Wrzucaj teksty, notatki, kody i linki

Kopiuj, wklej i podziel się bez ograniczeń

Treść schowka:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-09-2016 ([color=red]ATTENTION: ====> FRSTversion is 1325 days old and could be outdated[/color])
Ran by Rafal (administrator) on RAFAL-PC (15-05-2020 13:17:04)
Running from C:\Users\Rafal\Downloads
Loaded Profiles: Rafal & UpdatusUser (Available Profiles: Rafal & UpdatusUser)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Angielski (Stany Zjednoczone)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\AvrcpService.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
(Valve Corporation) E:\Steam\steam.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Discord Inc.) C:\Users\Rafal\AppData\Local\Discord\app-0.0.306\Discord.exe
() C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
(McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(Microsoft) C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Discord Inc.) C:\Users\Rafal\AppData\Local\Discord\app-0.0.306\Discord.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\RtkBleServ.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\SkypePlugin.exe
(Discord Inc.) C:\Users\Rafal\AppData\Local\Discord\app-0.0.306\Discord.exe
(Discord Inc.) C:\Users\Rafal\AppData\Local\Discord\app-0.0.306\Discord.exe
(Discord Inc.) C:\Users\Rafal\AppData\Local\Discord\app-0.0.306\Discord.exe
(Valve Corporation) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Discord Inc.) C:\Users\Rafal\AppData\Local\Discord\app-0.0.306\Discord.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13538376 2013-05-21] (Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [253440 2013-04-23] (Realtek Semiconductor Corporation)
HKLM\...\Run: [IAStorIcon] => "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2875728 2013-03-04] (ELAN Microelectronics Corp.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [277664 2020-02-25] (AVAST Software)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [62620472 2020-03-18] (Discord Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1193567628-3741132159-961158197-1000\...\Run: [DAEMON Tools Lite] => E:\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1193567628-3741132159-961158197-1000\...\Run: [Steam] => E:\Steam\steam.exe [3372832 2020-04-28] (Valve Corporation)
HKU\S-1-5-21-1193567628-3741132159-961158197-1000\...\Run: [Discord] => C:\Users\Rafal\AppData\Local\Discord\app-0.0.306\Discord.exe [90950968 2020-02-24] (Discord Inc.)
HKU\S-1-5-21-1193567628-3741132159-961158197-1000\...\MountPoints2: {1dfcf80b-7e2c-11ea-a3a5-54271e251c25} - H:\Lenovo_Suite.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-12-15] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [170688 2016-10-22] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [148016 2016-10-22] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-02-25] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-02-25] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Windows Updater.lnk [2014-12-20]
ShortcutTarget: Windows Updater.lnk -> C:\Program Files (x86)\Windows Updater\Win_Updater.exe (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.55.1
Tcpip\..\Interfaces\{0BB45136-EB35-4031-AC8F-38BC4BEEC8AA}: [NameServer] 193.41.112.14 193.41.112.18
Tcpip\..\Interfaces\{0BC8CA51-D28F-4757-A5DC-3220937AB807}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{0D6C964A-665F-4E01-ADF9-6B5BBCEA6784}: [DhcpNameServer] 192.168.55.1
Tcpip\..\Interfaces\{2AE1FEB4-C346-4D53-BD75-70B3D8C16E6F}: [NameServer] 193.41.112.14 193.41.112.18
Tcpip\..\Interfaces\{4DFCEAF1-D653-48F0-91FF-39FD8AD4D5E5}: [NameServer] 193.41.112.14 193.41.112.18
Tcpip\..\Interfaces\{62DD25DE-078E-4E77-B168-B0018272E603}: [DhcpNameServer] 192.168.1.1 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp120150423
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp120150423
HKU\S-1-5-21-1193567628-3741132159-961158197-1000\Software\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp120150423
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2020-04-21] (McAfee, LLC)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-17] (Oracle Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2020-04-21] (McAfee, LLC)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-17] (Oracle Corporation)

FireFox:
========
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-02-15] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-02-15] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-17] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1193567628-3741132159-961158197-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-09-12] ()
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (No Name) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2020-04-21]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi

Chrome: 
=======
CHR Profile: C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default [2020-05-15]
CHR Extension: (Prezentacje) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Dokumenty) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Dysk Google) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google Search) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (Arkusze) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (LoungeDestroyer) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghahcnmfjfckcedfajbhekgknjdplfcl [2018-09-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-21]
CHR Extension: (Hola Free VPN, unblock any site!) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2020-05-14]
CHR Extension: (Avast Online Security) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-02-29]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-09]
CHR Extension: (e-pity - dodatek) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofoeigeaodhbjogdigckajfhjbonaofg [2020-02-29]
CHR Extension: (Gmail) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-16]
CHR Profile: C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-04-16]
CHR Extension: (Prezentacje) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-04-16]
CHR Extension: (Dokumenty) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2020-04-16]
CHR Extension: (Dysk Google) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-04-16]
CHR Extension: (YouTube) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-16]
CHR Extension: (Adobe Acrobat) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-04-16]
CHR Extension: (Avast SafePrice 
 Porównania, promocje, kupony) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-04-16]
CHR Extension: (Arkusze) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-04-16]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2020-04-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-16]
CHR Extension: (Avast Online Security) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-04-16]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-16]
CHR Extension: (e-pity - dodatek) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ofoeigeaodhbjogdigckajfhjbonaofg [2020-04-16]
CHR Extension: (Gmail) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-04-16]
CHR Extension: (Chrome Media Router) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-16]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [ofoeigeaodhbjogdigckajfhjbonaofg] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6046624 2020-02-25] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-26] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [413472 2020-02-25] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-26] (AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\81.0.4053.113\elevation_service.exe [954600 2020-04-19] (AVAST Software)
R2 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [35328 2013-04-02] (Realtek Semiconductor Corporation) [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6971400 2017-12-06] ()
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [47104 2013-04-25] () [File not signed]
S3 GoogleChromeElevationService; C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.138\elevation_service.exe [1095664 2020-05-02] (Google LLC)
S2 Hkhlp; C:\Program Files (x86)\Common Files\Apps\Hkhlp.dll [280576 2016-09-27] () [File not signed]
R2 Huawei E3272; C:\ProgramData\MobileBrServ\mbbservice.exe [240720 2013-12-03] ()
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-10-28] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-03-22] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [678480 2013-12-19] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-02-15] (Intel Corporation)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [916712 2020-04-21] (McAfee, LLC)
R2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [52152 2017-06-06] (Microsoft)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-10-22] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2466608 2019-11-19] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3344176 2019-11-19] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-01-09] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe [272024 2007-05-14] ()
R2 RtkBleServ; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe [42496 2013-04-25] (Realtek Semiconductor Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37864 2020-02-25] (AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205576 2020-02-25] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [271120 2020-02-25] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [206608 2020-02-25] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [64272 2020-02-25] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [279360 2020-02-25] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42976 2020-02-25] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [175400 2020-02-25] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110560 2020-02-25] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84056 2020-02-25] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [848672 2020-02-25] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [458584 2020-03-14] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [235184 2020-02-25] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [316256 2020-02-25] (AVAST Software)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-07-24] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 hwusb_cdcacm; C:\Windows\System32\DRIVERS\ew_cdcacm.sys [121728 2013-12-19] (Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\Windows\System32\DRIVERS\ew_wwanecm.sys [376448 2013-12-19] (Huawei Technologies Co., Ltd.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-03-22] (Intel Corporation)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [118504 2012-12-19] (Qualcomm Atheros Co., Ltd.)
R3 RtkBtFilter; C:\Windows\System32\DRIVERS\RtkBtfilter.sys [535624 2013-03-28] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [1514568 2013-05-02] (Realtek Semiconductor Corporation                           )

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-15 13:17 - 2020-05-15 13:17 - 00024293 _____ C:\Users\Rafal\Downloads\FRST.txt
2020-05-15 13:16 - 2020-05-15 13:17 - 00000000 ____D C:\FRST
2020-05-15 12:32 - 2020-05-15 12:42 - 425640724 _____ C:\Users\Rafal\Downloads\Ex Na Plaży s02e07.exe
2020-05-15 12:32 - 2020-05-15 12:41 - 431038276 _____ C:\Users\Rafal\Downloads\Ex Na Plaży s02e08.exe
2020-05-15 12:32 - 2020-05-15 12:41 - 427011476 _____ C:\Users\Rafal\Downloads\Ex Na Plaży s02e05.exe
2020-05-15 12:32 - 2020-05-15 12:41 - 426365796 _____ C:\Users\Rafal\Downloads\Ex Na Plaży s02e02.exe
2020-05-15 12:32 - 2020-05-15 12:41 - 423835044 _____ C:\Users\Rafal\Downloads\Ex Na Plaży s02e06.exe
2020-05-15 12:32 - 2020-05-15 12:41 - 423179028 _____ C:\Users\Rafal\Downloads\Ex Na Plaży s02e04.exe
2020-05-15 12:32 - 2020-05-15 12:40 - 429411636 _____ C:\Users\Rafal\Downloads\Ex Na Plaży s02e01.exe
2020-05-15 12:32 - 2020-05-15 12:40 - 426831332 _____ C:\Users\Rafal\Downloads\Ex Na Plaży s02e03.exe
2020-05-13 14:15 - 2020-05-13 14:19 - 00000000 ____D C:\Users\Rafal\Desktop\cfg cs go 2020
2020-05-12 20:27 - 2020-05-12 20:27 - 00358391 _____ C:\Users\Rafal\Downloads\Krzysztofik_Hubert-.pdf
2020-05-09 18:42 - 2020-05-09 18:42 - 00492188 _____ C:\Users\Rafal\Downloads\Ćwiczenia ORSiZGRiZ_SN_Jan Bodziarczyk.pdf
2020-04-30 16:40 - 2020-04-30 16:40 - 01123731 _____ C:\Users\Rafal\Downloads\wykład 3 NM.pdf
2020-04-28 16:54 - 2020-04-28 16:54 - 03308394 _____ C:\Users\Rafal\Downloads\wykład 2 NM.pdf
2020-04-25 12:05 - 2020-04-25 12:05 - 00376927 _____ C:\Users\Rafal\Downloads\wykład 1 NM (2).pdf
2020-04-25 08:39 - 2020-04-25 08:39 - 00376927 _____ C:\Users\Rafal\Downloads\wykład 1 NM (1).pdf
2020-04-21 18:01 - 2020-04-21 18:01 - 00176353 _____ C:\Users\Rafal\Downloads\Sprawozdanie-Hubert Krzysztofik-Gr B2-skonwertowany.pdf
2020-04-21 16:47 - 2020-04-21 17:14 - 00028048 ____H C:\Users\Rafal\Desktop\~WRL2826.tmp
2020-04-20 12:45 - 2020-04-20 12:45 - 16569356 _____ C:\Users\Rafal\Downloads\Ochrona rzadkich siedlisk 2020 w2.pdf
2020-04-20 12:40 - 2020-04-20 12:40 - 15921368 _____ C:\Users\Rafal\Downloads\Ochrona rzadkich siedlisk 2020 w1 (1).pdf
2020-04-20 12:37 - 2020-04-20 12:37 - 00376927 _____ C:\Users\Rafal\Downloads\wykład 1 NM.pdf
2020-04-18 09:16 - 2020-04-18 09:16 - 01498930 _____ C:\Users\Rafal\Downloads\Ćwiczenie_zielarka_Prezentacja.pptx

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-15 13:16 - 2016-12-23 13:30 - 00000000 ____D C:\Users\Rafal\AppData\Roaming\uTorrent
2020-05-15 13:13 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2020-05-15 12:59 - 2020-03-18 18:34 - 00000000 ____D C:\Users\Rafal\AppData\Roaming\discord
2020-05-15 12:37 - 2016-10-11 11:10 - 00000000 ___HD C:\Program Files\Common Files\EAInstaller
2020-05-15 12:28 - 2020-03-18 18:34 - 00000000 ____D C:\Program Files (x86)\bookingDesktopApp
2020-05-15 12:06 - 2009-07-14 06:45 - 00017152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-05-15 12:06 - 2009-07-14 06:45 - 00017152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-05-15 11:56 - 2014-07-12 14:35 - 00000000 ____D C:\ProgramData\Realtek
2020-05-15 11:56 - 2014-07-12 14:33 - 00000000 ____D C:\ProgramData\NVIDIA
2020-05-15 11:56 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2020-05-14 22:29 - 2020-02-29 13:24 - 00003972 _____ C:\Windows\System32\Tasks\e-pity2019a_kwiecien
2020-05-14 22:29 - 2020-02-29 13:24 - 00003972 _____ C:\Windows\System32\Tasks\e-pity2019_styczen
2020-05-14 22:29 - 2017-09-23 15:43 - 00002946 _____ C:\Windows\System32\Tasks\{FE5DC747-7FC3-4FB8-B95F-A60BF79D35BF}
2020-05-14 22:29 - 2015-12-04 20:18 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2020-05-14 22:29 - 2015-06-25 19:52 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2020-05-14 22:29 - 2014-12-13 17:55 - 00003058 _____ C:\Windows\System32\Tasks\{FF071DC6-D034-4177-ACA1-113CC46BA027}
2020-05-14 22:29 - 2014-09-22 22:25 - 00003118 _____ C:\Windows\System32\Tasks\{E8A2A072-A991-47FA-9E86-46647E0ADAAB}
2020-05-14 22:29 - 2014-07-16 00:57 - 00003484 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2020-05-14 22:29 - 2014-07-16 00:57 - 00003356 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2020-05-13 13:57 - 2019-04-11 22:13 - 00003732 _____ C:\Windows\System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2020-05-13 13:57 - 2019-04-11 22:13 - 00003150 _____ C:\Windows\System32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2020-05-13 13:57 - 2018-03-26 23:11 - 00002429 ____N C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2020-05-13 13:57 - 2018-03-26 23:11 - 00002386 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2020-05-12 20:21 - 2018-09-24 13:07 - 00002059 ____N C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-05-12 19:59 - 2016-11-04 18:13 - 00000000 ____D C:\Users\Rafal\AppData\Local\CrashDumps
2020-05-06 18:28 - 2020-04-10 14:21 - 00000204 _____ C:\Users\Rafal\Desktop\ruletki daily.txt
2020-05-06 13:55 - 2014-07-20 12:29 - 00002224 ____N C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-05-06 13:55 - 2014-07-20 12:29 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-04-26 13:34 - 2017-08-17 12:28 - 00004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2020-04-17 16:51 - 2014-07-12 15:19 - 00741694 _____ C:\Windows\system32\perfh015.dat
2020-04-17 16:51 - 2014-07-12 15:19 - 00156734 _____ C:\Windows\system32\perfc015.dat
2020-04-17 16:51 - 2009-07-14 07:13 - 01673940 _____ C:\Windows\system32\PerfStringBackup.INI
2020-04-17 16:51 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf

==================== Files in the root of some directories =======

2014-07-12 14:36 - 2020-05-15 11:58 - 0049659 _____ () C:\Users\Rafal\AppData\Local\BTServer.log

Some files in TEMP:
====================
C:\Users\Rafal\AppData\Local\Temp\DllMonoCtrl.dll
C:\Users\Rafal\AppData\Local\Temp\h-ckambn.dll
C:\Users\Rafal\AppData\Local\Temp\ipl1766.tmp.exe
C:\Users\Rafal\AppData\Local\Temp\libeay32.dll
C:\Users\Rafal\AppData\Local\Temp\msvcr120.dll
C:\Users\Rafal\AppData\Local\Temp\ntdll.dll
C:\Users\Rafal\AppData\Local\Temp\SHELL32.dll
C:\Users\Rafal\AppData\Local\Temp\sqlite3.dll
C:\Users\Rafal\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2020-05-07 19:49

==================== End of FRST.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-09-2016 ([color=red]ATTENTION: ====> FRSTversion is 1325 days old and could be outdated[/color])
Ran by Rafal (administrator) on RAFAL-PC (15-05-2020 13:17:04)
Running from C:\Users\Rafal\Downloads
Loaded Profiles: Rafal & UpdatusUser (Available Profiles: Rafal & UpdatusUser)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Angielski (Stany Zjednoczone)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\AvrcpService.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
(Valve Corporation) E:\Steam\steam.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Discord Inc.) C:\Users\Rafal\AppData\Local\Discord\app-0.0.306\Discord.exe
() C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
(McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(Microsoft) C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Discord Inc.) C:\Users\Rafal\AppData\Local\Discord\app-0.0.306\Discord.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\RtkBleServ.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\SkypePlugin.exe
(Discord Inc.) C:\Users\Rafal\AppData\Local\Discord\app-0.0.306\Discord.exe
(Discord Inc.) C:\Users\Rafal\AppData\Local\Discord\app-0.0.306\Discord.exe
(Discord Inc.) C:\Users\Rafal\AppData\Local\Discord\app-0.0.306\Discord.exe
(Valve Corporation) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Discord Inc.) C:\Users\Rafal\AppData\Local\Discord\app-0.0.306\Discord.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13538376 2013-05-21] (Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [253440 2013-04-23] (Realtek Semiconductor Corporation)
HKLM\...\Run: [IAStorIcon] => "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2875728 2013-03-04] (ELAN Microelectronics Corp.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [277664 2020-02-25] (AVAST Software)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [62620472 2020-03-18] (Discord Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1193567628-3741132159-961158197-1000\...\Run: [DAEMON Tools Lite] => E:\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1193567628-3741132159-961158197-1000\...\Run: [Steam] => E:\Steam\steam.exe [3372832 2020-04-28] (Valve Corporation)
HKU\S-1-5-21-1193567628-3741132159-961158197-1000\...\Run: [Discord] => C:\Users\Rafal\AppData\Local\Discord\app-0.0.306\Discord.exe [90950968 2020-02-24] (Discord Inc.)
HKU\S-1-5-21-1193567628-3741132159-961158197-1000\...\MountPoints2: {1dfcf80b-7e2c-11ea-a3a5-54271e251c25} - H:\Lenovo_Suite.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-12-15] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [170688 2016-10-22] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [148016 2016-10-22] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-02-25] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-02-25] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Windows Updater.lnk [2014-12-20]
ShortcutTarget: Windows Updater.lnk -> C:\Program Files (x86)\Windows Updater\Win_Updater.exe (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.55.1
Tcpip\..\Interfaces\{0BB45136-EB35-4031-AC8F-38BC4BEEC8AA}: [NameServer] 193.41.112.14 193.41.112.18
Tcpip\..\Interfaces\{0BC8CA51-D28F-4757-A5DC-3220937AB807}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{0D6C964A-665F-4E01-ADF9-6B5BBCEA6784}: [DhcpNameServer] 192.168.55.1
Tcpip\..\Interfaces\{2AE1FEB4-C346-4D53-BD75-70B3D8C16E6F}: [NameServer] 193.41.112.14 193.41.112.18
Tcpip\..\Interfaces\{4DFCEAF1-D653-48F0-91FF-39FD8AD4D5E5}: [NameServer] 193.41.112.14 193.41.112.18
Tcpip\..\Interfaces\{62DD25DE-078E-4E77-B168-B0018272E603}: [DhcpNameServer] 192.168.1.1 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp120150423
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp120150423
HKU\S-1-5-21-1193567628-3741132159-961158197-1000\Software\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp120150423
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2020-04-21] (McAfee, LLC)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-17] (Oracle Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2020-04-21] (McAfee, LLC)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-17] (Oracle Corporation)

FireFox:
========
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-02-15] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-02-15] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-17] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1193567628-3741132159-961158197-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-09-12] ()
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (No Name) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2020-04-21]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi

Chrome: 
=======
CHR Profile: C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default [2020-05-15]
CHR Extension: (Prezentacje) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Dokumenty) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Dysk Google) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google Search) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (Arkusze) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (LoungeDestroyer) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghahcnmfjfckcedfajbhekgknjdplfcl [2018-09-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-21]
CHR Extension: (Hola Free VPN, unblock any site!) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2020-05-14]
CHR Extension: (Avast Online Security) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-02-29]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-09]
CHR Extension: (e-pity - dodatek) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofoeigeaodhbjogdigckajfhjbonaofg [2020-02-29]
CHR Extension: (Gmail) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-16]
CHR Profile: C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-04-16]
CHR Extension: (Prezentacje) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-04-16]
CHR Extension: (Dokumenty) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2020-04-16]
CHR Extension: (Dysk Google) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-04-16]
CHR Extension: (YouTube) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-16]
CHR Extension: (Adobe Acrobat) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-04-16]
CHR Extension: (Avast SafePrice 
 Porównania, promocje, kupony) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-04-16]
CHR Extension: (Arkusze) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-04-16]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2020-04-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-16]
CHR Extension: (Avast Online Security) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-04-16]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-16]
CHR Extension: (e-pity - dodatek) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ofoeigeaodhbjogdigckajfhjbonaofg [2020-04-16]
CHR Extension: (Gmail) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-04-16]
CHR Extension: (Chrome Media Router) - C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-16]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [ofoeigeaodhbjogdigckajfhjbonaofg] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6046624 2020-02-25] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-26] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [413472 2020-02-25] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-26] (AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\81.0.4053.113\elevation_service.exe [954600 2020-04-19] (AVAST Software)
R2 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [35328 2013-04-02] (Realtek Semiconductor Corporation) [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6971400 2017-12-06] ()
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [47104 2013-04-25] () [File not signed]
S3 GoogleChromeElevationService; C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.138\elevation_service.exe [1095664 2020-05-02] (Google LLC)
S2 Hkhlp; C:\Program Files (x86)\Common Files\Apps\Hkhlp.dll [280576 2016-09-27] () [File not signed]
R2 Huawei E3272; C:\ProgramData\MobileBrServ\mbbservice.exe [240720 2013-12-03] ()
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-10-28] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-03-22] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [678480 2013-12-19] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-02-15] (Intel Corporation)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [916712 2020-04-21] (McAfee, LLC)
R2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [52152 2017-06-06] (Microsoft)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-10-22] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2466608 2019-11-19] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3344176 2019-11-19] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-01-09] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe [272024 2007-05-14] ()
R2 RtkBleServ; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe [42496 2013-04-25] (Realtek Semiconductor Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37864 2020-02-25] (AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205576 2020-02-25] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [271120 2020-02-25] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [206608 2020-02-25] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [64272 2020-02-25] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [279360 2020-02-25] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42976 2020-02-25] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [175400 2020-02-25] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110560 2020-02-25] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84056 2020-02-25] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [848672 2020-02-25] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [458584 2020-03-14] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [235184 2020-02-25] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [316256 2020-02-25] (AVAST Software)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-07-24] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 hwusb_cdcacm; C:\Windows\System32\DRIVERS\ew_cdcacm.sys [121728 2013-12-19] (Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\Windows\System32\DRIVERS\ew_wwanecm.sys [376448 2013-12-19] (Huawei Technologies Co., Ltd.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-03-22] (Intel Corporation)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [118504 2012-12-19] (Qualcomm Atheros Co., Ltd.)
R3 RtkBtFilter; C:\Windows\System32\DRIVERS\RtkBtfilter.sys [535624 2013-03-28] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [1514568 2013-05-02] (Realtek Semiconductor Corporation                           )

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-15 13:17 - 2020-05-15 13:17 - 00024293 _____ C:\Users\Rafal\Downloads\FRST.txt
2020-05-15 13:16 - 2020-05-15 13:17 - 00000000 ____D C:\FRST
2020-05-15 12:32 - 2020-05-15 12:42 - 425640724 _____ C:\Users\Rafal\Downloads\Ex Na Plaży s02e07.exe
2020-05-15 12:32 - 2020-05-15 12:41 - 431038276 _____ C:\Users\Rafal\Downloads\Ex Na Plaży s02e08.exe
2020-05-15 12:32 - 2020-05-15 12:41 - 427011476 _____ C:\Users\Rafal\Downloads\Ex Na Plaży s02e05.exe
2020-05-15 12:32 - 2020-05-15 12:41 - 426365796 _____ C:\Users\Rafal\Downloads\Ex Na Plaży s02e02.exe
2020-05-15 12:32 - 2020-05-15 12:41 - 423835044 _____ C:\Users\Rafal\Downloads\Ex Na Plaży s02e06.exe
2020-05-15 12:32 - 2020-05-15 12:41 - 423179028 _____ C:\Users\Rafal\Downloads\Ex Na Plaży s02e04.exe
2020-05-15 12:32 - 2020-05-15 12:40 - 429411636 _____ C:\Users\Rafal\Downloads\Ex Na Plaży s02e01.exe
2020-05-15 12:32 - 2020-05-15 12:40 - 426831332 _____ C:\Users\Rafal\Downloads\Ex Na Plaży s02e03.exe
2020-05-13 14:15 - 2020-05-13 14:19 - 00000000 ____D C:\Users\Rafal\Desktop\cfg cs go 2020
2020-05-12 20:27 - 2020-05-12 20:27 - 00358391 _____ C:\Users\Rafal\Downloads\Krzysztofik_Hubert-.pdf
2020-05-09 18:42 - 2020-05-09 18:42 - 00492188 _____ C:\Users\Rafal\Downloads\Ćwiczenia ORSiZGRiZ_SN_Jan Bodziarczyk.pdf
2020-04-30 16:40 - 2020-04-30 16:40 - 01123731 _____ C:\Users\Rafal\Downloads\wykład 3 NM.pdf
2020-04-28 16:54 - 2020-04-28 16:54 - 03308394 _____ C:\Users\Rafal\Downloads\wykład 2 NM.pdf
2020-04-25 12:05 - 2020-04-25 12:05 - 00376927 _____ C:\Users\Rafal\Downloads\wykład 1 NM (2).pdf
2020-04-25 08:39 - 2020-04-25 08:39 - 00376927 _____ C:\Users\Rafal\Downloads\wykład 1 NM (1).pdf
2020-04-21 18:01 - 2020-04-21 18:01 - 00176353 _____ C:\Users\Rafal\Downloads\Sprawozdanie-Hubert Krzysztofik-Gr B2-skonwertowany.pdf
2020-04-21 16:47 - 2020-04-21 17:14 - 00028048 ____H C:\Users\Rafal\Desktop\~WRL2826.tmp
2020-04-20 12:45 - 2020-04-20 12:45 - 16569356 _____ C:\Users\Rafal\Downloads\Ochrona rzadkich siedlisk 2020 w2.pdf
2020-04-20 12:40 - 2020-04-20 12:40 - 15921368 _____ C:\Users\Rafal\Downloads\Ochrona rzadkich siedlisk 2020 w1 (1).pdf
2020-04-20 12:37 - 2020-04-20 12:37 - 00376927 _____ C:\Users\Rafal\Downloads\wykład 1 NM.pdf
2020-04-18 09:16 - 2020-04-18 09:16 - 01498930 _____ C:\Users\Rafal\Downloads\Ćwiczenie_zielarka_Prezentacja.pptx

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-15 13:16 - 2016-12-23 13:30 - 00000000 ____D C:\Users\Rafal\AppData\Roaming\uTorrent
2020-05-15 13:13 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2020-05-15 12:59 - 2020-03-18 18:34 - 00000000 ____D C:\Users\Rafal\AppData\Roaming\discord
2020-05-15 12:37 - 2016-10-11 11:10 - 00000000 ___HD C:\Program Files\Common Files\EAInstaller
2020-05-15 12:28 - 2020-03-18 18:34 - 00000000 ____D C:\Program Files (x86)\bookingDesktopApp
2020-05-15 12:06 - 2009-07-14 06:45 - 00017152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-05-15 12:06 - 2009-07-14 06:45 - 00017152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-05-15 11:56 - 2014-07-12 14:35 - 00000000 ____D C:\ProgramData\Realtek
2020-05-15 11:56 - 2014-07-12 14:33 - 00000000 ____D C:\ProgramData\NVIDIA
2020-05-15 11:56 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2020-05-14 22:29 - 2020-02-29 13:24 - 00003972 _____ C:\Windows\System32\Tasks\e-pity2019a_kwiecien
2020-05-14 22:29 - 2020-02-29 13:24 - 00003972 _____ C:\Windows\System32\Tasks\e-pity2019_styczen
2020-05-14 22:29 - 2017-09-23 15:43 - 00002946 _____ C:\Windows\System32\Tasks\{FE5DC747-7FC3-4FB8-B95F-A60BF79D35BF}
2020-05-14 22:29 - 2015-12-04 20:18 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2020-05-14 22:29 - 2015-06-25 19:52 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2020-05-14 22:29 - 2014-12-13 17:55 - 00003058 _____ C:\Windows\System32\Tasks\{FF071DC6-D034-4177-ACA1-113CC46BA027}
2020-05-14 22:29 - 2014-09-22 22:25 - 00003118 _____ C:\Windows\System32\Tasks\{E8A2A072-A991-47FA-9E86-46647E0ADAAB}
2020-05-14 22:29 - 2014-07-16 00:57 - 00003484 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2020-05-14 22:29 - 2014-07-16 00:57 - 00003356 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2020-05-13 13:57 - 2019-04-11 22:13 - 00003732 _____ C:\Windows\System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2020-05-13 13:57 - 2019-04-11 22:13 - 00003150 _____ C:\Windows\System32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2020-05-13 13:57 - 2018-03-26 23:11 - 00002429 ____N C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2020-05-13 13:57 - 2018-03-26 23:11 - 00002386 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2020-05-12 20:21 - 2018-09-24 13:07 - 00002059 ____N C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-05-12 19:59 - 2016-11-04 18:13 - 00000000 ____D C:\Users\Rafal\AppData\Local\CrashDumps
2020-05-06 18:28 - 2020-04-10 14:21 - 00000204 _____ C:\Users\Rafal\Desktop\ruletki daily.txt
2020-05-06 13:55 - 2014-07-20 12:29 - 00002224 ____N C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-05-06 13:55 - 2014-07-20 12:29 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-04-26 13:34 - 2017-08-17 12:28 - 00004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2020-04-17 16:51 - 2014-07-12 15:19 - 00741694 _____ C:\Windows\system32\perfh015.dat
2020-04-17 16:51 - 2014-07-12 15:19 - 00156734 _____ C:\Windows\system32\perfc015.dat
2020-04-17 16:51 - 2009-07-14 07:13 - 01673940 _____ C:\Windows\system32\PerfStringBackup.INI
2020-04-17 16:51 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf

==================== Files in the root of some directories =======

2014-07-12 14:36 - 2020-05-15 11:58 - 0049659 _____ () C:\Users\Rafal\AppData\Local\BTServer.log

Some files in TEMP:
====================
C:\Users\Rafal\AppData\Local\Temp\DllMonoCtrl.dll
C:\Users\Rafal\AppData\Local\Temp\h-ckambn.dll
C:\Users\Rafal\AppData\Local\Temp\ipl1766.tmp.exe
C:\Users\Rafal\AppData\Local\Temp\libeay32.dll
C:\Users\Rafal\AppData\Local\Temp\msvcr120.dll
C:\Users\Rafal\AppData\Local\Temp\ntdll.dll
C:\Users\Rafal\AppData\Local\Temp\SHELL32.dll
C:\Users\Rafal\AppData\Local\Temp\sqlite3.dll
C:\Users\Rafal\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2020-05-07 19:49

==================== End of FRST.txt ============================


Strona korzysta z plików cookies w celu realizacji usług zgodnie z Polityką Plików Cookies. Możesz określić warunki przechowywania lub dostępu do plików cookies w Twojej przeglądarce.

close-button