015-04-20 16:05 - 1246720 _____ () C:\Users\Oskar\AppData\Roaming\woAVvW3ebAEHc0kZmEbU2rCxBMf.exe 2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Oskar\AppData\Roaming\XOgRRQc 2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Oskar\AppData\Roaming\XOgRRQc.exe 2015-07-30 17:39 - 2015-07-30 17:39 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2015-08-30 12:47 - 2015-09-02 16:29 - 0000102 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat Pliki do przeniesienia lub usunięcia: ==================== C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat Niektóre pliki w TEMP: ==================== C:\Users\Oskar\AppData\Local\Temp\beebcagbca.exe C:\Users\Oskar\AppData\Local\Temp\mytmpinstaller.exe ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2015-08-05 19:30 ==================== Koniec FRST.txt ============================