Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-02-2020 Ran by Wojtron (administrator) on WOJTRON-PC (01-03-2020 11:47:02) Running from C:\Users\Wojtron\Desktop\new69\mojelogi Loaded Profiles: Wojtron & MSSQLSERVER (Available Profiles: Wojtron & MSSQLSERVER) Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Angielski (Stany Zjednoczone) Internet Explorer Version 8 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Electronic Arts, Inc. -> Electronic Arts) D:\Origin\OriginWebHelperService.exe (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation -> Microsoft Corporation) D:\Programy\MS Office\Office14\WINWORD.EXE (Microsoft Corporation -> Microsoft Corporation) D:\serwery\SQL2012\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlservr.exe (Mozilla Corporation -> Mozilla Corporation) D:\Programy\ff\Mozilla Firefox\firefox.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\ASUS\USB-N10 WLAN Card Utilities\RtlService.exe (Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.20.1.69\NortonSecurity.exe (Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.20.1.69\NortonSecurity.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13636824 2013-07-26] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM-x32\...\Run: [LeagueDisplays] => C:\Riot Games\LeagueDisplays\assistant\LeagueDisplaysAssistant.exe [406016 2018-01-31] () [File not signed] HKLM-x32\...\Run: [] => [X] HKU\S-1-5-21-922897428-1530232081-1820824115-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd -> Disc Soft Ltd) HKU\S-1-5-21-922897428-1530232081-1820824115-1000\...\Run: [HP DeskJet 5000 (NET)] => C:\Program Files\HP\HP DeskJet 5000 series\Bin\ScanToPCActivationApp.exe [4064160 2019-03-18] (HP Inc -> HP Inc.) HKU\S-1-5-21-922897428-1530232081-1820824115-1000\...\Run: [EADM] => D:\Origin\Origin.exe [3137808 2020-02-24] (Electronic Arts, Inc. -> Electronic Arts) HKU\S-1-5-21-922897428-1530232081-1820824115-1000\...\Run: [Opera Browser Assistant] => C:\Program Files (x86)\Opera\assistant\browser_assistant.exe [3024408 2020-02-24] (Opera Software AS -> Opera Software) HKU\S-1-5-21-922897428-1530232081-1820824115-1000\...\Policies\Explorer: [] HKU\S-1-5-21-922897428-1530232081-1820824115-1000\...\MountPoints2: F - F:\setup.exe HKU\S-1-5-21-922897428-1530232081-1820824115-1000\...\MountPoints2: {1ab221f4-fe4f-11e3-84fc-bc5ff4f4a159} - G:\SETUP.EXE HKU\S-1-5-21-922897428-1530232081-1820824115-1000\...\MountPoints2: {33168234-dd93-11e4-8e42-bc5ff4f4a159} - H:\Startme.exe HKU\S-1-5-21-922897428-1530232081-1820824115-1000\...\MountPoints2: {758e0a81-b1ca-11e3-9e81-ef4220268b8c} - "J:\WD SmartWare.exe" autoplay=true HKU\S-1-5-21-922897428-1530232081-1820824115-1000\...\MountPoints2: {83aaf805-ab0a-11e4-9b96-bc5ff4f4a159} - H:\LGAutoRun.exe HKU\S-1-5-21-922897428-1530232081-1820824115-1000\...\MountPoints2: {b04d2d1d-cf28-11e9-bad2-bc5ff4f4a159} - H:\HiSuiteDownLoader.exe HKU\S-1-5-21-922897428-1530232081-1820824115-1000\...\MountPoints2: {fc5bdac7-b1fc-11e3-a4f4-806e6f6e6963} - E:\Setup.exe HKU\S-1-5-21-922897428-1530232081-1820824115-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\SysWOW64\launcher.scr [2417936 2018-01-31] (Riot Games, Inc. -> ) BootExecute: autocheck autochk /k:J * ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0355DFB0-20D3-4802-86B8-5D0674B52035} - System32\Tasks\{755F93A9-E18A-41C8-A836-FE12917E7F14} => C:\Windows\system32\pcalua.exe -a "D:\Instalki\gry\Gothic2 NK\Gothic2.Noc.Kruka.PL\Setup.exe" -d "D:\Instalki\gry\Gothic2 NK\Gothic2.Noc.Kruka.PL" Task: {03B25FA9-D3BC-402B-AB28-0BD4503AD254} - System32\Tasks\{C3B06B71-4E37-400E-8BBB-C9835D43F9F1} => C:\Windows\system32\pcalua.exe -a D:\Gry\G2Online\Gothic2\drugigothic2_playerkit-2.6f.exe -d D:\Gry\G2Online\Gothic2 Task: {04AB938C-A477-4343-B537-6CDD2AB9BE14} - System32\Tasks\{8121E1A1-59E2-418A-8980-EEC8EF4F7AC3} => D:\Gry\Gothic I\System\GOTHIC.EXE [8580524 2006-01-12] (Piranha Bytes) [File not signed] Task: {1A0C307A-5180-418D-930F-05AE93C1C409} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {27215FEA-9F71-4F8D-A355-9FBD82950F05} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {2B2BD963-4BC3-46CE-8322-7D105380E144} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-922897428-1530232081-1820824115-1000 => C:\Users\Wojtron\AppData\Local\MEGAsync\MEGAupdater.exe [760696 2018-01-15] (Mega Limited -> Mega Limited) Task: {2B7C0A28-048C-46F0-9F97-E1A72454191F} - System32\Tasks\{FC5D5416-3664-4439-B121-9438E314DE32} => C:\Windows\system32\pcalua.exe -a "D:\Gry\Riot Games\Riot Client\RiotClientServices.exe" -c --uninstall-product=league_of_legends --uninstall-patchline=pbe Task: {37FE217C-F003-40CB-A710-1E10A4B70F0F} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {40EE51D7-69A4-4F53-AE21-2735403EC0D7} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation) Task: {419879A8-DDE9-468F-846C-D341CFE99A00} - System32\Tasks\MATLAB R2019b Startup Accelerator => J:\Progsy\Matlab2019\bin\win64\MATLABStartupAccelerator.exe [53248 2019-07-19] () [File not signed] Task: {4899E9AB-74AD-4199-A748-FF78902A63C3} - System32\Tasks\{2046726A-BA23-48F3-BCD0-A26724BAC1BF} => D:\Gry\BF 2\BF2.exe [6556160 2019-02-26] () [File not signed] Task: {493148DC-531A-4665-910B-F86D5C70AF3A} - System32\Tasks\{DC906787-CD9C-4756-ACD7-F1333C74983E} => D:\Gry\LOTR\lotrbfme2.exe [495616 2006-01-26] () [File not signed] Task: {4B25D09C-AEB7-4068-B1C2-7BC423D4B57D} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {53EFD275-8D94-43DD-B17B-8D267FFC196F} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.20.1.69\SymErr.exe [116392 2020-01-21] (Symantec Corporation -> Symantec Corporation) Task: {5B2DC572-06C5-4184-A32F-AD2CA32CD9DB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-04-26] (Google Inc -> Google Inc.) Task: {5FCB89FF-4ACA-4958-8719-8899CD8A7CF9} - System32\Tasks\{2A3DBEA2-94EE-47AC-9097-39DB108A4BE1} => D:\Gry\Gothic I\System\GOTHIC.EXE [8580524 2006-01-12] (Piranha Bytes) [File not signed] Task: {685845BF-BECE-44ED-BBE6-7F9FE7B0D6B3} - System32\Tasks\{1EAD36B7-7243-4A41-BA07-965430B60332} => D:\Instalki\98\Revolt\Revolt\revolt.exe [1077248 1999-08-25] () [File not signed] Task: {69578FBF-210E-4449-8202-8D555E5CF1FB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-04-26] (Google Inc -> Google Inc.) Task: {6EFE4C7F-12DA-476C-9829-3B85DF3F3763} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [1926304 2020-01-21] (Symantec Corporation -> Symantec Corporation) Task: {708774D5-50E2-4966-9A47-BEF6EE37B3CE} - System32\Tasks\Norton Security Scan for Wojtron => C:\Program Files (x86)\Norton Security Scan\Engine\4.6.1.179\Nss.exe [848912 2019-02-15] (Symantec Corporation -> Symantec Corporation) Task: {7C9F6EF7-4AFC-4375-A8C8-2E97D626CE37} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302880 2019-12-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {7E16C43B-B58C-467C-A742-4CB7BF0BBA38} - System32\Tasks\{E69317E4-0DE4-4AE9-8727-494A55E5DDD1} => D:\Gry\BF 2\BF2.exe [6556160 2019-02-26] () [File not signed] Task: {80BD9DD1-B0C2-4233-B7CF-F613B8608A67} - System32\Tasks\{17A8FDE0-B498-43DF-9767-A590057E2038} => D:\Gry\LOTR\lotrbfme2.exe [495616 2006-01-26] () [File not signed] Task: {8B8202B3-A8DB-46C9-814E-980F738B7087} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {8F104599-C572-48F8-BF75-FAEFB343DA0A} - System32\Tasks\{225CE33A-8A94-436B-8DD1-6321249AC61F} => D:\Gry\BF 2\BF2.exe [6556160 2019-02-26] () [File not signed] Task: {959A3C2D-A713-4B50-BF7F-BB5786A0D1E9} - System32\Tasks\Opera scheduled assistant Autoupdate 1582724755 => C:\Program Files (x86)\Opera\launcher.exe [1532952 2020-02-24] (Opera Software AS -> Opera Software) Task: {9C73A8BA-C836-4BAF-BDFA-C5DFA4F4D890} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation) Task: {A10BCE75-C832-4180-92E7-C165611A4CD4} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {A36AAE40-DBE6-4D13-93DC-79555D7A988B} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {A401C6AA-E5CA-4814-A029-E796F92AE1E6} - System32\Tasks\{CA57202E-D314-4061-9A35-64D222483B0D} => D:\Gry\Gothic I\System\GOTHIC.EXE [8580524 2006-01-12] (Piranha Bytes) [File not signed] Task: {B5021688-BC84-49F6-95DC-86B980FF0082} - System32\Tasks\{0F555EF8-7EE5-4012-BDC8-2F8DB2AB424A} => D:\Gry\Grand Theft Auto Vice City\gta-vc.exe [3088896 2003-05-16] () [File not signed] Task: {B8DE0556-DC4F-416B-9B0C-0346596D0FE7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [5489944 2014-12-12] (Piriform Ltd -> Piriform Ltd) Task: {BDBE59D1-6131-4D0F-B005-A2383AED5DFD} - System32\Tasks\{826C527A-7EC1-4BD7-AA14-F13CEA60B02F} => C:\Windows\system32\pcalua.exe -a D:\serwery\mu_online_2\server\SQLServer2017-SSEI-Expr.exe -d D:\serwery\mu_online_2\server Task: {CD07710B-C129-47B4-91E6-E726D4BF6101} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653848 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {D73BD743-FC51-4CBF-B63E-AF5E0C5C8411} - System32\Tasks\{6C813326-88C2-4EFB-AA1E-EBE1079E887F} => C:\Windows\system32\pcalua.exe -a D:\serwery\mu_online_2\server\MSDE2000A.exe -d D:\serwery\mu_online_2\server Task: {D850B7A0-126B-47D3-B53F-C69826753987} - System32\Tasks\Opera scheduled Autoupdate 1568047585 => C:\Program Files (x86)\Opera\launcher.exe [1532952 2020-02-24] (Opera Software AS -> Opera Software) Task: {E3A98C37-47B8-4AED-B514-CDF451BBF3CC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2017-08-08] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {E6DB7D0D-EAD4-4AB8-848F-0A5FDDB466B0} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.20.1.69\SymErr.exe [116392 2020-01-21] (Symantec Corporation -> Symantec Corporation) Task: {EC80F387-DADF-42E8-ACFC-227BD360DD82} - System32\Tasks\{58A1DD5A-D800-49D8-BD67-AB1219C09EB6} => C:\Users\Wojtron\Desktop\snocross\snowcross\SnowCross\SnowCross.exe Task: {F96A5FC0-86B9-4199-B0B9-BBC8A59F1EA7} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.20.1.69\WSCStub.exe [570824 2020-01-21] (Symantec Corporation -> Symantec Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\MATLAB R2019b Startup Accelerator.job => J:\Progsy\Matlab2019\bin\win64\MATLABStartupAccelerator.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{088DFED4-5C02-460E-B224-0929BF1E2AF1}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{40142B36-6636-437D-A4C4-427BF07425A7}: [DhcpNameServer] 192.168.43.1 Tcpip\..\Interfaces\{DE97621E-8B66-4DCC-BB5F-5D15381E3952}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKU\S-1-5-21-922897428-1530232081-1820824115-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pl-pl/?ocid=iehp SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-922897428-1530232081-1820824115-1000 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = &gct=sb&qsrc=2869 BHO: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine\22.20.1.69\coIEPlg.dll [2020-01-21] (Symantec Corporation -> Symantec Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-10-25] (Oracle America, Inc. -> Oracle Corporation) BHO: STATISTICA Browser Helper -> {990A8747-93BF-4EF7-B72E-94A6884B98C2} -> D:\Programy\Statistica\StaBHO.dll [2014-11-10] (StatSoft, Inc. -> StatSoft, Inc.) BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> D:\Programy\MS Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-25] (Oracle America, Inc. -> Oracle Corporation) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine32\22.20.1.69\coIEPlg.dll [2020-01-21] (Symantec Corporation -> Symantec Corporation) BHO-x32: STATISTICA Browser Helper -> {990A8747-93BF-4EF7-B72E-94A6884B98C2} -> D:\Programy\Statistica\Support\StaBHO.dll [2014-11-10] (StatSoft, Inc. -> StatSoft, Inc.) BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: DIALux Browser Helper Object -> {F586CB96-7091-42ec-9829-F5D5CE65AFC1} -> D:\Programy\Dialux\aplikacja\Dialux.BHO_x86.dll [2013-12-10] (DIAL -> DIAL GmbH) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.20.1.69\coIEPlg.dll [2020-01-21] (Symantec Corporation -> Symantec Corporation) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.20.1.69\coIEPlg.dll [2020-01-21] (Symantec Corporation -> Symantec Corporation) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKU\S-1-5-21-922897428-1530232081-1820824115-1000 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.20.1.69\coIEPlg.dll [2020-01-21] (Symantec Corporation -> Symantec Corporation) Handler-x32: dialux - {8352FA4C-39C6-11D3-ADBA-00A0244FB1A2} - D:\Programy\Dialux\aplikacja\DLXToolBox.dll [2017-11-08] (DIAL GmbH, Germany) [File not signed] Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll [2008-05-23] (Microsoft Corporation) [File not signed] Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Software Sarl -> Skype Technologies) Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation) Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation) Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation) Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Wojtron\AppData\Roaming\Mozilla - Kopia\Firefox\Profiles\utw3105q.default [2018-01-09] FF user.js: detected! => C:\Users\Wojtron\AppData\Roaming\Mozilla - Kopia\Firefox\Profiles\utw3105q.default\user.js [2017-11-30] FF DownloadDir: C:\Users\Wojtron\Desktop FF Homepage: Mozilla - Kopia\Firefox\Profiles\utw3105q.default -> about:home FF Session Restore: Mozilla - Kopia\Firefox\Profiles\utw3105q.default -> is enabled. FF Notifications: Mozilla - Kopia\Firefox\Profiles\utw3105q.default -> hxxps://pl110.plemiona.pl; hxxps://pl111.plemiona.pl FF Extension: (ReloadMatic) - C:\Users\Wojtron\AppData\Roaming\Mozilla - Kopia\Firefox\Profiles\utw3105q.default\Extensions\0.id@reloadmatic.webex.xpi [2018-01-04] FF Extension: (MEGA) - C:\Users\Wojtron\AppData\Roaming\Mozilla - Kopia\Firefox\Profiles\utw3105q.default\Extensions\firefox@mega.co.nz.xpi [2018-01-05] [UpdateUrl:hxxps://eu.static.mega.co.nz/3/firefox-web-extension-updates.json] FF Extension: (Personas Plus) - C:\Users\Wojtron\AppData\Roaming\Mozilla - Kopia\Firefox\Profiles\utw3105q.default\Extensions\personas@christopher.beard.xpi [2017-11-12] FF Extension: (Download Manager (S3)) - C:\Users\Wojtron\AppData\Roaming\Mozilla - Kopia\Firefox\Profiles\utw3105q.default\Extensions\s3download@statusbar.xpi [2017-09-03] [Legacy] FF Extension: (Session Manager) - C:\Users\Wojtron\AppData\Roaming\Mozilla - Kopia\Firefox\Profiles\utw3105q.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2017-01-31] [Legacy] FF Extension: (FlashGot) - C:\Users\Wojtron\AppData\Roaming\Mozilla - Kopia\Firefox\Profiles\utw3105q.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2016-12-02] [Legacy] FF Extension: (ReloadEvery) - C:\Users\Wojtron\AppData\Roaming\Mozilla - Kopia\Firefox\Profiles\utw3105q.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2016-09-04] [Legacy] FF Extension: (Video DownloadHelper) - C:\Users\Wojtron\AppData\Roaming\Mozilla - Kopia\Firefox\Profiles\utw3105q.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-12-14] FF Extension: (Adblock Plus) - C:\Users\Wojtron\AppData\Roaming\Mozilla - Kopia\Firefox\Profiles\utw3105q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-12-12] FF ProfilePath: C:\Users\Wojtron\AppData\Roaming\Mozilla\Firefox\Profiles\utw3105q.default [2020-03-01] FF user.js: detected! => C:\Users\Wojtron\AppData\Roaming\Mozilla\Firefox\Profiles\utw3105q.default\user.js [2017-11-30] FF Homepage: Mozilla\Firefox\Profiles\utw3105q.default -> about:home FF Session Restore: Mozilla\Firefox\Profiles\utw3105q.default -> is enabled. FF Notifications: Mozilla\Firefox\Profiles\utw3105q.default -> hxxps://pl110.plemiona.pl; hxxps://pl111.plemiona.pl FF Extension: (Personas Plus) - C:\Users\Wojtron\AppData\Roaming\Mozilla\Firefox\Profiles\utw3105q.default\Extensions\personas@christopher.beard.xpi [2018-03-06] FF Extension: (Session Manager) - C:\Users\Wojtron\AppData\Roaming\Mozilla\Firefox\Profiles\utw3105q.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2017-01-31] [Legacy] FF Extension: (ReloadEvery) - C:\Users\Wojtron\AppData\Roaming\Mozilla\Firefox\Profiles\utw3105q.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2016-09-04] [Legacy] FF Extension: (Video DownloadHelper) - C:\Users\Wojtron\AppData\Roaming\Mozilla\Firefox\Profiles\utw3105q.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2019-05-30] FF Extension: (Adblock Plus - darmowy adblocker) - C:\Users\Wojtron\AppData\Roaming\Mozilla\Firefox\Profiles\utw3105q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-02-12] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - J:\NEW\Programy\Adobe\Acrobat\Browser\WCFirefoxExtn FF Extension: (Adobe Acrobat - Create PDF) - J:\NEW\Programy\Adobe\Acrobat\Browser\WCFirefoxExtn [2019-12-07] [Legacy] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-08] (Adobe Systems Incorporated -> ) FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [No File] FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (Electronic Arts -> EA Digital Illusions CE AB) FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-25] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-25] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> D:\Programy\MSOFFI~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems Incorporated -> Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-08] (Adobe Systems Incorporated -> ) FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [No File] FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [No File] FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (Electronic Arts -> EA Digital Illusions CE AB) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File] FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> D:\Programy\VLC\npvlc.dll [2014-07-23] (VideoLAN) [File not signed] FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> D:\Programy\VLC\npvlc.dll [2014-07-23] (VideoLAN) [File not signed] FF Plugin-x32: Adobe Acrobat -> J:\NEW\Programy\Adobe\Acrobat\Air\nppdf32.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems Incorporated -> Adobe Systems) Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - J:\NEW\Programy\Adobe\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-03-28] Opera: ======= OPR Notifications: hxxps://www.komputronik.pl ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S4 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1364904 2017-12-19] (Autodesk, Inc. -> Autodesk Inc.) S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated) S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated) S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [5745672 2018-05-03] (BattlEye Innovations e.K. -> ) S4 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2019-11-30] (BitRaider LLC -> BitRaider, LLC) S4 DialComService; C:\Program Files (x86)\DIAL GmbH\DIAL Communication Framework\DialComService.exe [2183440 2014-12-10] (DIAL -> DIAL GmbH) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2020-02-18] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) S4 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [528096 2014-06-08] (FUTUREMARK INC -> Futuremark) S4 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [277056 2016-08-31] (GOG Limited -> GOG.com) S4 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6514752 2016-08-31] (GOG Limited -> GOG.com) S4 GameforgeClientService; C:\Program Files (x86)\GameforgeClient\gfservice.exe [515744 2019-10-30] (Gameforge 4D GmbH -> ) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Trusted Connect Service -> Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) S4 matlabserver; J:\NEW\mat\webserver\bin\win32\matlabserver.exe [503808 2002-06-18] () [File not signed] S4 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes Corporation -> Malwarebytes) R2 MSSQLSERVER; D:\serwery\SQL2012\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [191064 2012-02-11] (Microsoft Corporation -> Microsoft Corporation) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed] S4 NetBalancerService; D:\Programy\NetBalancer\SeriousBit.NetBalancer.Service.exe [128776 2014-12-12] (SeriousBit Srl -> SeriousBit) R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.20.1.69\NortonSecurity.exe [227352 2020-01-21] (Symantec Corporation -> Symantec Corporation) S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [7770888 2017-05-09] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) S4 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation) S4 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation) S4 Origin Client Service; D:\Origin\OriginClientService.exe [2495280 2020-02-24] (Electronic Arts, Inc. -> Electronic Arts) R2 Origin Web Helper Service; D:\Origin\OriginWebHelperService.exe [3445552 2020-02-24] (Electronic Arts, Inc. -> Electronic Arts) R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed] R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-11-04] (Even Balance, Inc. -> ) R2 Realtek11nCU; C:\Program Files (x86)\ASUS\USB-N10 WLAN Card Utilities\RtlService.exe [36864 2012-05-10] (Realtek Semiconductor Corp.) [File not signed] S4 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Sony Mobile Communications -> Avanquest Software) [File not signed] S4 SQLSERVERAGENT; D:\serwery\SQL2012\MSSQL11.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [597080 2012-02-11] (Microsoft Corporation -> Microsoft Corporation) S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH -> TeamViewer GmbH) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Windows -> Microsoft Corporation) S2 EraserSvc11910; "C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\NortonSecurity.exe" /h ccCommon [X] R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 S4 postgresql-x64-12; "D:\serwery\postgresql\bin\pg_ctl.exe" runservice -N "postgresql-x64-12" -D "D:\serwery\postgresql\data" -w ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310728 2014-03-24] (Tages SA -> ) S3 atmelwindrvr; C:\Windows\System32\drivers\atmelwindrvr.sys [300488 2015-08-12] (Jungo Connectivity Ltd. -> Jungo Connectivity) R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.17.1.50\Definitions\BASHDefs\20200225.001\BHDrvx64.sys [1952136 2019-10-02] (Symantec Corporation -> Symantec Corporation) R1 ccSet_NGC; C:\Windows\System32\drivers\NGCx64\1614010.045\ccSetx64.sys [192376 2020-01-21] (Symantec Corporation -> Symantec Corporation) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-03-23] (Disc Soft Ltd -> Disc Soft Ltd) R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [495376 2013-05-30] (Intel Corporation -> Intel Corporation) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [516784 2019-10-09] (Symantec Corporation -> Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [154288 2019-11-28] (Symantec Corporation -> Symantec Corporation) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.17.1.50\Definitions\IPSDefs\20200228.061\IDSvia64.sys [1451016 2019-11-26] (Symantec Corporation -> Symantec Corporation) S3 KMWDFILTER; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [30208 2009-04-29] (MLK Technologies Limited -> Windows (R) Codename Longhorn DDK provider) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2014-03-24] (Tages SA -> ) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) R1 nbdrv; C:\Windows\System32\DRIVERS\nbdrv.sys [41392 2013-11-25] (Mainline Net Holdings Limited -> SeriousBit) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-12-07] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [69840 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [75600 2019-08-23] (NVIDIA Corporation -> NVIDIA Corporation) S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [572416 2006-12-05] (Microsoft Windows Hardware Compatibility Publisher -> PixArt Imaging Inc.) U4 PSGG64; C:\Program Files (x86)\PS Sistemas\PSGG64.sys [16024 2020-01-20] (PS Sistemas -> PS Sistemas) R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> ) S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> ) S4 RsFx0200; C:\Windows\System32\DRIVERS\RsFx0200.sys [334936 2012-02-11] (Microsoft Corporation -> Microsoft Corporation) S3 RTL8192cu; C:\Windows\System32\DRIVERS\rtwlanu.sys [986728 2012-02-10] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation ) S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [115240 2008-05-16] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [19496 2008-05-16] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [158760 2008-05-16] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [137256 2008-05-16] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [34344 2008-05-16] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [136744 2008-05-16] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [151592 2008-05-16] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) R1 SRTSP; C:\Windows\System32\drivers\NGCx64\1614010.045\SRTSP64.SYS [889520 2020-01-21] (Symantec Corporation -> Symantec Corporation) R1 SRTSPX; C:\Windows\System32\drivers\NGCx64\1614010.045\SRTSPX64.SYS [50864 2020-01-21] (Symantec Corporation -> Symantec Corporation) R0 SymEFASI; C:\Windows\System32\drivers\NGCx64\1614010.045\SYMEFASI64.SYS [1964200 2020-01-21] (Symantec Corporation -> Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [99848 2019-09-29] (Symantec Corporation -> Symantec Corporation) R3 SymEvnt; C:\Program Files\Norton Security\NortonData\22.17.1.50\SymPlatform\SymEvnt.sys [712368 2020-01-13] (Symantec Corporation -> Symantec Corporation) R1 SymIRON; C:\Windows\System32\drivers\NGCx64\1614010.045\Ironx64.SYS [316656 2020-01-21] (Symantec Corporation -> Symantec Corporation) R1 SymNetS; C:\Windows\System32\drivers\NGCx64\1614010.045\symnets.sys [573448 2020-01-21] (Symantec Corporation -> Symantec Corporation) U5 UnlockerDriver5; D:\Programy\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] (Empty Loop -> ) S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [116232 2015-03-16] (Oracle Corporation -> Oracle Corporation) S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64.sys [23200 2015-04-29] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies) R3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [268800 2014-01-28] (Jungo LTD -> Jungo Connectivity) S3 wod0205; C:\Windows\System32\DRIVERS\wod0205.sys [33160 2011-04-23] (Secure Plus d.o.o. -> WeOnlyDo Software) S3 wpCtrlDrv_NGC; C:\Windows\System32\drivers\NGCx64\1614010.045\wpCtrlDrv.sys [1012120 2020-01-21] (Symantec Corporation -> Symantec Corporation) S3 zttap300; C:\Windows\System32\DRIVERS\zttap300.sys [30488 2018-03-16] (ZeroTier Networks LLC -> ZeroTier Networks LLC) S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X] S3 cpuz137; \??\C:\Windows\TEMP\cpuz137\cpuz137_x64.sys [X] S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X] S3 GPU-Z; \??\C:\Users\Wojtron\AppData\Local\Temp\GPU-Z.sys [X] <==== ATTENTION S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X] S3 NAVENG; \??\C:\Program Files (x86)\Norton 360\NortonData\22.5.4.24\Definitions\VirusDefs\20160704.001\ENG64.SYS [X] S3 NAVEX15; \??\C:\Program Files (x86)\Norton 360\NortonData\22.5.4.24\Definitions\VirusDefs\20160704.001\EX64.SYS [X] S3 NTLiveGuardN64; \??\D:\Gry\Mu\mysticalmu\LiveGuard\NTLiveGuardN64.sys [X] S3 SliceDisk5; \??\C:\Users\Wojtron\AppData\Local\Temp\FindAndMount\slicedisk-x64.sys [X] <==== ATTENTION S3 VGPU; System32\drivers\rdvgkmd.sys [X] S3 XFDriver64; \??\D:\Programy\Xfire2\XFDriver64.sys [X] S3 xhunter1; \??\C:\Windows\xhunter1.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) =================== (If an entry is included in the fixlist, the file/folder will be moved.) 2020-03-01 05:29 - 2020-03-01 05:29 - 000000000 ____D C:\Windows\system32\Tasks\Remediation 2020-03-01 02:46 - 2020-03-01 11:44 - 000000000 ____D C:\Users\Wojtron\Desktop\new69 2020-02-28 11:48 - 2020-02-28 11:48 - 000000000 ____D C:\Users\Wojtron\Downloads\opera autoupdate 2020-02-28 02:11 - 2020-02-28 02:11 - 000000689 _____ C:\Users\Wojtron\Desktop\19. The World Is Not Enough (1999) [AT-Team] — skrót.lnk 2020-02-27 23:12 - 2020-02-27 23:12 - 000002534 _____ C:\Users\Wojtron\Downloads\Bluetooth_ex2_UNO_virtual_pins.zip 2020-02-27 23:12 - 2020-02-27 23:12 - 000002151 _____ C:\Users\Wojtron\Downloads\Bluetooth_ex1_UNO_getting_started.zip 2020-02-27 23:02 - 2020-02-27 23:02 - 000937614 _____ C:\Users\Wojtron\Downloads\HC05-master.zip 2020-02-27 21:58 - 2020-02-27 21:58 - 000043901 _____ C:\Users\Wojtron\Downloads\Logic_Level_Bi_sch.pdf 2020-02-27 21:50 - 2020-02-27 23:10 - 000000000 ____D C:\Users\Wojtron\Desktop\arduino 2020-02-27 21:50 - 2020-02-27 21:51 - 000000000 ____D C:\Users\Wojtron\AppData\Local\Arduino15 2020-02-27 21:50 - 2020-02-27 21:50 - 000000000 ____D C:\Users\Wojtron\Documents\Arduino 2020-02-27 21:49 - 2020-02-27 21:49 - 000000746 _____ C:\Users\Public\Desktop\Arduino.lnk 2020-02-27 21:49 - 2020-02-27 21:49 - 000000746 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Arduino.lnk 2020-02-27 21:49 - 2020-02-27 21:49 - 000000746 _____ C:\ProgramData\Desktop\Arduino.lnk 2020-02-26 14:46 - 2020-02-26 14:46 - 000004256 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1582724755 2020-02-23 20:06 - 2020-02-23 20:06 - 000000000 ____D C:\Users\Wojtron\AppData\Local\SwGame 2020-02-23 20:06 - 2020-02-23 20:06 - 000000000 ____D C:\Program Files (x86)\Origin Games 2020-02-23 16:14 - 2020-02-23 16:14 - 000001065 _____ C:\Users\Public\Desktop\Star Wars Jedi - Fallen Order.lnk 2020-02-23 16:14 - 2020-02-23 16:14 - 000001065 _____ C:\ProgramData\Desktop\Star Wars Jedi - Fallen Order.lnk 2020-02-20 22:40 - 2020-02-22 01:52 - 000000185 _____ C:\Users\Wojtron\Desktop\KUPIC ARDUINO.txt 2020-02-20 22:40 - 2020-02-20 22:40 - 000000000 _____ C:\Users\Wojtron\Desktop\FOLIA AMELINIUM.txt 2020-02-20 14:03 - 2020-02-20 14:04 - 000000000 ____D C:\Users\Wojtron\AppData\LocalLow\Unity 2020-02-20 14:03 - 2020-02-20 14:03 - 000000000 ____D C:\Users\Wojtron\AppData\LocalLow\Just Nice Things 2020-02-20 13:43 - 2020-02-20 13:43 - 000000000 ____D C:\Users\Wojtron\AppData\Roaming\com.playata.bigbangempire.steam 2020-02-20 02:35 - 2020-02-20 02:35 - 000000000 ____D C:\Users\Wojtron\AppData\Roaming\Carbon 2020-02-20 02:12 - 2020-02-20 02:12 - 000000000 _____ C:\Users\Wojtron\Desktop\disciples 2 mroczne proroctwo i 3.txt 2020-02-20 02:04 - 2020-02-20 02:30 - 000000000 ____D C:\Users\Wojtron\Documents\The Lord of the Rings Online 2020-02-20 02:04 - 2020-02-20 02:24 - 000000000 ____D C:\Users\Wojtron\AppData\Local\The Lord of the Rings Online 2020-02-20 01:30 - 2020-02-20 01:30 - 000000000 ____D C:\Users\Wojtron\AppData\Local\Capsa 2020-02-20 00:18 - 2020-02-20 00:18 - 000000202 _____ C:\Users\Wojtron\Desktop\MU Legend.url 2020-02-19 12:44 - 2020-02-19 12:44 - 000000202 _____ C:\Users\Wojtron\Desktop\Path of Exile.url 2020-02-18 22:53 - 2020-02-18 22:53 - 000000000 ____D C:\Users\Wojtron\AppData\Local\DunDefLauncher 2020-02-18 22:34 - 2020-02-18 22:34 - 000000000 ____D C:\Users\Wojtron\AppData\LocalLow\PlayfulCorp 2020-02-18 15:36 - 2020-02-18 15:36 - 000000137 _____ C:\Users\Wojtron\Desktop\The Lord of the Rings Online™.url 2020-02-18 15:14 - 2020-02-18 15:14 - 000000202 _____ C:\Users\Wojtron\Desktop\Dungeon Defenders II.url 2020-02-18 15:04 - 2020-02-18 15:04 - 000001255 _____ C:\Users\Wojtron\Desktop\InfernoMu.lnk 2020-02-18 01:31 - 2020-02-18 01:31 - 000000000 ____D C:\Users\Wojtron\AppData\LocalLow\Riot Games 2020-02-18 01:28 - 2020-02-18 01:29 - 000001617 _____ C:\Users\Public\Desktop\Legends of Runeterra.lnk 2020-02-18 01:28 - 2020-02-18 01:29 - 000001617 _____ C:\ProgramData\Desktop\Legends of Runeterra.lnk 2020-02-17 20:41 - 2020-02-17 20:41 - 000000000 ____D C:\Users\Wojtron\Downloads\eMule 2020-02-17 20:41 - 2020-02-17 20:41 - 000000000 ____D C:\Users\Wojtron\AppData\Local\eMule 2020-02-17 20:41 - 2020-02-17 20:41 - 000000000 ____D C:\ProgramData\eMule 2020-02-13 14:08 - 2020-02-13 15:23 - 000002111 _____ C:\Users\Wojtron\Desktop\praca new stalowka.txt 2020-02-13 13:46 - 2020-02-13 13:47 - 000000000 ____D C:\Users\Wojtron\Desktop\zadania new 2020-02-12 13:44 - 2020-02-12 13:44 - 000000944 _____ C:\Users\Wojtron\Desktop\soulMu.lnk 2020-02-05 17:35 - 2020-02-06 17:01 - 000000000 ____D C:\Users\Wojtron\Downloads\aa_napedy 2020-02-04 14:54 - 2020-02-04 20:56 - 000000000 ____D C:\Users\Wojtron\Documents\SQL Server Management Studio 2020-02-04 14:54 - 2020-02-04 14:54 - 000000020 ___SH C:\Users\MSSQLSERVER\ntuser.ini 2020-02-04 14:54 - 2020-02-04 14:54 - 000000000 ____D C:\Users\MSSQLSERVER 2020-02-04 14:54 - 2017-07-14 16:38 - 000000153 _____ C:\Users\MSSQLSERVER\BullseyeCoverageError.txt 2020-02-04 14:54 - 2017-07-14 16:38 - 000000000 ____D C:\Users\MSSQLSERVER\AppData\Local\LogMeIn Hamachi 2020-02-04 14:54 - 2015-02-25 19:29 - 000000000 ____D C:\Users\MSSQLSERVER\AppData\Roaming\Macromedia 2020-02-04 14:54 - 2012-02-11 10:02 - 000045656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perf-MSSQL11.MSSQLSERVER-sqlagtctr.dll 2020-02-04 14:54 - 2012-02-11 08:44 - 000054360 _____ (Microsoft Corporation) C:\Windows\system32\perf-MSSQL11.MSSQLSERVER-sqlagtctr.dll 2020-02-04 14:54 - 2010-11-21 08:16 - 000000000 ____D C:\Users\MSSQLSERVER\AppData\Roaming\Media Center Programs 2020-02-04 14:53 - 2012-02-11 10:03 - 000082520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perf-MSSQLSERVER-sqlctr11.0.2100.60.dll 2020-02-04 14:53 - 2012-02-11 08:46 - 000180312 _____ (Microsoft Corporation) C:\Windows\system32\hadrres.dll 2020-02-04 14:53 - 2012-02-11 08:46 - 000082520 _____ (Microsoft Corporation) C:\Windows\system32\fssres.dll 2020-02-04 14:53 - 2012-02-11 08:44 - 000095832 _____ (Microsoft Corporation) C:\Windows\system32\perf-MSSQLSERVER-sqlctr11.0.2100.60.dll 2020-02-04 14:52 - 2020-02-04 14:52 - 000000000 ____D C:\Windows\system32\RsFx 2020-02-04 14:51 - 2020-02-04 14:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008 2020-02-04 14:50 - 2020-02-04 14:50 - 000000000 ____D C:\Windows\symbols 2020-02-04 14:50 - 2020-02-04 14:50 - 000000000 ____D C:\Program Files\Microsoft Visual Studio 10.0 2020-02-04 14:32 - 2020-02-04 14:32 - 000000000 ____D C:\ProgramData\VS 2020-02-04 13:55 - 2020-02-04 14:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2012 2020-02-03 19:56 - 2020-02-03 19:56 - 000000000 ____D C:\Users\Wojtron\Documents\SkidRow 2020-02-03 14:46 - 2020-02-04 21:14 - 000000065 _____ C:\Users\Wojtron\.pgAdmin4.4094215008.addr 2020-02-03 14:44 - 2020-02-04 21:16 - 000000000 ____D C:\Users\Wojtron\AppData\Roaming\pgAdmin 2020-02-03 14:29 - 2020-02-03 14:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 12 2020-02-03 01:08 - 2020-02-03 01:08 - 000003182 _____ C:\Windows\system32\Tasks\{826C527A-7EC1-4BD7-AA14-F13CEA60B02F} 2020-02-03 00:49 - 2020-02-03 00:49 - 000000113 _____ C:\Windows\ODBC.INI 2020-02-03 00:37 - 2020-02-03 00:37 - 000000000 ____D C:\Users\Wojtron\AppData\LocalLow\Simulators Live 2020-02-02 23:01 - 2020-02-02 23:01 - 000006524 _____ C:\Windows\SysWOW64\PerfStringBackup.TMP 2020-02-02 23:01 - 2020-02-02 23:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2005 2020-02-02 22:14 - 2020-02-02 22:14 - 000003154 _____ C:\Windows\system32\Tasks\{6C813326-88C2-4EFB-AA1E-EBE1079E887F} 2020-02-02 22:12 - 2020-02-02 22:12 - 000000000 ____D C:\Users\Wojtron\AppData\Local\Microsoft_Corporation 2020-02-02 22:01 - 2020-02-02 22:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subway Simulator 2020-02-02 21:11 - 2020-02-04 20:56 - 000000000 ____D C:\Program Files\Microsoft SQL Server 2020-02-02 15:43 - 2020-02-02 15:43 - 000000814 _____ C:\Users\Public\Desktop\APO 7.6.lnk 2020-02-02 15:43 - 2020-02-02 15:43 - 000000814 _____ C:\ProgramData\Desktop\APO 7.6.lnk 2020-02-02 15:43 - 2020-02-02 15:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Armia Podkarpacki OTS 2020-02-02 13:52 - 2020-02-02 13:52 - 000000297 _____ C:\Users\Wojtron\Desktop\Farming Simulator 19.url 2020-02-01 08:28 - 2020-02-05 22:48 - 000000797 _____ C:\Users\Public\Desktop\Wiedźmin 3® - Dziki Gon.lnk 2020-02-01 08:28 - 2020-02-05 22:48 - 000000797 _____ C:\ProgramData\Desktop\Wiedźmin 3® - Dziki Gon.lnk 2020-02-01 05:17 - 2020-02-01 05:17 - 000000000 ____D C:\Windows\system32\Tasks\Norton Security 2020-02-01 05:12 - 2020-02-01 05:12 - 000003206 _____ C:\Windows\system32\Tasks\Norton WSC Integration 2020-02-01 05:11 - 2020-02-01 05:11 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2020-03-01 11:48 - 2018-12-16 01:45 - 000000000 ____D C:\FRST 2020-03-01 11:18 - 2014-03-23 02:04 - 000000000 ____D C:\Users\Wojtron\AppData\Roaming\foobar2000 2020-03-01 11:16 - 2014-03-23 03:36 - 000000000 ____D C:\ProgramData\Origin 2020-03-01 11:15 - 2014-03-23 03:42 - 000000000 ____D C:\Users\Wojtron\AppData\Roaming\Origin 2020-03-01 10:53 - 2015-04-04 14:12 - 000000000 ____D C:\Users\Wojtron\AppData\Local\CrashDumps 2020-03-01 08:11 - 2020-01-21 09:01 - 000000510 _____ C:\Windows\Tasks\MATLAB R2019b Startup Accelerator.job 2020-03-01 01:24 - 2014-09-18 07:43 - 000000000 ____D C:\Users\Wojtron\AppData\Local\Battle.net 2020-03-01 01:08 - 2017-02-08 01:19 - 000000000 ____D C:\Users\Wojtron\AppData\Roaming\.minecraft 2020-02-29 23:53 - 2014-03-23 04:25 - 000226168 _____ C:\Windows\SysWOW64\PnkBstrB.exe 2020-02-29 23:23 - 2014-09-18 07:43 - 000000000 ____D C:\Program Files (x86)\Battle.net 2020-02-29 23:22 - 2014-03-23 03:42 - 000000000 ____D C:\Users\Wojtron\AppData\Local\Origin 2020-02-29 14:22 - 2020-01-10 23:09 - 000000000 ____D C:\Users\Wojtron\Desktop\av new 2 2020-02-29 12:25 - 2014-03-23 02:08 - 000000000 ____D C:\ProgramData\NVIDIA 2020-02-28 18:30 - 2014-03-28 13:13 - 000000000 ____D C:\Users\Wojtron\Documents\OpenTTD 2020-02-28 11:42 - 2018-12-16 21:00 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2020-02-28 02:11 - 2014-03-23 05:11 - 000000000 ____D C:\Users\Wojtron\AppData\Roaming\BitTorrent 2020-02-28 02:10 - 2014-03-23 04:22 - 000000000 ____D C:\Users\Wojtron\AppData\Roaming\vlc 2020-02-27 21:49 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf 2020-02-27 12:00 - 2019-09-09 17:42 - 000000000 ____D C:\Program Files (x86)\Opera 2020-02-26 16:37 - 2019-12-01 13:15 - 000000859 _____ C:\Users\Public\Desktop\STAR WARS Battlefront II.lnk 2020-02-26 16:37 - 2019-12-01 13:15 - 000000859 _____ C:\ProgramData\Desktop\STAR WARS Battlefront II.lnk 2020-02-26 14:46 - 2019-09-09 17:46 - 000004094 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1568047585 2020-02-25 15:05 - 2018-12-18 13:28 - 000000000 ____D C:\Users\Wojtron\Desktop\praca dyplomowa 2020-02-24 03:06 - 2019-12-08 06:37 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData 2020-02-24 03:06 - 2019-12-08 06:37 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData 2020-02-23 16:14 - 2016-10-30 23:21 - 000000000 ___SD C:\Users\Wojtron\AppData\LocalLow\Temp 2020-02-21 01:03 - 2014-03-24 00:38 - 000000000 ____D C:\Users\Wojtron\Desktop\gry 2020-02-20 22:35 - 2014-05-22 14:38 - 000000000 ____D C:\Users\Wojtron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2020-02-19 01:23 - 2020-01-03 21:33 - 000000000 ____D C:\Users\Wojtron\AppData\Roaming\EasyAntiCheat 2020-02-18 22:53 - 2014-03-23 04:52 - 000000000 ____D C:\Users\Wojtron\Documents\My Games 2020-02-18 01:31 - 2019-10-09 18:40 - 000000000 ____D C:\Users\Wojtron\AppData\Local\Riot Games 2020-02-18 01:28 - 2019-12-12 23:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games 2020-02-14 14:28 - 2014-10-26 06:24 - 000000000 ____D C:\Users\Wojtron\.VirtualBox 2020-02-14 04:15 - 2009-07-14 05:45 - 000029520 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2020-02-14 04:15 - 2009-07-14 05:45 - 000029520 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2020-02-13 23:59 - 2017-04-19 21:26 - 000000000 ____D C:\Program Files (x86)\StarCraft 2020-02-13 23:33 - 2014-03-23 04:25 - 000226168 _____ C:\Windows\SysWOW64\PnkBstrB.ex0 2020-02-13 20:55 - 2016-06-14 14:12 - 000219755 _____ C:\Users\Wojtron\Desktop\Wojciech Flis CV.pdf 2020-02-13 13:45 - 2019-07-13 13:24 - 000000000 ____D C:\Users\Wojtron\Desktop\7 SEM 2020-02-13 00:14 - 2020-01-20 10:51 - 000000988 _____ C:\Users\Wojtron\Desktop\vir.txt 2020-02-12 03:48 - 2014-03-23 03:05 - 000000000 ____D C:\Users\Wojtron\AppData\Roaming\DAEMON Tools Lite 2020-02-12 03:16 - 2019-02-17 01:13 - 000000417 _____ C:\Users\Wojtron\Desktop\sc2.txt 2020-02-11 20:52 - 2016-01-30 02:31 - 000000000 ____D C:\Users\Wojtron\Desktop\gold 2020-02-11 19:55 - 2020-01-20 15:50 - 000000000 ____D C:\Program Files (x86)\PS Sistemas 2020-02-11 02:18 - 2014-12-24 10:18 - 000000000 ____D C:\ProgramData\TEMP 2020-02-10 21:40 - 2014-12-25 06:44 - 000000000 ____D C:\Users\Wojtron\AppData\Roaming\Tibia 2020-02-10 14:18 - 2017-03-29 07:07 - 000000000 ____D C:\Users\Wojtron\Desktop\Praca 2020-02-06 11:11 - 2019-08-13 17:33 - 000000000 ____D C:\Program Files\PDFCreator 2020-02-05 14:32 - 2018-04-26 06:35 - 000003484 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2020-02-05 14:32 - 2018-04-26 06:35 - 000003356 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2020-02-04 14:54 - 2019-01-22 20:42 - 000006720 _____ C:\Windows\system32\PerfStringBackup.TMP 2020-02-04 14:53 - 2014-12-04 19:28 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2020-02-04 14:52 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared 2020-02-04 14:50 - 2016-07-11 03:26 - 000000000 ____D C:\Windows\SysWOW64\1033 2020-02-04 14:50 - 2016-07-11 03:23 - 000000000 ____D C:\Windows\system32\1033 2020-02-04 14:50 - 2014-03-28 03:49 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server 2020-02-04 14:02 - 2014-03-25 12:43 - 000000000 ____D C:\ProgramData\Package Cache 2020-02-03 15:58 - 2014-12-25 06:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElfBot NG 2020-02-03 14:46 - 2014-03-22 15:01 - 000000000 ____D C:\Users\Wojtron 2020-02-02 22:55 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\Registration 2020-02-02 21:17 - 2016-11-21 23:35 - 000000000 ____D C:\Users\Wojtron\AppData\LocalLow\Mozilla 2020-02-01 16:02 - 2016-08-31 18:45 - 000000000 ____D C:\Users\Wojtron\Documents\The Witcher 3 2020-02-01 05:53 - 2016-01-07 03:00 - 000000000 ____D C:\Program Files\Common Files\AV 2020-02-01 05:12 - 2019-09-29 11:59 - 000000000 ____D C:\Windows\system32\Drivers\NGCx64 2020-02-01 05:11 - 2019-09-29 12:00 - 000002326 _____ C:\Users\Public\Desktop\Norton Security.lnk 2020-02-01 05:11 - 2019-09-29 12:00 - 000002326 _____ C:\ProgramData\Desktop\Norton Security.lnk ==================== Files in the root of some directories ======== 2014-03-22 15:50 - 2015-11-10 09:44 - 000000093 _____ () C:\Program Files (x86)\dependentlibs.list 2014-03-22 15:50 - 2015-11-10 09:44 - 012200392 _____ () C:\Program Files (x86)\omni.ja 2019-02-06 17:52 - 2016-12-28 19:33 - 000000022 _____ () C:\Users\Wojtron\AppData\Roaming\forcedchunks.dat 2019-02-06 17:52 - 2017-04-02 00:49 - 000001378 _____ () C:\Users\Wojtron\AppData\Roaming\icon.png 2019-02-06 17:52 - 2017-06-27 21:15 - 000004401 _____ () C:\Users\Wojtron\AppData\Roaming\level.dat 2019-02-06 17:52 - 2017-06-27 21:15 - 000004401 _____ () C:\Users\Wojtron\AppData\Roaming\level.dat_old 2019-02-06 17:52 - 2017-04-08 18:57 - 000000118 _____ () C:\Users\Wojtron\AppData\Roaming\mcedit_waypoints.dat 2014-10-11 17:17 - 2015-04-30 17:42 - 000000777 _____ () C:\Users\Wojtron\AppData\Roaming\MPQEditor.ini 2017-11-10 09:47 - 2017-11-10 09:47 - 000000044 _____ () C:\Users\Wojtron\AppData\Roaming\twow_sysprepdt.dat 2019-12-08 06:54 - 2019-12-08 06:54 - 000000000 _____ () C:\Users\Wojtron\AppData\Local\oobelibMkey.log 2014-10-26 06:43 - 2016-08-07 13:50 - 000007609 _____ () C:\Users\Wojtron\AppData\Local\Resmon.ResmonCfg 2019-07-21 16:34 - 2019-07-21 16:34 - 000000000 _____ () C:\Users\Wojtron\AppData\Local\{52B6A287-B2F5-4795-95D8-8741E17F076D} 2019-01-29 08:48 - 2019-01-29 08:48 - 000000000 _____ () C:\Users\Wojtron\AppData\Local\{FCA7F877-8894-4142-B358-5DB60F05399E} ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\User32.dll [2010-11-21 04:24] - [2018-10-01 20:46] - 001008640 _____ (Microsoft Corporation) 2C353B6CE0C8D03225CAA2AF33B68D79 C:\Windows\SysWOW64\User32.dll [2010-11-21 04:24] - [2018-10-01 20:46] - 000833024 _____ (Microsoft Corporation) 861C4346F9281DC0380DE72C8D55D6BE LastRegBack: 2020-02-27 00:32 ==================== End of FRST.txt ========================