Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-05-2021
Ran by tc-electrical (administrator) on TC-PC37 (HP HP ProDesk 600 G2 SFF) (25-05-2021 09:11:28)
Running from C:\Users\tc-electrical\Desktop\ja
Loaded Profiles: admin & tc-electrical & stenmar & tc-admin
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Default browser: IE
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Dassault Systèmes) [File not signed] C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
(Gaijin Network LTD -> Gaijin Entertainment) C:\Users\tc-electrical\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <8>
(Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe
(Hewlett-Packard) [File not signed] C:\Program Files (x86)\HP\HP Business Slim Keyboard\SkWLUSB.exe
(HP) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel(R) Intel Network Drivers -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagent.exe
(Maxthon Technology Co, Ltd. -> Maxthon Ltd.) C:\Users\tc-electrical\AppData\Local\Maxthon\Application\Maxthon.exe <39>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Opera Software AS -> Opera Software) C:\Users\tc-electrical\AppData\Local\Programs\Opera\76.0.4017.139\opera.exe <7>
(Opera Software AS -> Opera Software) C:\Users\tc-electrical\AppData\Local\Programs\Opera\76.0.4017.139\opera_crashreporter.exe <7>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SafeNet Canada, Inc. -> SafeNet, Inc.) C:\Windows\System32\hasplms.exe
(SafeNet Canada, Inc. -> SafeNet, Inc.) C:\Windows\System32\hasplmv.exe
(Softland SRL -> Microsoft) C:\Program Files\Softland\novaPDF 10\Server\novapdfs.exe
(StarWind Software) [File not signed] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8446832 2015-01-14] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-08-18] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [118496 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1178400 2016-01-07] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296216 2015-06-15] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HP Business Slim Keyboard] => c:\Program Files (x86)\HP\HP Business Slim Keyboard\SKWLUSB.exe [3512832 2015-10-27] (Hewlett-Packard) [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-615164164-2078643864-492831376-16164\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft -> Alcohol Soft Development Team)
HKU\S-1-5-21-615164164-2078643864-492831376-16164\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33698888 2021-04-22] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-615164164-2078643864-492831376-16164\...\Run: [Gaijin.Net Updater] => C:\Users\tc-electrical\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2361600 2019-11-28] (Gaijin Network LTD -> Gaijin Entertainment)
HKU\S-1-5-21-615164164-2078643864-492831376-16164\...\Run: [Opera Browser Assistant] => C:\Users\tc-electrical\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4042904 2021-05-12] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-615164164-2078643864-492831376-16164\...\MountPoints2: {6a6033b1-9239-11eb-8c70-dc4a3e6f2437} - J:\HiSuiteDownLoader.exe
HKU\S-1-5-21-615164164-2078643864-492831376-16164\...\MountPoints2: {a8df425b-8f0c-11eb-8c70-dc4a3e6f2437} - I:\HiSuiteDownLoader.exe
HKU\S-1-5-21-615164164-2078643864-492831376-19557\...\MountPoints2: {6a6033b1-9239-11eb-8c70-dc4a3e6f2437} - J:\HiSuiteDownLoader.exe
HKU\S-1-5-21-615164164-2078643864-492831376-19557\...\MountPoints2: {a8df425b-8f0c-11eb-8c70-dc4a3e6f2437} - I:\HiSuiteDownLoader.exe
HKLM\...\Windows x64\Print Processors\HP1100PrintProc: C:\Windows\System32\spool\prtprocs\x64\HP1100PP.DLL [74240 2012-08-31] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Windows x64\Print Processors\us013PC: C:\Windows\System32\spool\prtprocs\x64\us013pc.dll [43520 2015-08-20] (Windows (R) Codename Longhorn DDK provider) [File not signed]
HKLM\...\Print\Monitors\CUSTPDF Writer Monitor x86: C:\windows\system32\custmon64.dll [87040 2010-12-10] () [File not signed]
HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\windows\system32\hpbprtmon.dll [423936 2014-06-11] (Hewlett-Packard) [File not signed]
HKLM\...\Print\Monitors\HP1100LM: C:\windows\system32\HP1100LM.DLL [288768 2012-08-31] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\novaPDF 10 Port Monitor: C:\windows\system32\novamn10.dll [18944 2020-06-04] (Softland) [File not signed]
HKLM\...\Print\Monitors\us013 Langmon: C:\windows\system32\us013lm.dll [22528 2015-03-12] () [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\90.0.4430.212\Installer\chrmstp.exe [2021-05-24] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Policies: C:\Users\stenmar\NTUSER.pol: Restriction <==== ATTENTION
Policies: C:\Users\tc-electrical\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKU\S-1-5-21-615164164-2078643864-492831376-16164\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
HKU\S-1-5-21-615164164-2078643864-492831376-19557\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0ACA89A3-51E1-4E62-AAE6-0904B9471CB9} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\tc-electrical\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [18007456 2021-05-21] (ESET, spol. s r.o. -> ESET)
Task: {0ACFCA00-BA1A-46CA-94CD-BA5D60266070} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe
Task: {1538D08C-65AF-4D75-A333-6A4C019B13C0} - System32\Tasks\Games\UpdateCheck_S-1-5-21-615164164-2078643864-492831376-16164 => {CA22F5B1-E06F-4A2B-94FC-21E87FE53781} C:\Windows\System32\gameux.dll [2746368 2016-03-31] (Microsoft Windows -> Microsoft Corporation)
Task: {1F8849BD-CAA4-4E9B-821D-566C54DE7603} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe [1499704 2020-12-08] (Adobe Inc. -> Adobe)
Task: {212BE12F-A518-4A90-8556-DC72775B2268} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28082760 2021-04-22] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {23B79BFA-AAB9-4CE9-9C75-46D01E4FD7DE} - System32\Tasks\doPDF 10 Telemetry => C:\Program Files\Softland\novaPDF 10\Driver\GoogleAnalytics.exe [51504 2020-06-04] (Softland SRL -> )
Task: {341CD9DD-F5BC-409C-8981-D6EDF17DA13E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-24] (Google LLC -> Google LLC)
Task: {38AC62A4-B163-4C9C-937A-5081E4E681B6} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\Dependencies\RemEngine.exe
Task: {3E1E87CD-69E9-4D0B-8D23-0C335E1CB84B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {406D6EBB-6354-495D-A4AC-9D0871D3D40D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-04-22] (Piriform Software Ltd -> Piriform)
Task: {49C8BF47-5853-4CB6-A5E8-5C0185922E91} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\tc-electrical\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [18007456 2021-05-21] (ESET, spol. s r.o. -> ESET)
Task: {4EA4BB33-CB8D-4FD5-B82D-6A6E62195900} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe
Task: {5EB99342-A2EF-4D18-B91F-1ED518E9BA6A} - System32\Tasks\Opera scheduled Autoupdate 1591104561 => C:\Users\tc-electrical\AppData\Local\Programs\Opera\launcher.exe [2199760 2021-05-21] (Opera Software AS -> Opera Software)
Task: {5F645D6D-4BFC-4B0E-96DC-821DAB30A7FB} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4699872 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
Task: {6E66BEBE-0DE5-4B2C-ABE7-F73E61B1A523} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {7F9C0DE7-0079-4478-B1D8-127D2324D0E4} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks [Argument = /run /TN "\Microsoft\Windows\Setup\gwx\refreshgwxconfig"]
Task: {8861A14F-1DC5-4278-A8F0-B155398BBF67} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {8D172A31-2251-472A-98B7-F386FFC5C2AE} - System32\Tasks\{66E3DB07-80D2-4DF1-93F8-84389944C336} => C:\windows\system32\pcalua.exe -a F:\autorun.exe -d F:\
Task: {94343CD0-7CBB-484F-8450-5AFE9340E9E2} - System32\Tasks\doPDF 10 Update => C:\Program Files\Softland\novaPDF 10\Driver\UpdateApplication.exe [98096 2020-06-04] (Softland SRL -> )
Task: {97C7B74C-63C8-4475-8EFC-E577583B8E30} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984 2011-06-01] (Apple Inc. -> Apple Inc.)
Task: {A0A9DBCD-EB09-4127-BDA4-663EA4FBBFB7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe
Task: {A2760D85-FE4D-4C37-8EA6-790BC25D57B0} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [696304 2021-05-05] (Mozilla Corporation -> Mozilla Foundation)
Task: {A862B240-0CA1-4347-B338-00A5B72E3BD0} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe
Task: {B61E2324-B945-409D-8A4A-96B466C1866D} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
Task: {B8CC31C5-0838-4A56-9A8A-A45EE6F0F061} - System32\Tasks\SiemensDownloader => C:\Users\tc-electrical\AppData\Roaming\Siemens\PriceList 8.0\Downloader.exe [67072 2017-05-09] () [File not signed]
Task: {BD13DB6D-A890-404B-99BB-1753093E0BFF} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [754472 2021-04-05] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {C62D480C-AB6A-4FC4-83F9-83A867C0CDF9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-24] (Google LLC -> Google LLC)
Task: {CD27B860-8533-4C93-9556-C286FDCFE977} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-04-30] (Avast Software s.r.o. -> Avast Software)
Task: {E787AC6E-9FE9-4707-85EF-7211BC7150DF} - System32\Tasks\Opera scheduled assistant Autoupdate 1591104562 => C:\Users\tc-electrical\AppData\Local\Programs\Opera\launcher.exe [2199760 2021-05-21] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\tc-electrical\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {E9C445A9-FB60-4217-BC51-FC1648B95440} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe
Task: {F0E526AD-2264-48DA-B70A-98B9128B0669} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-08] (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\SiemensDownloader.job => C:\Users\tc-electrical\AppData\Roaming\Siemens\PriceList 8.0\Downloader.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-31] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 172.30.1.11 172.30.1.12 10.150.40.11 10.150.40.12
Tcpip\..\Interfaces\{1B3BAF53-7035-4965-9D64-DA0102A6B4B5}: [DhcpNameServer] 172.30.1.11 172.30.1.12 10.150.40.11 10.150.40.12
HKU\S-1-5-21-615164164-2078643864-492831376-16164\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKU\S-1-5-21-615164164-2078643864-492831376-19557\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

FireFox:
========
FF DefaultProfile: du6xum85.default
FF ProfilePath: C:\Users\tc-electrical\AppData\Roaming\Mozilla\Firefox\Profiles\du6xum85.default [2021-05-24]
FF Extension: (uBlock Origin) - C:\Users\tc-electrical\AppData\Roaming\Mozilla\Firefox\Profiles\du6xum85.default\Extensions\uBlock0@raymondhill.net.xpi [2021-05-06]
FF Extension: (Avast Online Security) - C:\Users\tc-electrical\AppData\Roaming\Mozilla\Firefox\Profiles\du6xum85.default\Extensions\wrc@avast.com.xpi [2018-05-28]
FF Extension: (EPUBReader) - C:\Users\tc-electrical\AppData\Roaming\Mozilla\Firefox\Profiles\du6xum85.default\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}.xpi [2020-09-24]
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: (SmartPrintButton) - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> )
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2015-06-08] (Unity Technologies ApS -> Unity Technologies ApS)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> )
FF Plugin-x32: @DVR/npmedia,version=3.1.0.4 -> C:\Program Files (x86)\webrec\WEB30\WebPlugin\npmedia.dll [2018-12-08] (Zhejiang Dahua Technology CO.,LTD. -> )
FF Plugin-x32: @DVR/npTimeGrid,version=3.1.0.4 -> C:\Program Files (x86)\webrec\WEB30\WebPlugin\npTimeGrid.dll [2018-12-08] (Zhejiang Dahua Technology CO.,LTD. -> Unauthorized copy)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-25] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-25] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-07-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-07-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [No File]
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-27] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-615164164-2078643864-492831376-16164: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\tc-electrical\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2017-05-18] (Unity Technologies SF -> Unity Technologies ApS)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2019-07-09] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2019-07-09] <==== ATTENTION

Chrome: 
=======
CHR Profile: C:\Users\tc-electrical\AppData\Local\Google\Chrome\User Data\Default [2021-05-25]
CHR Extension: (Prezentacje) - C:\Users\tc-electrical\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-05-24]
CHR Extension: (Dokumenty) - C:\Users\tc-electrical\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-05-24]
CHR Extension: (Dysk Google) - C:\Users\tc-electrical\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-05-24]
CHR Extension: (YouTube) - C:\Users\tc-electrical\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-05-24]
CHR Extension: (Arkusze) - C:\Users\tc-electrical\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-05-24]
CHR Extension: (Dokumenty Google offline) - C:\Users\tc-electrical\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-24]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\tc-electrical\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-05-24]
CHR Extension: (Gmail) - C:\Users\tc-electrical\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-05-24]
CHR Extension: (Chrome Media Router) - C:\Users\tc-electrical\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-05-24]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

Opera: 
=======
OPR Profile: C:\Users\tc-electrical\AppData\Roaming\Opera Software\Opera Stable [2021-05-25]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\tc-electrical\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-05-25]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7894040 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [606944 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [356064 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56920 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft -> Alcohol Soft Development Team)
R2 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [123392 2018-01-12] (Dassault Systèmes) [File not signed]
R2 hasplms; C:\windows\system32\hasplms.exe [4319776 2017-11-29] (SafeNet Canada, Inc. -> SafeNet, Inc.)
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [136704 2009-06-24] (HP) [File not signed]
R2 HPSIService; C:\windows\system32\HPSIsvc.exe [126880 2012-09-27] (Hewlett-Packard Company -> HP)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 klnagent; C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagent.exe [271960 2021-03-17] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 ksnproxy; C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\ksnproxy.exe [362072 2021-03-17] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 NovaPdf10Server; C:\Program Files\Softland\novaPDF 10\Server\novapdfs.exe [52528 2020-06-04] (Softland SRL -> Microsoft)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13172752 2020-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2016-03-31] (Microsoft Windows -> Microsoft Corporation)
S2 AVP; "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security for Windows\avp.exe" -r [X]
S2 avpsus; "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security for Windows\avpsus.exe" [X]
S2 HPSupportSolutionsFrameworkService; "C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 akshasp; C:\windows\System32\DRIVERS\akshasp.sys [87864 2017-11-29] (SafeNet, Inc. -> SafeNet, Inc.)
R3 aksusb; C:\windows\System32\DRIVERS\aksusb.sys [314944 2017-11-29] (SafeNet Canada, Inc. -> SafeNet, Inc.)
S3 ampa; C:\windows\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> )
S2 Aspi32; C:\Windows\SysWOW64\drivers\aspi32.sys [16877 2002-07-17] (Adaptec) [File not signed]
R0 aswArDisk; C:\windows\System32\drivers\aswArDisk.sys [35664 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [212192 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdriver.sys [365024 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\windows\System32\drivers\aswbidsh.sys [250336 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\windows\System32\drivers\aswbuniv.sys [99288 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\windows\System32\drivers\aswKbd.sys [41296 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [180448 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\windows\System32\drivers\aswNetHub.sys [522936 2021-05-24] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\windows\System32\DRIVERS\aswNetNd6.sys [38152 2020-04-14] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [107792 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [82872 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [850632 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\windows\System32\drivers\aswSP.sys [467720 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\windows\System32\drivers\aswStm.sys [215352 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [326992 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
S2 atksgt; C:\windows\System32\DRIVERS\atksgt.sys [310728 2018-12-12] (Tages SA -> )
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-01-30] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 ddmdrv; C:\windows\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 hardlock; C:\windows\system32\drivers\hardlock.sys [1304840 2017-11-29] (SafeNet, Inc. -> SafeNet, Inc.)
R0 kl1; C:\windows\System32\DRIVERS\kl1.sys [656648 2020-06-01] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klbackupdisk; C:\windows\System32\DRIVERS\klbackupdisk.sys [80208 2019-10-04] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klbackupflt; C:\windows\System32\DRIVERS\klbackupflt.sys [170088 2019-12-05] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klflt; C:\windows\System32\DRIVERS\klflt.sys [515352 2021-02-26] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 KLFLTDEV; C:\windows\System32\DRIVERS\klfltdev.sys [89944 2019-10-21] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klgse; C:\windows\System32\DRIVERS\klgse.sys [549712 2019-10-06] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klhk; C:\windows\System32\DRIVERS\klhk.sys [1145960 2019-10-28] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLIF; C:\windows\System32\DRIVERS\klif.sys [1081616 2021-02-26] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 KLIM6; C:\windows\System32\DRIVERS\klim6.sys [84304 2019-10-06] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klpd; C:\windows\System32\DRIVERS\klpd.sys [77952 2019-10-04] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwfp; C:\windows\System32\DRIVERS\klwfp.sys [147720 2020-06-01] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwtp; C:\windows\System32\DRIVERS\klwtp.sys [237184 2019-10-09] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kneps; C:\windows\System32\DRIVERS\kneps.sys [275888 2019-10-25] (Kaspersky Lab -> AO Kaspersky Lab)
R2 lirsgt; C:\windows\System32\DRIVERS\lirsgt.sys [42696 2018-05-24] (Tages SA -> )
S3 mvusbews; C:\windows\System32\Drivers\mvusbews.sys [20480 2012-09-26] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
S3 ser2at; C:\windows\System32\DRIVERS\ser2at64.sys [96256 2009-10-15] (Microsoft Windows Hardware Compatibility Publisher -> ATEN)
R0 sptd; C:\windows\System32\Drivers\sptd.sys [393880 2018-05-28] (Disc Soft Ltd -> Duplex Secure Ltd.)
U3 ayevlglr; C:\Windows\System32\Drivers\ayevlglr.sys [0 0000-00-00] (QLogic Corporation) <==== ATTENTION (zero byte File/Folder)
U1 aswbdisk; no ImagePath
U3 aswblog; no ImagePath
S2 MBAMChameleon; \SystemRoot\System32\Drivers\MbamChameleon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-05-25 09:11 - 2021-05-25 09:11 - 000000000 ____D C:\FRST
2021-05-25 09:05 - 2021-05-25 09:11 - 000000000 ____D C:\Users\tc-electrical\Desktop\ja
2021-05-25 07:19 - 2021-05-25 07:19 - 004581584 _____ (Opera Software) C:\Users\tc-electrical\AppData\Local\Temp\Opera_installer_2105250519277859100.dll
2021-05-25 07:18 - 2021-05-25 07:18 - 004581584 _____ (Opera Software) C:\Users\tc-electrical\AppData\Local\Temp\Opera_installer_2105250518518167792.dll
2021-05-25 07:18 - 2021-05-25 07:18 - 004581584 _____ (Opera Software) C:\Users\tc-electrical\AppData\Local\Temp\Opera_installer_2105250518412879020.dll
2021-05-25 07:15 - 2021-05-25 07:15 - 000002318 _____ C:\Users\tc-electrical\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maxthon.lnk
2021-05-25 07:15 - 2021-05-25 07:15 - 000002281 _____ C:\Users\tc-electrical\Desktop\Maxthon.lnk
2021-05-25 07:15 - 2021-05-25 07:15 - 000000000 ____D C:\Users\tc-electrical\AppData\Roaming\VBox
2021-05-25 07:14 - 2021-05-25 07:14 - 089878880 _____ (Maxthon Ltd.) C:\Users\tc-electrical\Downloads\maxthon_6.1.2.1000_x64.exe
2021-05-24 19:46 - 2021-05-24 20:14 - 000000000 ____D C:\KVRT2020_Data
2021-05-24 18:45 - 2021-05-24 21:36 - 000000000 ____D C:\Users\tc-electrical\AppData\Roaming\Apple Computer
2021-05-24 18:45 - 2021-05-24 18:45 - 000002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2021-05-24 18:45 - 2021-05-24 18:45 - 000002503 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk
2021-05-24 18:45 - 2021-05-24 18:45 - 000002491 _____ C:\Users\Public\Desktop\Safari.lnk
2021-05-24 18:45 - 2021-05-24 18:45 - 000002491 _____ C:\ProgramData\Desktop\Safari.lnk
2021-05-24 18:45 - 2021-05-24 18:45 - 000000000 ____D C:\windows\system32\Tasks\Apple
2021-05-24 18:45 - 2021-05-24 18:45 - 000000000 ____D C:\ProgramData\Apple Computer
2021-05-24 18:45 - 2021-05-24 18:45 - 000000000 ____D C:\Program Files (x86)\Safari
2021-05-24 18:45 - 2021-05-24 18:45 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2021-05-24 16:23 - 2021-05-24 16:23 - 000000000 ____D C:\Users\tc-electrical\AppData\Local\Temp\BCLTMP
2021-05-24 16:19 - 2021-05-24 16:19 - 004581584 _____ (Opera Software) C:\Users\tc-electrical\AppData\Local\Temp\Opera_installer_2105241419062295604.dll
2021-05-24 16:07 - 2021-05-24 16:08 - 119928520 _____ (PortableApps.com) C:\Users\tc-electrical\Downloads\FirefoxPortable_88.0.1_English.paf[1]
2021-05-24 15:59 - 2021-05-24 15:59 - 004581584 _____ (Opera Software) C:\Users\tc-electrical\AppData\Local\Temp\Opera_installer_2105241359243136636.dll
2021-05-24 15:35 - 2021-05-24 15:35 - 000000000 ____D C:\Users\tc-electrical\AppData\Local\Temp\WPDNSE
2021-05-24 15:35 - 2021-05-24 15:35 - 000000000 _____ C:\Users\tc-electrical\AppData\Local\Temp\FXSAPIDebugLogFile.txt
2021-05-24 15:34 - 2021-05-24 15:35 - 000000773 _____ C:\DelFix.txt
2021-05-24 15:34 - 2021-05-24 15:34 - 000000000 ____D C:\windows\ERUNT
2021-05-24 15:28 - 2021-05-24 15:28 - 000000000 ____D C:\Users\tc-electrical\AppData\Local\Temp\acrord32_super_sbx
2021-05-24 15:28 - 2021-05-24 15:28 - 000000000 ____D C:\Users\tc-electrical\AppData\Local\Temp\acrord32_sbx
2021-05-24 15:27 - 2021-05-24 15:27 - 000002256 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-05-24 15:27 - 2021-05-24 15:27 - 000002215 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-05-24 15:27 - 2021-05-24 15:27 - 000002215 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-05-24 15:27 - 2021-05-24 15:27 - 000000000 ____D C:\Program Files\Google
2021-05-24 15:26 - 2021-05-24 21:57 - 000003482 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-05-24 15:26 - 2021-05-24 21:57 - 000003354 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-05-24 15:24 - 2021-05-24 15:24 - 004581584 _____ (Opera Software) C:\Users\tc-electrical\AppData\Local\Temp\Opera_installer_2105241324417122796.dll
2021-05-24 15:21 - 2021-05-24 15:21 - 004581584 _____ (Opera Software) C:\Users\tc-electrical\AppData\Local\Temp\Opera_installer_2105241321365138500.dll
2021-05-24 15:18 - 2021-05-24 15:18 - 004581584 _____ (Opera Software) C:\Users\tc-electrical\AppData\Local\Temp\Opera_installer_2105241318420238912.dll
2021-05-24 15:17 - 2021-05-24 15:17 - 000000000 ____D C:\Users\tc-electrical\AppData\Local\Temp\TeamViewer
2021-05-24 15:16 - 2021-05-25 09:14 - 000000000 ____D C:\Users\tc-electrical\AppData\Local\Temp\1
2021-05-24 15:12 - 2021-05-24 15:12 - 004581584 _____ (Opera Software) C:\Users\tc-electrical\AppData\Local\Temp\Opera_installer_2105241312185338700.dll
2021-05-24 15:12 - 2021-05-24 15:12 - 000000000 _____ C:\Users\tc-electrical\AppData\Local\Temp\CUserstc-electricalAppDataLocalProgramsOpera76.0.4017.139opera_autoupdate.download.lock
2021-05-24 15:05 - 2021-05-24 21:57 - 000003784 _____ C:\windows\system32\Tasks\EOSv3 Scheduler onLogOn
2021-05-24 15:05 - 2021-05-24 21:57 - 000003344 _____ C:\windows\system32\Tasks\EOSv3 Scheduler onTime
2021-05-24 08:13 - 2021-05-24 08:13 - 004581528 _____ (Opera Software) C:\Users\tc-electrical\AppData\Local\Temp\Opera_installer_2105240613148801660.dll
2021-05-24 07:22 - 2021-05-24 07:22 - 004581528 _____ (Opera Software) C:\Users\tc-electrical\AppData\Local\Temp\Opera_installer_2105240522005318660.dll
2021-05-24 07:18 - 2021-05-24 07:18 - 004581528 _____ (Opera Software) C:\Users\tc-electrical\AppData\Local\Temp\Opera_installer_2105240518377327116.dll
2021-05-23 16:19 - 2021-05-23 16:19 - 004581528 _____ (Opera Software) C:\Users\tc-electrical\AppData\Local\Temp\Opera_installer_21052314190644415436.dll
2021-05-21 21:39 - 2021-05-24 16:22 - 000001173 _____ C:\Users\tc-electrical\Desktop\ESET Online Scanner.lnk
2021-05-21 09:29 - 2021-05-21 09:30 - 000000000 ____D C:\Users\tc-electrical\Desktop\ja (2)
2021-05-17 07:22 - 2021-05-17 07:22 - 000000000 ____D C:\Users\tc-electrical\Desktop\s55
2021-05-17 06:05 - 2021-05-17 06:05 - 000000000 ____D C:\Users\tc-electrical\Desktop\smsy
2021-05-13 00:49 - 2021-05-13 03:39 - 1565964288 _____ C:\Users\tc-electrical\Downloads\Battle.of.Chernobyl.(2006).PL.DVDRip.AC3.XviD.avi
2021-05-12 19:44 - 2021-02-26 23:19 - 001081616 _____ (AO Kaspersky Lab) C:\windows\system32\Drivers\klif.sys
2021-05-12 15:59 - 2021-05-24 15:13 - 000000000 ___HD C:\Users\tc-electrical\AppData\Local\Temp\.opera
2021-05-07 12:21 - 2021-05-07 12:21 - 000000000 ____D C:\ProgramData\faktura-vat
2021-05-07 09:11 - 2021-05-07 09:11 - 001310832 _____ (Google LLC) C:\Users\tc-electrical\Downloads\ChromeSetup(2).exe
2021-05-06 05:55 - 2021-05-06 05:55 - 000000000 ____D C:\windows\system32\Tasks\Mozilla
2021-05-05 17:13 - 2021-05-17 18:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-04-30 13:41 - 2021-04-30 13:41 - 001447732 _____ C:\Users\tc-electrical\Downloads\slc-500-manual-pll.pdf
2021-04-30 13:38 - 2021-04-30 13:38 - 001447732 _____ C:\Users\tc-electrical\Downloads\slc-500-manual-pl (1).pdf
2021-04-25 09:33 - 2021-04-25 09:33 - 000365024 ____N (AVAST Software) C:\windows\system32\Drivers\asw6128f3518ac21e6e.tmp
2021-04-25 09:33 - 2021-04-25 09:33 - 000339680 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2021-04-25 09:33 - 2021-04-25 09:33 - 000250336 ____N (AVAST Software) C:\windows\system32\Drivers\asw1ec7b838823d2035.tmp
2021-04-25 09:33 - 2021-04-25 09:33 - 000215352 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-05-25 09:12 - 2018-03-02 02:12 - 000000568 _____ C:\windows\Tasks\SiemensDownloader.job
2021-05-25 08:59 - 2017-06-28 08:58 - 000000232 _____ C:\windows\system32\config\netlogon.ftl
2021-05-25 03:43 - 2009-07-14 06:45 - 000032640 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-05-25 03:43 - 2009-07-14 06:45 - 000032640 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-05-24 22:21 - 2018-01-13 08:43 - 000000000 ____D C:\Program Files\CCleaner
2021-05-24 21:57 - 2021-01-04 18:05 - 000003534 _____ C:\windows\system32\Tasks\CCleanerUpdateTaskMachineUA
2021-05-24 21:57 - 2021-01-04 18:05 - 000003406 _____ C:\windows\system32\Tasks\CCleanerUpdateTaskMachineCore
2021-05-24 21:57 - 2020-11-25 00:52 - 000004438 _____ C:\windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2021-05-24 21:57 - 2020-06-05 17:13 - 000003434 _____ C:\windows\system32\Tasks\doPDF 10 Update
2021-05-24 21:57 - 2020-06-05 17:13 - 000003420 _____ C:\windows\system32\Tasks\doPDF 10 Telemetry
2021-05-24 21:57 - 2020-06-02 15:29 - 000004342 _____ C:\windows\system32\Tasks\Opera scheduled assistant Autoupdate 1591104562
2021-05-24 21:57 - 2020-06-02 15:29 - 000004134 _____ C:\windows\system32\Tasks\Opera scheduled Autoupdate 1591104561
2021-05-24 21:57 - 2020-02-03 01:04 - 000003870 _____ C:\windows\system32\Tasks\BlueStacksHelper
2021-05-24 21:57 - 2018-11-15 13:12 - 000004324 _____ C:\windows\system32\Tasks\Adobe Flash Player Updater
2021-05-24 21:57 - 2018-09-13 07:14 - 000004468 _____ C:\windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2021-05-24 21:57 - 2018-03-20 16:19 - 000003914 _____ C:\windows\system32\Tasks\User_Feed_Synchronization-{0C73ACF0-8537-4305-84D3-15EF714322CA}
2021-05-24 21:57 - 2018-03-02 02:12 - 000003656 _____ C:\windows\system32\Tasks\SiemensDownloader
2021-05-24 21:57 - 2018-01-22 22:39 - 000000000 ____D C:\windows\system32\Tasks\Avast Software
2021-05-24 21:57 - 2018-01-13 08:43 - 000003870 _____ C:\windows\system32\Tasks\CCleaner Update
2021-05-24 21:57 - 2018-01-13 08:43 - 000002796 _____ C:\windows\system32\Tasks\CCleanerSkipUAC
2021-05-24 21:57 - 2018-01-10 14:26 - 000004476 _____ C:\windows\system32\Tasks\Adobe Acrobat Update Task
2021-05-24 21:57 - 2018-01-10 13:58 - 000003042 _____ C:\windows\system32\Tasks\{66E3DB07-80D2-4DF1-93F8-84389944C336}
2021-05-24 21:57 - 2017-06-23 09:10 - 000003148 _____ C:\windows\system32\Tasks\SidebarExecute
2021-05-24 21:57 - 2017-06-23 09:01 - 000003922 _____ C:\windows\system32\Tasks\User_Feed_Synchronization-{561252FE-DA47-48E0-890E-FAAB4266B28B}
2021-05-24 21:57 - 2017-06-23 09:01 - 000003566 _____ C:\windows\system32\Tasks\Registration
2021-05-24 20:27 - 2021-01-07 02:04 - 000310014 _____ C:\Users\tc-electrical\AppData\Local\Temp\ExchangePerflog_8484fa311341bfb4cfcccd43.dat
2021-05-24 18:50 - 2020-04-14 22:15 - 000522936 _____ (AVAST Software) C:\windows\system32\Drivers\aswNetHub.sys
2021-05-24 16:23 - 2009-07-14 05:20 - 000000000 ____D C:\windows\inf
2021-05-24 15:26 - 2018-01-13 08:43 - 000000000 ____D C:\Program Files (x86)\Google
2021-05-24 15:21 - 2009-07-14 07:13 - 000006730 _____ C:\windows\system32\PerfStringBackup.INI
2021-05-24 15:17 - 2019-02-15 16:29 - 000000000 ____D C:\ProgramData\Mozilla
2021-05-24 15:17 - 2017-06-28 09:07 - 000000000 ____D C:\Users\tc-electrical\AppData\LocalLow\Mozilla
2021-05-24 15:16 - 2018-01-22 22:37 - 000000000 ____D C:\ProgramData\AVAST Software
2021-05-24 15:16 - 2017-06-28 09:09 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-05-24 15:16 - 2017-06-28 09:00 - 000000000 __SHD C:\Users\tc-electrical\IntelGraphicsProfiles
2021-05-24 15:16 - 2017-06-23 09:00 - 000000180 _____ C:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-05-24 15:16 - 2009-07-14 07:08 - 000000006 ____H C:\windows\Tasks\SA.DAT
2021-05-24 15:13 - 2019-02-07 14:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Endpoint Security for Windows
2021-05-24 15:08 - 2021-01-07 02:00 - 000000000 ____D C:\Users\tc-electrical\AppData\Roaming\IObit
2021-05-24 15:08 - 2018-01-12 16:46 - 000000000 ____D C:\Users\tc-electrical\AppData\Roaming\Hewlett-Packard
2021-05-24 15:08 - 2017-06-23 09:01 - 000000000 ____D C:\Users\admin\AppData\Roaming\Hewlett-Packard
2021-05-24 15:08 - 2016-08-04 21:58 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2021-05-24 15:08 - 2016-08-04 21:58 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2021-05-24 15:08 - 2016-06-18 03:25 - 000000000 _RSHD C:\hp
2021-05-24 07:29 - 2021-04-12 17:54 - 000001894 _____ C:\Users\tc-electrical\Desktop\TPM-lampyza_czepy.lnk
2021-05-24 07:29 - 2021-01-25 10:38 - 000002411 _____ C:\Users\tc-electrical\Desktop\30.00.14_Karty_zlecen_naprawy_ver.5 - Shortcut.lnk
2021-05-24 07:29 - 2021-01-20 19:37 - 000002356 _____ C:\Users\tc-electrical\Desktop\MAGAZYN - Shortcut.lnk
2021-05-24 07:29 - 2019-12-03 07:25 - 000002213 _____ C:\Users\tc-electrical\Desktop\BEM - Shortcut.lnk
2021-05-24 07:29 - 2019-10-09 12:20 - 000001849 _____ C:\Users\tc-electrical\Desktop\BEM.lnk
2021-05-24 07:29 - 2018-08-14 12:52 - 000001861 _____ C:\Users\tc-electrical\Desktop\Pomiary temperatury - Shortcut.lnk
2021-05-24 07:12 - 2018-01-10 14:25 - 000000000 ____D C:\ProgramData\Adobe
2021-05-21 21:58 - 2020-08-06 19:24 - 000000000 ____D C:\Users\tc-electrical\Desktop\New folder
2021-05-21 21:51 - 2018-09-13 16:56 - 000000000 ____D C:\recup_dir.1
2021-05-21 18:19 - 2009-07-14 05:20 - 000000000 ____D C:\windows\system32\NDF
2021-05-18 06:11 - 2018-02-13 00:58 - 000000000 ____D C:\Users\tc-electrical\AppData\Roaming\Softland
2021-05-17 18:43 - 2018-01-10 14:26 - 000002067 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-05-17 18:30 - 2017-06-28 08:59 - 000022552 __RSH C:\Users\tc-electrical\ntuser.pol
2021-05-17 18:30 - 2017-06-28 08:59 - 000000000 ____D C:\Users\tc-electrical
2021-05-17 18:28 - 2017-06-28 08:59 - 000034202 __RSH C:\ProgramData\ntuser.pol
2021-05-17 18:27 - 2009-07-14 06:45 - 000446104 _____ C:\windows\system32\FNTCACHE.DAT
2021-05-17 10:02 - 2020-02-28 11:41 - 000509860 _____ C:\Users\stenmar\AppData\Local\Temp\ExchangePerflog_8484fa31665e56e5cfcccd43.dat
2021-05-17 10:02 - 2019-02-07 14:08 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2021-05-12 14:42 - 2017-06-28 09:15 - 000000000 ____D C:\Users\tc-electrical\AppData\Roaming\TeamViewer
2021-05-12 14:40 - 2021-04-07 23:20 - 000000000 ____D C:\Faktura VAT
2021-05-07 12:24 - 2021-04-20 18:47 - 000005504 _____ C:\ProgramData\tpvx64.bin
2021-05-06 03:00 - 2009-07-14 04:34 - 000000478 _____ C:\windows\win.ini
2021-04-25 09:33 - 2020-09-21 18:20 - 000180448 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2021-04-25 09:33 - 2019-01-27 23:18 - 000365024 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsdriver.sys
2021-04-25 09:33 - 2019-01-07 07:08 - 000250336 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsh.sys
2021-04-25 09:33 - 2019-01-07 07:08 - 000099288 _____ (AVAST Software) C:\windows\system32\Drivers\aswbuniv.sys
2021-04-25 09:33 - 2019-01-07 07:08 - 000035664 _____ (AVAST Software) C:\windows\system32\Drivers\aswArDisk.sys
2021-04-25 09:33 - 2018-10-22 09:50 - 000041296 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2021-04-25 09:33 - 2018-01-22 22:39 - 000850632 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2021-04-25 09:33 - 2018-01-22 22:39 - 000467720 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2021-04-25 09:33 - 2018-01-22 22:39 - 000326992 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2021-04-25 09:33 - 2018-01-22 22:39 - 000212192 _____ (AVAST Software) C:\windows\system32\Drivers\aswArPot.sys
2021-04-25 09:33 - 2018-01-22 22:39 - 000107792 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2021-04-25 09:33 - 2018-01-22 22:39 - 000082872 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2021-04-25 09:33 - 2018-01-22 22:39 - 000003910 _____ C:\windows\system32\Tasks\Avast Emergency Update

==================== Files in the root of some directories ========

2019-06-12 11:20 - 2019-05-25 01:59 - 000081920 _____ () C:\Users\tc-electrical\AppData\Roaming\Microsoft\shell4282.dat

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2021-05-22 00:55
==================== End of FRST.txt ========================