Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 17.01.2018 01 Uruchomiony przez Michał (administrator) MICHAŁ-PC (21-01-2018 00:00:10) Uruchomiony z C:\Users\Michał\Desktop Załadowane profile: Michał (Dostępne profile: Michał) Platform: Windows 7 Ultimate Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (France Telecom SA) C:\Program Files (x86)\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe (Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Greenshot) C:\Program Files\Greenshot\Greenshot.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Spotify Ltd) C:\Users\Michał\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (France Telecom SA) C:\Program Files (x86)\CardDetector\HUAWEI1752_1552\CardDetector.exe (Microsoft Corporation) C:\Windows\System32\wscript.exe () C:\ProgramData\Config\csrs.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (TeamSpeak Systems GmbH) C:\Users\Michał\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09] (Greenshot) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation) HKLM-x32\...\Run: [CardDetectorHUAWEI1752_1552] => C:\Program Files (x86)\CardDetector\HUAWEI1752_1552\CardDetector.exe [282624 2009-10-14] (France Telecom SA) HKLM-x32\...\Run: [BEWINTERNET-PL-IEWSessionManager] => C:\Program Files (x86)\OrangeBS\BEWInternet-PL-IEW\SessionManager\SessionManager.exe [140016 2009-10-14] (France Telecom SA) HKU\S-1-5-21-1243637060-2214973017-837352300-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3111712 2017-12-15] (Valve Corporation) HKU\S-1-5-21-1243637060-2214973017-837352300-1000\...\Run: [Spotify Web Helper] => C:\Users\Michał\AppData\Roaming\Spotify\SpotifyWebHelper.exe [780688 2018-01-16] (Spotify Ltd) HKU\S-1-5-21-1243637060-2214973017-837352300-1000\...\MountPoints2: {45380e93-e970-11e7-81c9-f89ba3fd8c92} - J:\HiSuiteDownLoader.exe HKU\S-1-5-21-1243637060-2214973017-837352300-1000\...\MountPoints2: {69c992a3-fc5f-11e7-b559-8f368c5ba59a} - J:\MicroLauncher.exe Startup: C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\svchost.lnk [2017-11-08] ShortcutTarget: svchost.lnk -> C:\ProgramData\Config\svchost.vbs () ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.43.1 Tcpip\..\Interfaces\{C21D85E9-C025-4918-8719-19A8C6A764AE}: [DhcpNameServer] 192.168.43.1 Internet Explorer: ================== SearchScopes: HKU\S-1-5-21-1243637060-2214973017-837352300-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-12-22] (Oracle Corporation) FireFox: ======== FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-12-22] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_151\bin\new_plugin\npjp2.dll [Brak pliku] FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-12-22] (Oracle Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-12-05] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-12-05] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.) Chrome: ======= CHR StartupUrls: Default -> "hxxp://google.com/","hxxp://facebook.com/","hxxp://youtube.com/" CHR Profile: C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default [2018-01-21] CHR Extension: (Prezentacje) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-07] CHR Extension: (Dokumenty) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-07] CHR Extension: (Dysk Google) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-07] CHR Extension: (YouTube) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-07] CHR Extension: (Steam Inventory Helper) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2018-01-16] CHR Extension: (Free Rider HD) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\emikpifndnjfkgofoglceekhkbaicbde [2017-11-07] CHR Extension: (Arkusze) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-07] CHR Extension: (Stylish - Custom themes for any website) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2018-01-17] CHR Extension: (Dokumenty Google offline) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-11-07] CHR Extension: (AdBlock) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-12-07] CHR Extension: (Auto Refresh) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifooldnmmcmlbdennkpdnlnbgbmfalko [2017-12-19] CHR Extension: (Google Play) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2017-11-07] CHR Extension: (BMX Games) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcfhmpchhijkggnhapijdjokpibogjda [2017-11-07] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-11-07] CHR Extension: (Gmail) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-07] CHR Extension: (Chrome Media Router) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-14] CHR HKLM-x32\...\Chrome\Extension: [ccjleegmemocfpghkhpjmiccjcacackp] - hxxps://clients2.google.com/service/update2/crx ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1494024 2017-11-16] () S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [526888 2017-11-08] (EasyAntiCheat Ltd) R2 FTRTSVC; C:\Program Files (x86)\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [90112 2009-10-14] (France Telecom SA) [Brak podpisu cyfrowego] U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-09-19] (Hi-Rez Studios) [Brak podpisu cyfrowego] R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518264 2017-10-27] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518264 2017-10-27] (NVIDIA Corporation) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2017-12-05] () R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2016-04-19] (Microsoft Corporation) S2 0226111513519648mcinstcleanup; C:\Users\MICHA~1\AppData\Local\Temp\022611~1.EXE -cleanup -nolog [X] <==== UWAGA R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-10-27] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50808 2017-10-27] (NVIDIA Corporation) R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2017-12-05] (NVIDIA Corporation) S3 ALSysIO; \??\C:\Users\MICHA~1\AppData\Local\Temp\ALSysIO64.sys [X] <==== UWAGA S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2018-01-21 00:00 - 2018-01-21 00:00 - 000012450 _____ C:\Users\Michał\Desktop\FRST.txt 2018-01-21 00:00 - 2018-01-21 00:00 - 000000000 ____D C:\FRST 2018-01-20 23:59 - 2018-01-20 23:59 - 002393088 _____ (Farbar) C:\Users\Michał\Desktop\FRST64.exe 2018-01-20 23:58 - 2018-01-20 23:58 - 000002206 _____ C:\Users\Michał\Desktop\n.txt 2018-01-18 21:24 - 2018-01-18 21:24 - 000002367 _____ C:\Users\Public\Desktop\Orange Free.lnk 2018-01-18 21:24 - 2018-01-18 21:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orange 2018-01-18 21:23 - 2018-01-18 21:23 - 000000000 ____D C:\Program Files (x86)\OrangeBS 2018-01-18 21:23 - 2018-01-18 21:23 - 000000000 ____D C:\Program Files (x86)\CardDetector 2018-01-18 21:23 - 2009-08-04 12:04 - 000116864 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbmdm.sys 2018-01-18 21:23 - 2009-08-04 12:04 - 000116224 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbfake.sys 2018-01-18 21:23 - 2009-08-04 11:04 - 001060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71.dll 2018-01-18 21:23 - 2009-08-04 11:04 - 000089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atl71.dll 2018-01-16 12:48 - 2018-01-16 12:48 - 000000000 ____D C:\Users\Michał\AppData\Local\Eric_Zhang 2018-01-15 19:37 - 2018-01-15 19:37 - 005099176 _____ (techPowerUp (www.techpowerup.com)) C:\Users\Michał\Desktop\GPU-Z.2.5.0.exe 2018-01-15 19:35 - 2018-01-18 19:07 - 000000000 ____D C:\Program Files\Core Temp 2018-01-12 23:15 - 2018-01-15 22:25 - 000000000 ____D C:\Users\Michał\AppData\LocalLow\uTorrent 2018-01-11 11:39 - 2018-01-11 11:48 - 000000000 ____D C:\Users\Michał\Documents\GTA Vice City User Files 2018-01-11 11:39 - 2018-01-11 11:39 - 000000622 _____ C:\Users\Michał\Desktop\Grand Theft Auto 3.lnk 2018-01-10 21:22 - 2018-01-10 21:22 - 000000222 _____ C:\Users\Michał\Desktop\Grand Theft Auto Vice City.url 2018-01-10 20:51 - 2018-01-10 20:51 - 000000000 ____D C:\Users\Michał\AppData\Local\Camelot_Crawl 2018-01-08 00:22 - 2018-01-08 00:22 - 004750004 _____ C:\Users\Michał\Documents\clip0001.avi 2018-01-03 21:56 - 2018-01-03 21:56 - 000000000 ____D C:\Program Files (x86)\directx 2018-01-03 21:45 - 2018-01-10 22:11 - 000000000 ____D C:\Users\Michał\Documents\GTA3 User Files 2018-01-03 21:43 - 2018-01-03 21:43 - 002344540 _____ C:\Users\Michał\Downloads\GTA_3_-_spolszczenie[www.instalki.pl].zip 2018-01-03 21:36 - 2018-01-03 21:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games 2018-01-02 22:54 - 2018-01-02 22:54 - 000002533 _____ C:\Users\Michał\AppData\Local\recently-used.xbel 2018-01-02 19:42 - 2018-01-02 19:42 - 000000000 ____D C:\Users\Michał\AppData\Local\GameAnalytics 2018-01-02 16:14 - 2018-01-02 16:14 - 000405864 _____ C:\Windows\Minidump\010218-13057-01.dmp 2017-12-31 02:21 - 2017-12-31 02:30 - 000190796 _____ C:\Windows\ntbtlog.txt 2017-12-28 20:57 - 2017-12-31 17:14 - 000000000 ____D C:\Users\Michał\Documents\TrackMania 2017-12-28 20:33 - 2017-12-28 20:33 - 000000221 _____ C:\Users\Michał\Desktop\TrackMania Nations Forever.url 2017-12-28 19:09 - 2017-12-28 19:09 - 000405824 _____ C:\Windows\Minidump\122817-11653-01.dmp 2017-12-28 18:39 - 2017-12-28 18:39 - 000405808 _____ C:\Windows\Minidump\122817-13135-01.dmp 2017-12-28 01:51 - 2018-01-09 22:20 - 000000000 ____D C:\Users\Michał\AppData\Local\GamerHash 2017-12-26 23:13 - 2017-12-26 23:13 - 000000000 ____D C:\Users\MichaGLCache\d46496b3f60470a1901544908c1a73c9 2017-12-22 18:18 - 2017-12-22 18:18 - 000110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2017-12-22 18:18 - 2017-12-22 18:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2018-01-20 23:41 - 2017-11-07 17:03 - 000000000 ____D C:\Users\Michał\AppData\Roaming\TS3Client 2018-01-20 22:25 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\tracing 2018-01-20 21:13 - 2017-11-07 19:53 - 000000000 ____D C:\Program Files (x86)\Steam 2018-01-20 20:02 - 2009-07-14 05:45 - 000026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2018-01-20 20:02 - 2009-07-14 05:45 - 000026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2018-01-20 19:54 - 2017-11-08 14:10 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios 2018-01-20 19:54 - 2017-11-07 16:45 - 000000000 ____D C:\ProgramData\NVIDIA 2018-01-20 19:53 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2018-01-20 14:40 - 2017-11-07 21:12 - 000000000 ____D C:\Users\Michał\AppData\Roaming\Spotify 2018-01-20 12:38 - 2017-11-07 21:18 - 000000000 ____D C:\Users\Michał\AppData\Local\Spotify 2018-01-19 18:10 - 2017-11-07 21:00 - 000000000 ____D C:\Users\Michał\AppData\Local\CrashDumps 2018-01-19 07:13 - 2011-02-04 18:55 - 000739694 _____ C:\Windows\system32\perfh015.dat 2018-01-19 07:13 - 2011-02-04 18:55 - 000155268 _____ C:\Windows\system32\perfc015.dat 2018-01-19 07:13 - 2009-07-14 06:13 - 001668226 _____ C:\Windows\system32\PerfStringBackup.INI 2018-01-19 07:13 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf 2018-01-18 22:38 - 2017-11-17 06:21 - 000000008 __RSH C:\ProgramData\ntuser.pol 2018-01-18 21:54 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\ModemLogs 2018-01-18 19:07 - 2017-11-07 06:46 - 000000000 ____D C:\Users\Michał 2018-01-16 14:38 - 2017-11-08 07:53 - 000000000 ____D C:\Users\Michał\Desktop\Originals 2018-01-16 12:47 - 2017-11-07 21:03 - 000000000 ___RD C:\Users\Michał\Desktop\Aplikacje 2018-01-16 01:36 - 2017-11-16 20:32 - 000000000 ____D C:\Users\Michał\AppData\Roaming\uTorrent 2018-01-15 15:17 - 2017-11-08 07:53 - 000000000 ____D C:\Users\Michał\AppData\Roaming\PhotoScape 2018-01-14 19:38 - 2017-12-13 21:55 - 000000163 _____ C:\Users\Michał\Documents\ClownfishForTeamspeak.ini 2018-01-13 15:35 - 2017-12-12 16:41 - 000000000 ____D C:\Fraps 2018-01-13 15:34 - 2017-11-09 08:17 - 000000000 ____D C:\Program Files (x86)\Audacity 2018-01-12 13:57 - 2017-12-09 21:01 - 000000000 ____D C:\Users\Michał\AppData\Roaming\.minecraft 2018-01-11 12:54 - 2017-11-07 17:02 - 000000000 ____D C:\Users\Michał\AppData\Local\TeamSpeak 3 Client 2018-01-11 11:39 - 2017-12-11 14:11 - 000000000 ____D C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2018-01-10 21:22 - 2017-11-08 07:50 - 000000000 ____D C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2018-01-10 20:48 - 2017-12-20 17:20 - 000000000 ___HD C:\Windows\msdownld.tmp 2018-01-10 20:48 - 2017-12-20 17:20 - 000000000 ____D C:\Windows\SysWOW64\directx 2018-01-06 15:31 - 2017-11-07 16:11 - 000002201 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-01-04 00:33 - 2017-12-11 14:11 - 000000000 ____D C:\Users\Michał\Documents\GTA San Andreas User Files 2018-01-03 21:44 - 2017-11-07 07:06 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2018-01-03 21:36 - 2017-12-08 17:30 - 000000000 ____D C:\Program Files (x86)\Rockstar Games 2018-01-03 07:30 - 2009-07-14 06:08 - 000032520 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2018-01-02 23:06 - 2017-11-11 15:50 - 000000000 ____D C:\Users\Michał\.gimp-2.8 2018-01-02 22:54 - 2017-11-16 20:17 - 000000000 ____D C:\Users\Michał\AppData\Local\gtk-2.0 2018-01-02 16:14 - 2017-11-07 16:29 - 000000000 ____D C:\Windows\Minidump 2018-01-02 16:14 - 2017-11-07 16:28 - 413059688 _____ C:\Windows\MEMORY.DMP 2018-01-01 19:40 - 2017-11-07 20:53 - 000000000 ___RD C:\Users\Michał\Desktop\Gry 2017-12-29 16:36 - 2017-11-07 16:54 - 000000000 ____D C:\Users\Michał\AppData\Local\Greenshot 2017-12-26 23:13 - 2017-11-22 23:42 - 000000000 ____D C:\Users\MichaGLCache 2017-12-24 15:16 - 2017-12-15 18:51 - 000000000 ____D C:\Users\Michał\AppData\Roaming\FileZilla 2017-12-24 14:04 - 2017-12-15 18:51 - 000000000 ____D C:\Users\Michał\AppData\Local\FileZilla 2017-12-23 23:30 - 2017-11-09 14:00 - 000000000 ____D C:\Users\Michał\AppData\Roaming\audacity 2017-12-22 18:19 - 2017-12-17 17:37 - 000000000 ____D C:\Program Files\Java 2017-12-22 18:18 - 2017-12-17 17:37 - 000319552 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe ==================== Pliki w katalogu głównym wybranych folderów ======= 2018-01-02 22:54 - 2018-01-02 22:54 - 000002533 _____ () C:\Users\Michał\AppData\Local\recently-used.xbel Niektóre pliki w TEMP: ==================== 2017-12-20 16:24 - 2017-12-20 16:25 - 000875628 _____ () C:\Users\Michał\AppData\Local\Temp\avast_loader_2_build577.exe 2017-11-30 18:31 - 2017-11-16 12:31 - 000966200 _____ (BlueStack Systems, Inc.) C:\Users\Michał\AppData\Local\Temp\BlueStacksClientUninstaller.exe 2017-12-05 23:36 - 2017-12-05 23:36 - 001519151 _____ ( ) C:\Users\Michał\AppData\Local\Temp\ICReinstall_Cockos REAPER 5.15 (x86x64) Portable Keygen.rar_VjdZbY_3290621486.exe 2017-11-09 08:21 - 2017-11-09 08:21 - 001625840 _____ ( ) C:\Users\Michał\AppData\Local\Temp\ICReinstall_Notepad-12986-AsystentPobierania.exe 2017-11-09 08:30 - 2017-11-09 08:30 - 001667213 _____ (Feticage ) C:\Users\Michał\AppData\Local\Temp\ICReinstall_pobierz_Notepad++_32-bit_wersja_stabilna_V7.5.1_1884278328.exe 2017-11-30 18:31 - 2017-11-16 12:30 - 000421400 _____ (CodeTitans) C:\Users\Michał\AppData\Local\Temp\JSON.dll 2017-12-10 17:19 - 2017-10-27 17:06 - 000370296 _____ (NVIDIA Corporation) C:\Users\Michał\AppData\Local\Temp\nvStInst.exe 2017-12-20 16:24 - 2017-12-20 16:25 - 001264144 _____ (Opera Software) C:\Users\Michał\AppData\Local\Temp\Opera_Installer.exe 2017-11-08 18:52 - 2017-11-08 18:52 - 002038445 ___SH () C:\Users\Michał\AppData\Local\Temp\processor4.exe ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo