Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-06-2020 Ran by Tom (administrator) on HOME (Gigabyte Technology Co., Ltd. GA-880GM-UD2H) (23-06-2020 14:14:17) Running from D:\pobrane\avast pobrane Loaded Profiles: Tom & DefaultAppPool Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Angielski (Stany Zjednoczone) Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" -- "%1") Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) () [File not signed] F:\gry\lol1\Riot Games\Riot Client\RiotClientCrashHandler.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe <36> (AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastNM.exe <2> (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <3> (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Cleanup\TuneupSvc.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Cleanup\TuneupUI.exe <2> (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe (FabulaTech, LLP -> ) C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe (FabulaTech, LLP -> ) C:\Program Files\Common Files\VMware\ScannerRedirection\ftscanmgrhv.exe (FabulaTech, LLP -> VMware) C:\Program Files\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe (Ghisler Software GmbH -> Ghisler Software GmbH) C:\Program Files (x86)\totalcmd\TOTALCMD64.EXE (Irfan Skiljan -> Irfan Skiljan) C:\Program Files (x86)\IrfanView\i_view32.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\taskmgr.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe <2> (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2> (Piriform Software Ltd -> Piriform Software Ltd) D:\Programy\ccleaner\CCleaner64.exe (Podatnik S.A. -> Podatnik S.A.) F:\PIT pro 2019\pproupd.exe (Riot Games, Inc. -> ) F:\gry\lol\League of Legends\League of Legends\LeagueCrashHandler.exe (Riot Games, Inc. -> Riot Games, Inc.) F:\gry\lol\League of Legends\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.) F:\gry\lol\League of Legends\League of Legends\LeagueClientUx.exe (Riot Games, Inc. -> Riot Games, Inc.) F:\gry\lol\League of Legends\League of Legends\LeagueClientUxRender.exe <2> (Riot Games, Inc. -> Riot Games, Inc.) F:\gry\lol1\Riot Games\Riot Client\RiotClientServices.exe (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe <6> (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Horizon View Client\ClientService\horizon_client_service.exe (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-view.exe (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Horizon View Client\x64\vmware-remotemks.exe <2> ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [108136 2020-06-16] (Avast Software s.r.o. -> AVAST Software) HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\Avast Software\Cleanup\TuneupUI.exe [2573480 2020-06-09] (Avast Software s.r.o. -> AVAST Software) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-2514293450-2326734010-592155787-1000\...\Run: [AvastBrowserAutoLaunch_CE176AE749B99A72587F48630BCBA007] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1954104 2020-06-04] (Avast Software s.r.o. -> AVAST Software) HKU\S-1-5-21-2514293450-2326734010-592155787-1000\...\Run: [CCleaner Smart Cleaning] => D:\Programy\ccleaner\CCleaner64.exe [29072568 2020-05-22] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-2514293450-2326734010-592155787-1000\...\Run: [ALLUpdate] => C:\Program Files\ALLPlayer\ALLUpdate.exe [3930344 2018-11-10] (ALLPlayer Group sp. z o.o. -> ALLPlayer.org) HKU\S-1-5-21-2514293450-2326734010-592155787-1000\...\Policies\Explorer: [NoInternetOpenWith] 1 HKU\S-1-5-21-2514293450-2326734010-592155787-1000\...\MountPoints2: H - H:\LaunchU3.exe -a HKU\S-1-5-21-2514293450-2326734010-592155787-1000\...\MountPoints2: J - J:\LaunchU3.exe -a HKU\S-1-5-21-2514293450-2326734010-592155787-1000\...\MountPoints2: {151955bc-5f54-11e3-af90-6cf0497f5eb9} - H:\Setup.exe HKU\S-1-5-21-2514293450-2326734010-592155787-1000\...\MountPoints2: {2cc0a09e-1c10-11e2-a2e8-6cf0497f5eb9} - H:\Setup.exe HKU\S-1-5-21-2514293450-2326734010-592155787-1000\...\MountPoints2: {4f9c4c78-f05f-11e1-ac38-6cf0497f5eb9} - H:\Setup.exe HKU\S-1-5-21-2514293450-2326734010-592155787-1000\...\MountPoints2: {64ebc731-8701-11e1-b0c3-6cf0497f5eb9} - H:\Startme.exe HKU\S-1-5-21-2514293450-2326734010-592155787-1000\...\MountPoints2: {7991f701-5333-11e1-8c70-6cf0497f5eb9} - H:\AutoRun.exe HKU\S-1-5-21-2514293450-2326734010-592155787-1000\...\MountPoints2: {7991f706-5333-11e1-8c70-6cf0497f5eb9} - H:\AutoRun.exe HKU\S-1-5-21-2514293450-2326734010-592155787-1000\...\MountPoints2: {81a544a1-4c85-11e0-a40f-6cf0497f5eb9} - H:\LaunchU3.exe -a HKU\S-1-5-21-2514293450-2326734010-592155787-1000\...\MountPoints2: {b11696d2-2c1f-11e2-9225-6cf0497f5eb9} - H:\Setup.exe HKU\S-1-5-21-2514293450-2326734010-592155787-1000\...\MountPoints2: {b19d6064-ce50-11e1-bf21-6cf0497f5eb9} - H:\Setup.exe HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2015-06-26] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Installer\chrmstp.exe [2020-06-18] (Google LLC -> Google LLC) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\83.0.4529.97\Installer\chrmstp.exe [2020-06-17] (Avast Software s.r.o. -> AVAST Software) AppInit_DLLs: C:\ProgramData\Quoteex\Alpha-Warm.dll => No File AppInit_DLLs-x32: C:\ProgramData\Quoteex\Ventoranla.dll => No File BootExecute: autocheck autochk * icarus_rvrt.exe GroupPolicy: Restriction - Chrome <==== ATTENTION FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {03330AD3-EA91-4E01-B123-533578FDF2D0} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3314272 2020-06-16] (Avast Software s.r.o. -> AVAST Software) Task: {05AC7406-4505-4986-8815-FCC13B1D62CF} - System32\Tasks\{5E388E24-3CF2-4AEB-8EB8-7644DF75B093} => F:\gry\South PArk\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe Task: {08AD0C09-48A1-4044-82D6-A97797AE2CA6} - System32\Tasks\{22ABCC73-BA62-405A-9135-60070EB27A4D} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/5.10.0.116/pl/abandoninstall?page=tsProgressBar Task: {0C1B0187-B97C-4B3C-86B0-194AD8CDD847} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158552 2020-06-18] (Microsoft Corporation -> Microsoft Corporation) Task: {0E871D5D-8DB6-4EE3-A53E-104E2E585602} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-05-16] (NVIDIA Corporation -> NVIDIA Corporation) Task: {153532A4-A42F-4074-8CAF-57B2017545DC} - System32\Tasks\{7B4FF4FA-24E8-4CBA-8401-7D061BBE0BAF} => C:\Windows\system32\pcalua.exe -a G:\setup.exe -d G:\ -c /autorun Task: {19C7D5DB-67B2-4CE8-BE47-8E741735308A} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [5095064 2020-06-08] (Avast Software s.r.o. -> Avast Software) Task: {1CBC1DD7-BB94-4492-B39D-8DCF5AC21372} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-05-16] (NVIDIA Corporation -> NVIDIA Corporation) Task: {1FEB64D9-A6D6-480D-92A1-30BC0029F3E3} - System32\Tasks\{B0E0A54D-E98D-4367-9B4B-D27DADE44750} => C:\Windows\system32\pcalua.exe -a D:\pobrane\Internet\FacebookGameroom(1).exe -d D:\pobrane\Internet Task: {3069F7D1-D478-44B0-A99C-FE42EFBFBE43} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2514293450-2326734010-592155787-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe Task: {30DD776B-FB20-4F69-A155-5402479CA839} - System32\Tasks\KMSAutoNet => C:\ProgramData\KMSAutoS\KMSAuto Net.exe [6977272 2015-08-10] (Ratiborus MSFree Inc. -> MSFree Inc.) [File not signed] Task: {315A6944-567C-463F-B8D4-8D1258666A80} - System32\Tasks\Avast Software\Avast Cleanup Update BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [2812624 2020-06-09] (Avast Software s.r.o. -> AVAST Software) Task: {31D0BB26-F397-414F-933A-62C6DF69B279} - System32\Tasks\AM7000-TaskPlan => C:\Program Files\GamingMouse\GAMEZONE.exe [940544 2016-06-22] (Megabajt Sp. z.o.o) [File not signed] Task: {33F4C9B6-C737-4203-8284-BF0C396A5963} - System32\Tasks\R@1n-KMS\Office14ProPlus => wmic path OfficeSoftwareProtectionProduct where (ID="6f327760-8c5c-417c-9b61-836a98287e0c") call Activate Task: {39099911-E5C7-4080-B9DB-06F4B47BF5EB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-10] (Adobe Inc. -> Adobe) Task: {3AB53EAD-68FF-4299-9AEF-1A16382BF648} - System32\Tasks\CCleaner Update => D:\Programy\ccleaner\CCUpdate.exe [686384 2020-05-22] (Piriform Software Ltd -> Piriform Software Ltd) Task: {3E0EF5B6-4D6D-49D4-BC56-8D94F90BFD27} - System32\Tasks\Update Manager => C:\Users\Tom\AppData\Roaming\Warhammer.40K.Sanctus.Reach-ALI213\Upgrade.exe Task: {3EB886F2-5F08-4530-9319-527DDA8182CC} - System32\Tasks\{42EA116E-EF51-4EB9-8F6C-F6BB117A87B6} => C:\Windows\system32\pcalua.exe -a D:\pobrane\Internet\32bit_Win7_Win8_Win81_R272.exe -d D:\pobrane\Internet Task: {40C2C80C-6D32-406A-B0B4-C30C53A7B4BB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6158240 2020-05-25] (Microsoft Corporation -> Microsoft Corporation) Task: {433E95E0-0F57-4DE2-85BB-D21DDFB059B3} - System32\Tasks\{B765B0E1-C005-440B-AD74-5AD1F0A71570} => C:\Windows\system32\pcalua.exe -a D:\pobrane\Internet\FacebookGameroom.exe -d D:\pobrane\Internet Task: {5BF2120B-9174-4EE8-9E36-B12FFE4A9B3E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-05-16] (NVIDIA Corporation -> NVIDIA Corporation) Task: {5DD3C2F6-3C5B-44AF-9B3B-9FD5F7AD6250} - System32\Tasks\{ECE156F6-ED11-4343-A901-1F2577BCD7D5} => C:\Windows\system32\pcalua.exe -a D:\pobrane\Internet\dxwebsetup(1).exe -d D:\pobrane\Internet Task: {60CE1954-B9FB-47EB-A73B-9363E11683F8} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-05-16] (NVIDIA Corporation -> NVIDIA Corporation) Task: {616EB4EA-3A35-4DB5-8127-5D62451664A4} - System32\Tasks\{DAAD27AE-7784-46D3-81FF-DB910346FF9F} => C:\Windows\system32\pcalua.exe -a "F:\gry\lol\League of Legends\Riot Games\Riot Client\RiotClientServices.exe" -c --uninstall-product=bacon --uninstall-patchline=live Task: {6220FFF7-6F30-4591-8A30-C48E53F620EC} - \VHDezYAiMmhSpjSVJ2 -> No File <==== ATTENTION Task: {653CB912-80C8-4E0B-9688-65387992146A} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1954104 2020-06-04] (Avast Software s.r.o. -> AVAST Software) Task: {762D1EC5-349B-4115-A206-9CCE1C8BD310} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-23] (Google Inc -> Google Inc.) Task: {77422883-3095-4B3F-9477-AA1EC065165C} - System32\Tasks\Avast Driver Updater Startup => C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe [30244064 2020-04-14] (Avast Software s.r.o. -> AVAST Software) Task: {809BC348-687C-43CA-A2C2-832DE75F454C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-23] (Google Inc -> Google Inc.) Task: {83ECB142-95EB-4901-9213-BAD9E0D94040} - System32\Tasks\{742DE948-7295-4427-87D0-194CC0147FD0} => C:\Program Files (x86)\Skype\\Phone\Skype.exe Task: {845CE649-D0CC-4851-828A-2CE91BE2513F} - System32\Tasks\{0544B608-D9BC-4103-B32C-02E39571AA15} => C:\Windows\system32\pcalua.exe -a D:\pobrane\Internet\266.58_desktop_win7_winvista_64bit_international_whql.exe -d D:\pobrane\Internet Task: {87A7A6FC-368F-4E72-9CAF-7EE7F729381A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [569416 2016-02-23] (Apple Inc. -> Apple Inc.) Task: {89460E86-3BF4-4333-99B7-A5599E9EE71A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6158240 2020-05-25] (Microsoft Corporation -> Microsoft Corporation) Task: {8D04F7CD-61D0-4A8C-AD71-EB8721CD0146} - System32\Tasks\{7E8279DA-C43B-4DCA-A9F8-FF170BF119CA} => E:\Gry\NBA 2K16\NBA2K16.exe Task: {904B5EC4-AECF-499C-82D8-D188DE973854} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-09-10] (AVAST Software s.r.o. -> AVAST Software) Task: {923472A4-4A09-472E-9078-052BDE2FB218} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_pepper.exe [1454648 2020-06-10] (Adobe Inc. -> Adobe) Task: {9A5CB8D5-E660-4439-BE50-FEB39E519299} - System32\Tasks\CCleanerSkipUAC => D:\Programy\ccleaner\CCleaner.exe [24690360 2020-05-22] (Piriform Software Ltd -> Piriform Software Ltd) Task: {9D4C8F33-06F2-47CB-9509-8892C32E7CF3} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-05-16] (NVIDIA Corporation -> NVIDIA Corporation) Task: {9D509E85-4400-4C86-A190-753D6453E6A3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24608136 2020-05-31] (Microsoft Corporation -> Microsoft Corporation) Task: {9DB6BFC0-8760-4597-9920-F36C0B25A0E3} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1954104 2020-06-04] (Avast Software s.r.o. -> AVAST Software) Task: {9E3A9367-4B27-4957-87B0-2CC5CB3FB20F} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-05-16] (NVIDIA Corporation -> NVIDIA Corporation) Task: {A0FB45C8-D3E1-442A-9994-33DEFD24F6D7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24608136 2020-05-31] (Microsoft Corporation -> Microsoft Corporation) Task: {A2D7A590-4EBD-43E1-A45E-3477F27F06B8} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-09-10] (AVAST Software s.r.o. -> AVAST Software) Task: {A3FCE3AC-E435-41D1-BE72-5825E2BFDBFC} - System32\Tasks\{C34B3741-8CE6-4883-A8B9-AD0A5D827418} => F:\gry\South PArk\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe Task: {A44529A7-74A1-4F7E-8671-94FB651FD6EE} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158552 2020-06-18] (Microsoft Corporation -> Microsoft Corporation) Task: {B2442971-4028-4082-9885-82C4D9D577B8} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3293168 2020-05-16] (NVIDIA Corporation -> NVIDIA Corporation) Task: {BCD3B5EC-54F9-4FB7-A1C7-887804813DD8} - System32\Tasks\{6D22036A-F9F1-46CE-ACC0-6CBAD19591E4} => E:\Gry\NBA 2K16\NBA2K16.exe Task: {C166D52B-F52F-49C1-B89E-038EDCE845A9} - \{7A0E7D47-0A7E-0505-7811-0B0F0E0E1109} -> No File <==== ATTENTION Task: {C37F9DD8-6586-4EF8-A5DE-C00C892AEACC} - \RjugMwUzTsQQHAQNApl2 -> No File <==== ATTENTION Task: {C69131D3-C1D4-4595-B402-8CE7F71085D4} - System32\Tasks\{60005903-247C-4B42-AF09-B61AB8B96D7A} => C:\Program Files (x86)\Skype\\Phone\Skype.exe Task: {C74EEC69-F9E0-447E-BFCD-52FB51D8C520} - System32\Tasks\{30905005-600C-48F2-8A61-D8CA4291A353} => F:\gry\South PArk\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe Task: {C9908EBC-E9F7-40DF-8C43-24D07955E7EA} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software) Task: {CB83728E-880B-4526-8F14-53250C0088C4} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_Plugin.exe [1459256 2020-06-10] (Adobe Inc. -> Adobe) Task: {D02C521A-06B7-454D-BD88-0F4669CE0376} - System32\Tasks\{A15EB195-A810-405B-9379-9E239218EE52} => C:\Windows\system32\pcalua.exe -a D:\pobrane\Internet\FacebookGameroom(2).exe -d D:\pobrane\Internet Task: {D220BCFE-442F-42DC-AC9F-A916B56D4AB0} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2431816 2019-08-18] (Overwolf Ltd -> Overwolf LTD) Task: {D26B423E-91CD-4C90-B2D4-8D15A6EECB24} - System32\Tasks\{C5458C7B-762C-46ED-A685-291BCB04A15A} => C:\Windows\system32\pcalua.exe -a D:\pobrane\Internet\dxwebsetup(3).exe -d D:\pobrane\Internet Task: {D2D2C51C-5AC7-4692-8DF0-8ACF89F57CF3} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-05-16] (NVIDIA Corporation -> NVIDIA Corporation) Task: {E01DE920-5F57-44B8-BF94-D16ABEFBE964} - System32\Tasks\{3AF91EB6-69BA-4EBF-AC15-8AC31ECE61D9} => F:\gry\FIFA 19 DEMO\FIFA19_demo.exe [287357248 2018-08-17] (Electronic Arts, Inc. -> Electronic Arts) Task: {E072A89E-7F58-4E8F-BC99-562607EA939F} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2514293450-2326734010-592155787-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe Task: {E14376B2-7C93-4F87-916F-A1022572B4BC} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-05-16] (NVIDIA Corporation -> NVIDIA Corporation) Task: {E14F4A6E-DC6E-46B2-BFB7-70169691F83C} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-05-16] (NVIDIA Corporation -> NVIDIA Corporation) Task: {E2EE9226-6268-448D-BF16-7FCA446178C3} - System32\Tasks\{A9AB63B5-76DA-4871-8979-B3CE157EBBB0} => C:\Windows\system32\pcalua.exe -a "D:\pobrane\Internet\DDU v18.0.0.2\Display Driver Uninstaller.exe" -d "D:\pobrane\Internet\DDU v18.0.0.2" Task: {F281B89C-A25F-4FB0-B7BB-956AE65C45E4} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe Task: {F405BFF4-E65E-40A6-A569-E61CEA5EC191} - System32\Tasks\{C5D40E52-BECF-4035-8ACA-FF21F725F2FE} => F:\gry\South PArk\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe Task: {F5A40601-927D-44E8-8832-3CB634320D13} - \Bidaily Synchronize Task[pr] -> No File <==== ATTENTION Task: {F7ADD63E-130B-4030-959F-028B7E34FFE2} - \bVyBIwMCwVjnlcc2 -> No File <==== ATTENTION Task: {FA35FDA2-87ED-4B08-A496-8F134208931D} - System32\Tasks\{3E60EA50-333F-44AE-853B-627C28FFA922} => C:\Windows\system32\pcalua.exe -a C:\Users\Tom\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=obw Task: {FD28326F-1B53-4FE7-B719-23D4610110ED} - System32\Tasks\{5563A490-E2C8-133B-BFB8-56FDB8705E8B} => C:\ProgramData\{B54B60FD-02E0-D756-6BA4-197E58BDF440}\31593602-86F2-81A9-4EDD-EB028BBE9735.exe <==== ATTENTION Task: {FE081625-5F9F-4463-A6AA-22FB95930460} - System32\Tasks\klcp_update => CodecTweakTool.exe (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Avast Driver Updater Startup.job => C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\Parameters: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{0CA12336-5BC2-4B85-9C21-973DF080F6DA}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{0CA12336-5BC2-4B85-9C21-973DF080F6DA}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{0EC7472A-1526-45ED-88A9-1C336E32BEDD}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{6EEF00C7-8D17-463E-8677-515B37C58EBC}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{B8654BC9-666F-4D42-BA75-7338B36EE440}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{DB4045F2-E469-4B39-855E-496BBC9309EF}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{DB4045F2-E469-4B39-855E-496BBC9309EF}: [DhcpNameServer] 8.8.8.8 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-2514293450-2326734010-592155787-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoGk3GzeHhcr-ccZ5I8wJfgNRVgG42R7HeFIkBqaUnZmSorL6e8OBeWXk8IAlcBDDN_mi0Vs4ZuPjzgUzckJa_h5lEVkqScmAgSIS8FNDWtpdp1oszMRpgJV3GYM752gd4MYP5NK9mKV5glk99JBJF1j7vQjLq5BLluGH_OA,&q={searchTerms} HKU\S-1-5-21-2514293450-2326734010-592155787-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://feed.helperbar.com/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoGk3GzeHhcr-ccZ5I8wJfgNRVgG42R7HeFIkBqaUnZmSorL6e8OBeWXk8IAlcBDDN_mi0Vs4ZuPjzgU_VW6fMEXKb-VFzrc5GxIiG63qRpYtF6yo0Fq5LpGnPIdjrCGN-awot90-Q9rLjTTsnXyzZadzscQ2g1rp90kgVgY, SearchScopes: HKLM-x32 -> DefaultScope value is missing SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2514293450-2326734010-592155787-1000 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms} SearchScopes: HKU\S-1-5-21-2514293450-2326734010-592155787-1000 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://pl.search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10420__180531__yaie&p={searchTerms} SearchScopes: HKU\S-1-5-21-2514293450-2326734010-592155787-1000 -> {C458B410-C0DF-435F-96D2-FDCB5D3F6316} URL = hxxps://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-2514293450-2326734010-592155787-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms} BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-02-06] (Microsoft Corporation -> Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2020-05-25] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-02-06] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\ssv.dll [2020-02-20] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2020-05-25] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-02-20] (Oracle America, Inc. -> Oracle Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-12] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-03-12] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-12] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-03-12] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-12] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-03-12] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-12] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-03-12] (Microsoft Corporation -> Microsoft Corporation) FireFox: ======== FF DefaultProfile: lxvoxfwz.default-1420628245215-1498931597049 FF ProfilePath: C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\lxvoxfwz.default-1420628245215-1498931597049 [2020-06-23] FF DownloadDir: D:\pobrane\Internet FF Homepage: Mozilla\Firefox\Profiles\lxvoxfwz.default-1420628245215-1498931597049 -> moz-extension://e10bbd95-544b-4ff7-a8d8-6fdd3b7e5adb/dial FF NewTab: Mozilla\Firefox\Profiles\lxvoxfwz.default-1420628245215-1498931597049 -> hxxps://pl.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10420__180531__yaff FF Notifications: Mozilla\Firefox\Profiles\lxvoxfwz.default-1420628245215-1498931597049 -> hxxps://sportowefakty.wp.pl FF NewTabOverride: Mozilla\Firefox\Profiles\lxvoxfwz.default-1420628245215-1498931597049 -> Enabled: quickdial@matmoul.com FF Extension: (Avast Passwords) - C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\lxvoxfwz.default-1420628245215-1498931597049\Extensions\jid1-r1tDuNiNb4SEww@jetpack.xpi [2020-02-10] [UpdateUrl:hxxps://pamcdn.avast.com/pamcdn/extensions/firefox/update.json] FF Extension: (Quick Dial) - C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\lxvoxfwz.default-1420628245215-1498931597049\Extensions\quickdial@matmoul.com.xpi [2019-03-17] FF Extension: (Avast SafePrice | Porównania, promocje, kupony) - C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\lxvoxfwz.default-1420628245215-1498931597049\Extensions\sp@avast.com.xpi [2020-05-06] FF Extension: (uBlock Origin) - C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\lxvoxfwz.default-1420628245215-1498931597049\Extensions\uBlock0@raymondhill.net.xpi [2020-02-09] FF Extension: (Avast Online Security) - C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\lxvoxfwz.default-1420628245215-1498931597049\Extensions\wrc@avast.com.xpi [2020-06-17] FF SearchPlugin: C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\lxvoxfwz.default-1420628245215-1498931597049\searchplugins\yahoo-lavasoft-ff59.xml [2018-05-31] FF Extension: (Skype Click to Call) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-05-17] [Legacy] [not signed] FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\browser\features\{A5FD4672-4D73-4F90-A1C0-2ABD39DB2565}.xpi [2018-02-02] [not signed] FF HKU\S-1-5-21-2514293450-2326734010-592155787-1000\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\Tom\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi FF Extension: (Ace Script) - C:\Users\Tom\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi [2018-01-24] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_387.dll [2020-06-10] (Adobe Inc. -> ) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_387.dll [2020-06-10] (Adobe Inc. -> ) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1235205.dll [2019-03-15] (Adobe Systems, Inc.) [File not signed] FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) [File not signed] FF Plugin-x32: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-02-20] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-02-20] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-12-12] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation) FF Plugin HKU\S-1-5-21-2514293450-2326734010-592155787-1000: @acestream.net/acestreamplugin,version=3.1.32 -> C:\Users\Tom\AppData\Roaming\ACEStream\player\npace_plugin.dll [2017-01-13] (Innovative Digital Technologies -> Innovative Digital Technologies) FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\cfg [2015-05-27] <==== ATTENTION Chrome: ======= CHR Profile: C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default [2020-06-23] CHR HomePage: Default -> hxxp://www.gazeta.pl/0,0.html?p=190 CHR StartupUrls: Default -> "hxxp://www.gazeta.pl/0,0.html?p=190","hxxp://www.gazeta.pl/0,0.html?p=190","hxxp://www.gazeta.pl/0,0.html?p=190","hxxp://www.gazeta.pl/0,0.html?p=190","hxxp://www.gazeta.pl/0,0.html?p=190","hxxp://www.gazeta.pl/0,0.html?p=190","hxxp://www.gazeta.pl/0,0.html?p=190","hxxp://www.gazeta.pl/0,0.html?p=190","hxxp://www.gazeta.pl/0,0.html?p=190","hxxp://www.gazeta.pl/0,0.html?p=190","hxxp://www.gazeta.pl/0,0.html?p=190","hxxp://www.gazeta.pl/0,0.html?p=190","hxxp://www.gazeta.pl/0,0.html?p=190","hxxp://www.gazeta.pl/0,0.html?p=190" CHR Extension: (Prezentacje) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-23] CHR Extension: (Dokumenty) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-23] CHR Extension: (Dysk Google) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-10-23] CHR Extension: (YouTube) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-23] CHR Extension: (uVPN - Darmowy i nielimitowany VPN dla wszystkich) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog [2019-01-07] CHR Extension: (Avast SafePrice | Porównania, promocje, kupony) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-01-07] CHR Extension: (Wideo Spinner) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\facbikebnknginefgjaafpcmdmnjpiek [2018-01-26] CHR Extension: (Arkusze) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-23] CHR Extension: (Filmy Google Play) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdijeikdkaembjbdobgfkoidjkpbmlkd [2017-10-28] CHR Extension: (Dokumenty Google offline) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-01-07] CHR Extension: (Avast Online Security) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-01-07] CHR Extension: (Skype) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2018-01-26] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-01-07] CHR Extension: (Adblocker for Youtube™) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohajmcdpjokbdoihfhkpbmlmknejmoec [2018-02-02] CHR Extension: (Gmail) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-10-23] CHR Extension: (Chrome Media Router) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-07] CHR HKU\S-1-5-21-2514293450-2326734010-592155787-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] CHR HKLM-x32\...\Chrome\Extension: [coahpcpgfnnaddeelpphpifmgfobflog] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14] Opera: ======= OPR StartupUrls: "hxxp://www.gazeta.pl/0,0.html?p=188" OPR Extension: (Adblocker for Youtube™) - C:\Users\Tom\AppData\Roaming\Opera Software\Opera Stable\Extensions\lojkmpmjhekagjdpabnangombkhgmfdp [2018-02-02] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-10] (Adobe Inc. -> Adobe) S2 appdrvrem01; C:\Windows\System32\appdrvrem01.exe [477352 2018-11-27] (Protection Technology, Ltd. -> Protection Technology) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6392728 2020-06-16] (Avast Software s.r.o. -> AVAST Software) S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-09-10] (AVAST Software s.r.o. -> AVAST Software) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [348968 2020-06-16] (Avast Software s.r.o. -> AVAST Software) R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [1052984 2020-06-16] (Avast Software s.r.o. -> AVAST Software) S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-09-10] (AVAST Software s.r.o. -> AVAST Software) S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\83.0.4529.97\elevation_service.exe [1062576 2020-06-04] (Avast Software s.r.o. -> AVAST Software) R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [12936008 2020-06-09] (Avast Software s.r.o. -> AVAST Software) S4 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11111816 2020-05-31] (Microsoft Corporation -> Microsoft Corporation) R2 client_service; C:\Program Files (x86)\VMware\VMware Horizon View Client\ClientService\horizon_client_service.exe [442840 2020-03-30] (VMware, Inc. -> VMware, Inc.) S4 EaseUS Agent; D:\Programy\Todo Backup\bin\Agent.exe [39616 2016-06-03] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] S4 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe [1995184 2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Software Inc.) R2 ftnlsv3hv; C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe [280176 2020-02-25] (FabulaTech, LLP -> ) R2 ftscanmgrhv; C:\Program Files\Common Files\VMware\ScannerRedirection\ftscanmgrhv.exe [4369520 2020-02-27] (FabulaTech, LLP -> ) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-05-16] (NVIDIA Corporation -> NVIDIA Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [873272 2020-05-16] (NVIDIA Corporation -> NVIDIA Corporation) S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2118664 2016-11-30] (Electronic Arts, Inc. -> Electronic Arts) S4 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2180112 2016-11-30] (Electronic Arts, Inc. -> Electronic Arts) S4 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2431816 2019-08-18] (Overwolf Ltd -> Overwolf LTD) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-01-04] (Even Balance, Inc. -> ) R2 pproupd; F:\PIT pro 2019\pproupd.exe [57736 2020-04-03] (Podatnik S.A. -> Podatnik S.A.) S4 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155520 2015-06-10] (Sony Mobile Communications AB -> Avanquest Software) [File not signed] R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) R2 vmwsprrdpwks; C:\Program Files\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe [459888 2020-02-20] (FabulaTech, LLP -> VMware) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation) ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2013-03-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) S3 androidusb; C:\Windows\System32\Drivers\smtmoadb.sys [31744 2009-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Google Inc) R1 appdrv01; C:\Windows\System32\Drivers\appdrv01.sys [2218368 2018-11-27] (Protection Technology, Ltd. -> Protection Technology) R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205896 2020-06-16] (Avast Software s.r.o. -> AVAST Software) R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [235088 2020-06-16] (Avast Software s.r.o. -> AVAST Software) R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [178768 2020-06-16] (Avast Software s.r.o. -> AVAST Software) R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [60496 2020-06-16] (Avast Software s.r.o. -> AVAST Software) R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42784 2020-06-16] (Avast Software s.r.o. -> AVAST Software) R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [175208 2020-06-16] (Avast Software s.r.o. -> AVAST Software) R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [506152 2020-06-16] (Avast Software s.r.o. -> AVAST Software) R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2017-07-01] (AVAST Software s.r.o. -> AVAST Software) R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [109280 2020-06-16] (Avast Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84856 2020-06-16] (Avast Software s.r.o. -> AVAST Software) R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851608 2020-06-16] (Avast Software s.r.o. -> AVAST Software) R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [462592 2020-06-16] (Avast Software s.r.o. -> AVAST Software) R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [216824 2020-06-16] (Avast Software s.r.o. -> AVAST Software) R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [322256 2020-06-16] (Avast Software s.r.o. -> AVAST Software) S3 ATITool; C:\Windows\System32\DRIVERS\ATITool64.sys [30720 2006-11-10] () [File not signed] S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R0 EUBAKUP; C:\Windows\System32\drivers\eubakup.sys [60968 2015-12-10] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48168 2015-12-10] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] R1 EUDSKACS; C:\Windows\system32\drivers\eudskacs.sys [18472 2015-12-10] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] R1 EUFDDISK; C:\Windows\system32\drivers\EuFdDisk.sys [192552 2015-12-10] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] S3 hwdatacard; C:\Windows\System32\DRIVERS\ewusbmdm.sys [115328 2008-03-17] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) R0 LPCFilter; C:\Windows\System32\DRIVERS\LPCFilter.sys [31024 2012-08-02] (BYD precision manufacture company -> Windows (R) Win 7 DDK provider) R3 mcdbus; C:\Windows\System32\DRIVERS\mcdbus.sys [255552 2009-02-24] (JiaPing Gan -> MagicISO, Inc.) R3 mcdbus; C:\Windows\SysWOW64\DRIVERS\mcdbus.sys [255552 2009-02-24] (JiaPing Gan -> MagicISO, Inc.) R0 MxEFUF; C:\Windows\System32\DRIVERS\MxEFUF64.sys [157696 2011-10-20] (Matrox Graphics Inc. -> Matrox Graphics Inc.) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2020-05-16] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [69840 2020-03-06] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [67456 2020-03-11] (NVIDIA Corporation -> NVIDIA Corporation) R3 RTLE8023x64; C:\Windows\System32\DRIVERS\Rtenic64.sys [521944 2013-09-12] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [115240 2011-12-14] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [19496 2011-12-14] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [158760 2011-12-14] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [137256 2011-12-14] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [34344 2011-12-14] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [136744 2011-12-14] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [151592 2011-12-14] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 s1018bus; C:\Windows\System32\DRIVERS\s1018bus.sys [113704 2009-03-25] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 s1018mdfl; C:\Windows\System32\DRIVERS\s1018mdfl.sys [19496 2009-03-25] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 s1018mdm; C:\Windows\System32\DRIVERS\s1018mdm.sys [153128 2009-03-25] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 s1018mgmt; C:\Windows\System32\DRIVERS\s1018mgmt.sys [133160 2009-03-25] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 s1018nd5; C:\Windows\System32\DRIVERS\s1018nd5.sys [34856 2009-03-25] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [128552 2009-03-25] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 s1018unic; C:\Windows\System32\DRIVERS\s1018unic.sys [146472 2009-03-25] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 s816bus; C:\Windows\System32\DRIVERS\s816bus.sys [107048 2011-12-14] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 s816mdfl; C:\Windows\System32\DRIVERS\s816mdfl.sys [18472 2011-12-14] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 s816mdm; C:\Windows\System32\DRIVERS\s816mdm.sys [143400 2011-12-14] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 s816mgmt; C:\Windows\System32\DRIVERS\s816mgmt.sys [124968 2011-12-14] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 s816nd5; C:\Windows\System32\DRIVERS\s816nd5.sys [30248 2011-12-14] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 s816obex; C:\Windows\System32\DRIVERS\s816obex.sys [121896 2011-12-14] (Sony Ericsson Mobile Communications AB -> MCCI Corporation) S3 s816unic; C:\Windows\System32\DRIVERS\s816unic.sys [129064 2011-12-14] (Sony Ericsson Mobile Communications AB -> MCCI) S3 smtmodev; C:\Windows\System32\DRIVERS\smtmodev.sys [114432 2010-01-13] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S3 smtmoser; C:\Windows\System32\DRIVERS\smtmoser.sys [122624 2010-02-04] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated) S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [25608 2020-06-23] (AVG Technologies CZ, s.r.o. -> SlimWare Utilities, Inc.) S3 ubohci; C:\Windows\System32\DRIVERS\ubohci.sys [132608 2012-10-05] (Unibrain) [File not signed] S2 ubsbm; C:\Windows\System32\DRIVERS\ubsbm.sys [24064 2012-10-05] (Unibrain) [File not signed] S2 ubumapi; C:\Windows\System32\DRIVERS\ubumapi.sys [92160 2012-10-05] (Unibrain) [File not signed] R2 WinDivert1.2; C:\Windows\system32\drivers\WinDivert64.sys [37552 2018-02-02] (Nemea Mjukvaruutveckling AB -> Basil) R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [340880 2020-04-23] (Nox Limited -> Nox Limited Corporation) S0 amdkmafd; system32\DRIVERS\amdkmafd.sys [X] S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] S3 RTL8192su; system32\DRIVERS\RTL8192su.sys [X] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) =================== (If an entry is included in the fixlist, the file/folder will be moved.) 2020-06-23 12:59 - 2020-06-23 12:59 - 001815552 _____ (TODO: ) C:\Users\Tom\AppData\Local\Touchdax.exe 2020-06-23 12:59 - 2020-06-23 12:59 - 001815552 _____ (TODO: ) C:\Users\Tom\AppData\Local\Daltis.exe 2020-06-23 12:59 - 2020-06-23 12:59 - 000278509 _____ C:\Users\Tom\AppData\Local\Touchdax.tst 2020-06-23 12:50 - 2020-06-23 14:15 - 000000000 ____D C:\FRST 2020-06-23 01:50 - 2020-05-18 23:24 - 001729232 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe 2020-06-23 01:50 - 2020-05-18 23:24 - 001729232 _____ C:\Windows\system32\vulkaninfo.exe 2020-06-23 01:50 - 2020-05-18 23:24 - 001329360 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2020-06-23 01:50 - 2020-05-18 23:24 - 001329360 _____ C:\Windows\SysWOW64\vulkaninfo.exe 2020-06-23 01:50 - 2020-05-18 23:24 - 001078992 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll 2020-06-23 01:50 - 2020-05-18 23:24 - 001078992 _____ C:\Windows\system32\vulkan-1.dll 2020-06-23 01:50 - 2020-05-18 23:24 - 000937680 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll 2020-06-23 01:50 - 2020-05-18 23:24 - 000937680 _____ C:\Windows\SysWOW64\vulkan-1.dll 2020-06-23 01:50 - 2020-05-18 23:24 - 000445160 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2020-06-23 01:50 - 2020-05-18 23:24 - 000342944 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2020-06-23 01:50 - 2020-05-18 23:23 - 132262800 _____ (NVIDIA Corp.) C:\Windows\system32\nvoptix.dll 2020-06-23 01:50 - 2020-05-18 23:23 - 040450472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2020-06-23 01:50 - 2020-05-18 23:23 - 031023856 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl64.dll 2020-06-23 01:50 - 2020-05-18 23:23 - 030669544 _____ (NVIDIA Corporation) C:\Windows\system32\nvrtum64.dll 2020-06-23 01:50 - 2020-05-18 23:23 - 026343664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl32.dll 2020-06-23 01:50 - 2020-05-18 23:23 - 011944864 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll 2020-06-23 01:50 - 2020-05-18 23:23 - 010286480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll 2020-06-23 01:50 - 2020-05-18 23:23 - 000419232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2020-06-23 01:50 - 2020-05-18 23:22 - 029696240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2020-06-23 01:50 - 2020-05-18 23:22 - 023060376 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2020-06-23 01:50 - 2020-05-18 23:22 - 017601424 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2020-06-23 01:50 - 2020-05-18 23:22 - 015160208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2020-06-23 01:50 - 2020-05-18 23:22 - 005448432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2020-06-23 01:50 - 2020-05-18 23:22 - 004862888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2020-06-23 01:50 - 2020-05-18 23:22 - 002071792 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2020-06-23 01:50 - 2020-05-18 23:22 - 001722096 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6444614.dll 2020-06-23 01:50 - 2020-05-18 23:22 - 001565080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2020-06-23 01:50 - 2020-05-18 23:22 - 001484184 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6444614.dll 2020-06-23 01:50 - 2020-05-18 23:22 - 001482136 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2020-06-23 01:50 - 2020-05-18 23:22 - 001350568 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll 2020-06-23 01:50 - 2020-05-18 23:22 - 001141672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2020-06-23 01:50 - 2020-05-18 23:22 - 001048488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll 2020-06-23 01:50 - 2020-05-18 23:22 - 000626584 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2020-06-23 01:50 - 2020-05-18 23:22 - 000543984 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2020-06-23 01:50 - 2020-05-18 23:22 - 000516848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2020-06-23 01:50 - 2020-05-18 23:22 - 000471464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2020-06-23 01:50 - 2020-05-18 23:22 - 000428440 _____ C:\Windows\system32\nvofapi64.dll 2020-06-23 01:50 - 2020-05-18 23:22 - 000378776 _____ C:\Windows\SysWOW64\nvofapi.dll 2020-06-23 01:50 - 2020-05-18 23:22 - 000182168 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2020-06-23 01:50 - 2020-05-18 23:22 - 000164264 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2020-06-23 01:50 - 2020-05-18 23:22 - 000158104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2020-06-23 01:50 - 2020-05-18 23:22 - 000144280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2020-06-23 01:50 - 2020-05-18 23:21 - 040556264 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler64.dll 2020-06-23 01:50 - 2020-05-18 23:21 - 035418016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler32.dll 2020-06-23 01:50 - 2020-05-18 23:21 - 000632544 _____ (NVIDIA Corporation) C:\Windows\system32\nvcbl64.dll 2020-06-23 01:50 - 2020-05-18 23:18 - 018527624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2020-06-23 01:50 - 2020-05-18 23:18 - 004216256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2020-06-23 01:07 - 2020-06-23 14:16 - 000004146 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-06-23 01:07 - 2020-06-23 14:16 - 000003940 _____ C:\Windows\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-06-23 01:07 - 2020-06-23 14:16 - 000003798 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-06-23 01:07 - 2020-06-23 08:35 - 000003792 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-06-23 01:07 - 2020-06-23 08:35 - 000003740 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-06-23 01:07 - 2020-06-23 08:35 - 000003706 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-06-23 01:07 - 2020-06-23 08:35 - 000003706 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-06-23 01:07 - 2020-06-23 08:35 - 000003706 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-06-23 01:07 - 2020-06-23 08:35 - 000003706 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-06-23 01:07 - 2020-06-23 08:35 - 000003496 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-06-23 01:07 - 2020-06-23 01:57 - 000001336 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2020-06-23 01:07 - 2020-06-23 01:57 - 000001336 _____ C:\ProgramData\Desktop\GeForce Experience.lnk 2020-06-23 01:07 - 2020-06-23 01:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2020-06-23 01:07 - 2020-05-16 04:57 - 002799416 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2020-06-23 01:07 - 2020-05-16 04:57 - 002159592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2020-06-23 01:07 - 2020-05-16 04:57 - 001314792 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll 2020-06-23 01:07 - 2020-05-16 04:57 - 000170472 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2020-06-23 01:07 - 2020-05-16 04:57 - 000146408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2020-06-23 01:07 - 2020-05-16 04:57 - 000001951 _____ C:\Windows\NvContainerRecovery.bat 2020-06-23 01:07 - 2020-03-11 21:26 - 000067456 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys 2020-06-23 01:07 - 2020-03-06 12:03 - 000069840 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2020-06-23 00:31 - 2020-06-23 00:31 - 000000000 ____D C:\Users\Tom\Documents\Electronic Arts 2020-06-22 23:53 - 2020-06-22 23:53 - 000000879 _____ C:\Users\Public\Desktop\The Sims 3 Complete Collection.lnk 2020-06-22 23:53 - 2020-06-22 23:53 - 000000879 _____ C:\ProgramData\Desktop\The Sims 3 Complete Collection.lnk 2020-06-22 23:53 - 2020-06-22 23:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 3 Complete Collection 2020-06-22 22:45 - 2020-06-22 22:45 - 000000000 ____D C:\Users\Tom\AppData\Roaming\Valve Corporation 2020-06-17 17:20 - 2020-06-17 17:20 - 000440192 _____ C:\Windows\system32\FNTCACHE.DAT 2020-06-16 13:45 - 2020-06-16 13:45 - 000335976 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2020-06-16 13:45 - 2020-06-16 13:45 - 000216824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2020-06-16 13:45 - 2020-06-16 13:45 - 000175208 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2020-06-09 22:41 - 2020-06-09 22:41 - 000001357 _____ C:\Users\Public\Desktop\Foxit Reader.lnk 2020-06-09 22:41 - 2020-06-09 22:41 - 000001357 _____ C:\ProgramData\Desktop\Foxit Reader.lnk 2020-06-09 20:46 - 2020-06-10 10:30 - 000000000 ____D C:\Program Files (x86)\Avast Driver Updater 2020-06-09 20:46 - 2020-06-09 20:46 - 000002501 _____ C:\Users\Public\Desktop\Avast Driver Updater.lnk 2020-06-09 20:46 - 2020-06-09 20:46 - 000002501 _____ C:\ProgramData\Desktop\Avast Driver Updater.lnk 2020-06-09 20:46 - 2020-06-09 20:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Driver Updater 2020-06-09 20:40 - 2020-06-09 20:40 - 000002006 _____ C:\Users\Public\Desktop\Avast Cleanup Premium.lnk 2020-06-09 20:40 - 2020-06-09 20:40 - 000002006 _____ C:\ProgramData\Desktop\Avast Cleanup Premium.lnk 2020-06-09 20:35 - 2020-06-08 12:39 - 000076184 _____ (Avast Software) C:\Windows\system32\icarus_rvrt.exe 2020-05-24 20:59 - 2020-05-29 13:10 - 000000545 _____ C:\Users\Tom\Desktop\Graj w Fallout Tactics.lnk ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2020-06-23 14:16 - 2020-02-13 20:30 - 000003246 _____ C:\Windows\system32\Tasks\{DAAD27AE-7784-46D3-81FF-DB910346FF9F} 2020-06-23 14:16 - 2019-07-12 23:53 - 000003734 _____ C:\Windows\system32\Tasks\KMSAutoNet 2020-06-23 14:16 - 2018-10-25 20:38 - 000003192 _____ C:\Windows\system32\Tasks\{A9AB63B5-76DA-4871-8979-B3CE157EBBB0} 2020-06-23 14:16 - 2018-06-16 22:38 - 000002908 _____ C:\Windows\system32\Tasks\{6D22036A-F9F1-46CE-ACC0-6CBAD19591E4} 2020-06-23 14:16 - 2018-06-16 22:37 - 000002908 _____ C:\Windows\system32\Tasks\{7E8279DA-C43B-4DCA-A9F8-FF170BF119CA} 2020-06-23 14:16 - 2018-03-13 22:23 - 000004550 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier 2020-06-23 14:16 - 2017-12-08 01:20 - 000003860 _____ C:\Windows\system32\Tasks\CCleaner Update 2020-06-23 14:16 - 2017-10-23 20:37 - 000003484 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2020-06-23 14:16 - 2017-10-23 20:37 - 000003356 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2020-06-23 14:16 - 2017-03-02 13:17 - 000003102 _____ C:\Windows\system32\Tasks\{C5458C7B-762C-46ED-A685-291BCB04A15A} 2020-06-23 14:16 - 2017-02-10 00:30 - 000003120 _____ C:\Windows\system32\Tasks\klcp_update 2020-06-23 14:16 - 2017-02-09 22:38 - 000003102 _____ C:\Windows\system32\Tasks\{ECE156F6-ED11-4343-A901-1F2577BCD7D5} 2020-06-23 14:16 - 2017-01-28 11:49 - 000003114 _____ C:\Windows\system32\Tasks\{A15EB195-A810-405B-9379-9E239218EE52} 2020-06-23 14:16 - 2017-01-27 23:11 - 000003114 _____ C:\Windows\system32\Tasks\{B0E0A54D-E98D-4367-9B4B-D27DADE44750} 2020-06-23 14:16 - 2017-01-27 22:12 - 000003108 _____ C:\Windows\system32\Tasks\{B765B0E1-C005-440B-AD74-5AD1F0A71570} 2020-06-23 14:16 - 2016-12-26 21:38 - 000003568 _____ C:\Windows\system32\Tasks\Update Manager 2020-06-23 14:16 - 2016-06-29 22:57 - 000004538 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier 2020-06-23 14:16 - 2015-12-03 21:21 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software 2020-06-23 14:16 - 2013-10-30 10:23 - 000002758 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC 2020-06-23 14:16 - 2012-08-26 10:18 - 000003088 _____ C:\Windows\system32\Tasks\{22ABCC73-BA62-405A-9135-60070EB27A4D} 2020-06-23 14:16 - 2012-04-25 19:21 - 000003328 _____ C:\Windows\system32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2514293450-2326734010-592155787-1000 2020-06-23 14:16 - 2012-04-25 19:21 - 000003190 _____ C:\Windows\system32\Tasks\RealUpgradeLogonTaskS-1-5-21-2514293450-2326734010-592155787-1000 2020-06-23 14:16 - 2012-04-18 10:01 - 000004412 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater 2020-06-23 14:16 - 2011-03-12 12:39 - 000003044 _____ C:\Windows\system32\Tasks\{7B4FF4FA-24E8-4CBA-8401-7D061BBE0BAF} 2020-06-23 14:16 - 2011-02-22 19:02 - 000002868 _____ C:\Windows\system32\Tasks\{742DE948-7295-4427-87D0-194CC0147FD0} 2020-06-23 14:16 - 2011-02-22 09:43 - 000002878 _____ C:\Windows\system32\Tasks\{60005903-247C-4B42-AF09-B61AB8B96D7A} 2020-06-23 13:20 - 2018-01-27 19:19 - 000000000 ____D C:\Users\Tom\AppData\Local\AVAST Software 2020-06-23 12:25 - 2018-11-07 17:30 - 000000000 ____D C:\ProgramData\NVIDIA 2020-06-23 11:30 - 2009-07-14 06:45 - 000032896 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2020-06-23 11:30 - 2009-07-14 06:45 - 000032896 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2020-06-23 11:29 - 2020-02-20 21:16 - 000000000 ____D C:\Users\Tom\AppData\Roaming\VMware 2020-06-23 10:29 - 2016-11-30 20:58 - 000000000 ____D C:\Users\Tom\AppData\Roaming\Origin 2020-06-23 10:24 - 2017-03-02 11:50 - 000000000 ____D C:\Users\Tom\AppData\Local\Ubisoft Game Launcher 2020-06-23 08:37 - 2011-02-23 19:32 - 030895644 _____ C:\Windows\system32\perfh015.dat 2020-06-23 08:37 - 2011-02-23 19:32 - 010577956 _____ C:\Windows\system32\perfc015.dat 2020-06-23 08:37 - 2009-07-14 07:13 - 000007414 _____ C:\Windows\system32\PerfStringBackup.INI 2020-06-23 08:31 - 2017-04-05 08:25 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update 2020-06-23 08:30 - 2020-02-13 00:39 - 000025608 _____ (SlimWare Utilities, Inc.) C:\Windows\system32\Drivers\SWDUMon.sys 2020-06-23 08:30 - 2020-02-13 00:39 - 000002900 _____ C:\Windows\system32\Tasks\Avast Driver Updater Startup 2020-06-23 08:30 - 2020-02-13 00:39 - 000000478 _____ C:\Windows\Tasks\Avast Driver Updater Startup.job 2020-06-23 08:30 - 2018-11-07 17:31 - 000000000 ____D C:\Users\Tom\AppData\Local\NVIDIA Corporation 2020-06-23 08:28 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2020-06-23 01:58 - 2011-04-14 12:11 - 000000000 ____D C:\Users\Tom\Documents\Outlook Files 2020-06-23 01:57 - 2018-11-07 17:29 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2020-06-23 01:57 - 2011-02-22 09:15 - 000000000 ____D C:\Program Files (x86)\IrfanView 2020-06-23 01:56 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf 2020-06-23 01:55 - 2011-02-22 08:56 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2020-06-23 01:55 - 2011-02-22 08:56 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2020-06-23 01:54 - 2012-10-04 11:07 - 000000000 ____D C:\temp 2020-06-23 01:53 - 2018-11-07 17:30 - 000000000 ____D C:\Users\Tom\AppData\Local\NVIDIA 2020-06-23 01:48 - 2018-10-18 08:24 - 000000000 ____D C:\Program Files\NVIDIA 2020-06-23 01:21 - 2011-02-22 19:43 - 000000000 ____D C:\Users\Tom\AppData\Local\GHISLER 2020-06-23 01:04 - 2011-02-23 19:02 - 000000000 ____D C:\Users\Tom\AppData\Roaming\uTorrent 2020-06-22 23:53 - 2016-05-14 12:49 - 000000000 ____D C:\Windows\SysWOW64\directx 2020-06-22 23:00 - 2017-01-01 15:20 - 000000000 ____D C:\Users\Tom\AppData\LocalLow\Mozilla 2020-06-22 22:46 - 2019-06-08 15:06 - 000000000 ____D C:\Users\Tom\AppData\Local\BitTorrentHelper 2020-06-19 22:37 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF 2020-06-19 22:10 - 2017-02-21 08:23 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2020-06-19 22:08 - 2009-07-14 05:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared 2020-06-19 22:06 - 2011-03-13 10:26 - 000000000 ____D C:\Program Files\Microsoft Office 2020-06-18 09:45 - 2017-10-23 20:38 - 000002230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-06-18 09:45 - 2017-10-23 20:38 - 000002189 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2020-06-18 09:45 - 2017-10-23 20:38 - 000002189 _____ C:\ProgramData\Desktop\Google Chrome.lnk 2020-06-17 19:22 - 2019-04-17 19:44 - 000003732 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) 2020-06-17 19:22 - 2018-09-10 12:17 - 000002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk 2020-06-17 18:23 - 2020-04-18 20:08 - 000000000 ____D C:\Users\Tom\AppData\Roaming\.minecraft 2020-06-17 09:02 - 2017-05-23 20:39 - 000000000 ____D C:\Users\Tom\AppData\Local\CrashDumps 2020-06-16 13:46 - 2013-03-19 07:32 - 000322256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys 2020-06-16 13:46 - 2011-09-24 19:23 - 000462592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2020-06-16 13:45 - 2020-04-04 21:36 - 000506152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys 2020-06-16 13:45 - 2019-01-17 17:39 - 000235088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys 2020-06-16 13:45 - 2019-01-16 21:06 - 000178768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys 2020-06-16 13:45 - 2019-01-16 21:06 - 000060496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys 2020-06-16 13:45 - 2018-10-18 22:21 - 000042784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2020-06-16 13:45 - 2017-11-15 23:58 - 000205896 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys 2020-06-16 13:45 - 2013-03-19 07:32 - 000084856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2020-06-16 13:45 - 2012-03-24 15:46 - 000109280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2020-06-16 13:45 - 2011-09-24 19:23 - 000851608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2020-06-15 10:02 - 2019-07-12 23:53 - 000000000 ____D C:\ProgramData\KMSAutoS 2020-06-10 14:08 - 2012-04-18 10:01 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe 2020-06-10 14:08 - 2011-11-21 08:37 - 000000000 ____D C:\Windows\system32\Macromed 2020-06-10 14:08 - 2011-05-16 13:57 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2020-06-10 14:08 - 2011-02-22 09:12 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2020-06-10 10:21 - 2011-03-16 20:12 - 000000000 ____D C:\Program Files\WinRAR 2020-06-09 22:45 - 2017-04-03 18:51 - 000000702 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk 2020-06-09 22:45 - 2017-04-03 18:51 - 000000702 _____ C:\ProgramData\Desktop\TeamSpeak 3 Client.lnk 2020-06-09 22:45 - 2017-04-03 18:51 - 000000652 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk 2020-06-09 22:43 - 2011-03-16 20:12 - 000000000 ____D C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2020-06-09 22:43 - 2011-03-16 20:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2020-06-09 22:43 - 2011-02-22 09:43 - 000000000 ____D C:\Users\Tom\AppData\Roaming\Skype 2020-06-09 22:42 - 2018-03-01 21:45 - 000001312 _____ C:\Users\Public\Desktop\Skype.lnk 2020-06-09 22:42 - 2018-03-01 21:45 - 000001312 _____ C:\ProgramData\Desktop\Skype.lnk 2020-06-09 22:42 - 2018-03-01 21:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2020-06-09 22:41 - 2019-04-24 23:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader 2020-06-09 20:41 - 2011-09-24 19:22 - 000000000 ____D C:\ProgramData\AVAST Software 2020-06-09 20:35 - 2017-12-06 20:41 - 000000000 ____D C:\Program Files\Common Files\Avast Software 2020-06-09 20:35 - 2011-09-24 19:22 - 000000000 ____D C:\Program Files\AVAST Software 2020-06-08 13:08 - 2011-02-22 09:15 - 000000000 ____D C:\Users\Tom\AppData\Roaming\IrfanView 2020-06-04 10:56 - 2015-05-17 18:56 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2020-06-01 23:19 - 2009-07-14 09:45 - 000000000 ___RD C:\Users\Public\Recorded TV 2020-05-28 19:02 - 2016-08-24 12:08 - 000000668 _____ C:\Users\Public\Desktop\CCleaner.lnk 2020-05-28 19:02 - 2016-08-24 12:08 - 000000668 _____ C:\ProgramData\Desktop\CCleaner.lnk ==================== Files in the root of some directories ======== 2018-02-02 00:41 - 2018-02-02 00:51 - 000000004 _____ () C:\ProgramData\lock.dat 2013-09-13 23:38 - 2014-11-13 00:33 - 000000237 _____ () C:\Users\Tom\AppData\Roaming\WB.CFG 2018-02-02 00:33 - 2018-02-02 00:33 - 007570944 _____ () C:\Users\Tom\AppData\Local\agent.dat 2018-02-02 00:33 - 2018-02-02 00:33 - 000070896 _____ () C:\Users\Tom\AppData\Local\Config.xml 2020-06-23 12:59 - 2020-06-23 12:59 - 001815552 _____ (TODO: ) C:\Users\Tom\AppData\Local\Daltis.exe 2018-02-02 00:33 - 2018-02-02 00:33 - 001981199 _____ () C:\Users\Tom\AppData\Local\Daltis.tst 2017-01-27 08:45 - 2017-01-27 08:45 - 000001213 _____ () C:\Users\Tom\AppData\Local\Facebook — skrót.lnk 2018-02-02 00:32 - 2018-02-02 00:32 - 000140800 _____ () C:\Users\Tom\AppData\Local\installer.dat 2018-02-02 00:33 - 2018-02-02 00:33 - 000005568 _____ () C:\Users\Tom\AppData\Local\md.xml 2018-02-02 00:33 - 2018-02-02 00:33 - 000126464 _____ () C:\Users\Tom\AppData\Local\noah.dat 2011-11-27 15:43 - 2013-03-10 11:55 - 000007603 _____ () C:\Users\Tom\AppData\Local\Resmon.ResmonCfg 2018-02-02 00:34 - 2018-02-02 00:34 - 001895383 _____ () C:\Users\Tom\AppData\Local\Standox.bin 2020-06-23 12:59 - 2020-06-23 12:59 - 001815552 _____ (TODO: ) C:\Users\Tom\AppData\Local\Touchdax.exe 2020-06-23 12:59 - 2020-06-23 12:59 - 000278509 _____ () C:\Users\Tom\AppData\Local\Touchdax.tst 2018-02-02 00:35 - 2018-02-02 00:35 - 000032038 _____ () C:\Users\Tom\AppData\Local\uninstall_temp.ico 2020-04-23 12:36 - 2020-04-23 12:45 - 000000069 _____ () C:\Users\Tom\AppData\Local\update_progress.txt ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) LastRegBack: 2020-06-17 20:59 ==================== End of FRST.txt ========================