Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-01-2023
- Ran by krzys (administrator) on LAPTOP-D2HQFS34 (HUAWEI MACHC-WAX9) (20-01-2023 07:46:31)
- Running from D:\Downloads
- Loaded Profiles: krzys
- Platform: Microsoft Windows 11 Pro Version 21H2 22000.1455 (X64) Language: English (United States)
- Default browser: Chrome
- Boot Mode: Normal
- ==================== Processes (Whitelisted) =================
- (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
- (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <6>
- (C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
- (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
- (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
- (C:\Windows\UUS\amd64\MoUsoCoreWorker.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoNotificationUx.exe
- (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <37>
- (services.exe ->) () [File not signed] C:\Program Files (x86)\SonosV2\SonosLibraryService.exe
- (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
- (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
- (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
- (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
- (services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
- (services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
- (services.exe ->) (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.) C:\Program Files\Huawei\HwLcdEnhancement\LCD_Service.exe
- (services.exe ->) (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.) C:\Program Files\Huawei\PCManager\MateBookService.exe
- (services.exe ->) (Huawei Technologies Co., Ltd. -> ) C:\Windows\System32\RPC\OSD\osdservice.exe
- (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4a3ae74cfa6c37d6\esif_uf.exe
- (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
- (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_46afe571f647787a\aesm_service.exe
- (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
- (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
- (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
- (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
- (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvhqi.inf_amd64_17d4c726820dfed6\Display.NvContainer\NVDisplay.Container.exe <2>
- (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_4b6fe1c4e6f1d68a\RtkAudUService64.exe <2>
- (svchost.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_6eefa7742d2487c3\igfxext.exe
- (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
- (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
- (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
- (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\MoUsoCoreWorker.exe
- ==================== Registry (Whitelisted) ===================
- (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
- HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_4b6fe1c4e6f1d68a\RtkAudUService64.exe [1256520 2021-03-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
- HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [215960 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
- HKLM\...\Run: [MTPW] => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> )
- HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11327200 2023-01-12] (Dropbox, Inc -> Dropbox, Inc.)
- HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [114824 2020-09-14] (Adobe Inc. -> )
- HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.) [File not signed]
- HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.) [File not signed]
- HKLM-x32\...\Run: [AutoRegisterCerts] => C:\Program Files (x86)\Certum\proCertum CardManager\cryptoCertumScanner.exe [171088 2021-02-11] (Asseco Data Systems S.A. -> Certum)
- HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
- HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
- HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
- HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\69.0.0.0\GoogleDriveFS.exe [51022104 2023-01-19] (Google LLC -> Google, Inc.)
- HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\69.0.0.0\GoogleDriveFS.exe [51022104 2023-01-19] (Google LLC -> Google, Inc.)
- HKU\S-1-5-21-2077876318-3397547300-1458395553-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [409280 2020-11-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
- HKU\S-1-5-21-2077876318-3397547300-1458395553-1001\...\Run: [Spotify] => C:\Users\krzys\AppData\Roaming\Spotify\Spotify.exe [24091264 2021-06-24] (Spotify AB -> Spotify Ltd)
- HKU\S-1-5-21-2077876318-3397547300-1458395553-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\krzys\AppData\Local\Microsoft\Teams\Update.exe [2508480 2022-07-29] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
- HKU\S-1-5-21-2077876318-3397547300-1458395553-1001\...\Run: [SuuntolinkLauncher] => C:\Users\krzys\AppData\Local\Suuntolink\app-4.1.8\resources\app\LaunchAgents\SuuntolinkLauncher.exe [835264 2023-01-04] (Suunto Oy -> )
- HKU\S-1-5-21-2077876318-3397547300-1458395553-1001\...\Run: [Napisy24Update] => C:\Program Files\Napisy24\Napisy24Update.exe [3990528 2018-02-02] (Napisy24.pl) [File not signed]
- HKU\S-1-5-21-2077876318-3397547300-1458395553-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38916432 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
- HKU\S-1-5-21-2077876318-3397547300-1458395553-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\69.0.0.0\GoogleDriveFS.exe [51022104 2023-01-19] (Google LLC -> Google, Inc.)
- HKU\S-1-5-21-2077876318-3397547300-1458395553-1001\...\MountPoints2: {014bcd61-4714-11ec-87f9-5c80b6dc8c9a} - "F:\HiSuiteDownLoader.exe"
- HKU\S-1-5-21-2077876318-3397547300-1458395553-1001\...\MountPoints2: {2dd70235-7cb4-11ea-8771-5c80b6dc8c9a} - "E:\setup.exe"
- HKU\S-1-5-21-2077876318-3397547300-1458395553-1001\...\Winlogon: [Shell] explorer.exe,Explorer.exe <==== ATTENTION
- HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\69.0.0.0\GoogleDriveFS.exe [51022104 2023-01-19] (Google LLC -> Google, Inc.)
- HKLM\...\Windows x64\Print Processors\Canon TS5100 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDQ.DLL [482816 2017-03-23] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
- HKLM\...\Windows x64\Print Processors\ssm1MPC: C:\Windows\System32\spool\prtprocs\x64\ssm1mpc.dll [41984 2014-09-18] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
- HKLM\...\Print\Monitors\Canon BJ Language Monitor TS5100 series: C:\Windows\system32\CNMLMDQ.DLL [1302016 2017-03-23] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
- HKLM\...\Print\Monitors\Nitro PDF Port 13 Monitor: C:\Windows\system32\NxPrinterMonitor13.dll [359936 2021-11-26] (Nitro Software, Inc. -> Nitro Software, Inc.)
- HKLM\...\Print\Monitors\ssm1M Langmon: C:\Windows\system32\ssm1mlm.dll [34304 2014-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
- HKLM\...\Print\Monitors\stkMonitor: C:\Windows\system32\stkMonitor.dll [65680 2022-04-28] (Amazon.com Services LLC -> )
- HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\109.0.5414.75\Installer\chrmstp.exe [2023-01-18] (Google LLC -> Google LLC)
- HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
- HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
- ==================== Scheduled Tasks (Whitelisted) ============
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- Task: {0ED2EF39-CFB0-4ADC-A570-9D19E0E62140} - System32\Tasks\MiniToolPartitionWizard => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> )
- Task: {1A78D5C4-9196-4D9D-AB48-CE6AD38BD966} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-17] (Google LLC -> Google LLC)
- Task: {1E98FEAE-40C7-4DBF-B777-7DB4DA82988E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-12-09] (Piriform Software Ltd -> Piriform)
- Task: {210B2632-5198-48A5-9719-CA3AE90E6A2F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-05-25] (Avast Software s.r.o. -> Avast Software)
- Task: {3515E061-A641-4F5B-93AB-8139C28EB697} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
- Task: {389EB1D2-37C8-4CF8-A074-D607151BC8C7} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
- Task: {3D044B29-CEAF-42E5-85FF-540137B50508} - System32\Tasks\NahimicSvc32Run => C:\WINDOWS\SysWOW64\NahimicSvc32.exe [829552 2021-03-30] (A-Volute SAS -> Nahimic)
- Task: {47AFC6D0-E414-412D-8460-409045762C7A} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4669264 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "bdf46932-16ae-4c7b-968d-3ebfaefe6474" --version "6.07.10191" --silent
- Task: {531D2252-A926-435C-8B58-9D44E8786A49} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
- Task: {5F895FBA-313A-4244-88D9-A932438A3024} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
- Task: {60F19AA4-19C0-4D0B-8D81-A9AF30AC7E46} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26326520 2023-01-19] (Microsoft Corporation -> Microsoft Corporation)
- Task: {6493039E-9AF5-4EDE-AC0C-E2808514A480} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144288 2023-01-19] (Microsoft Corporation -> Microsoft Corporation)
- Task: {70E662A6-2096-4849-B448-0B51911E5839} - System32\Tasks\CCleanerSkipUAC - krzys => C:\Program Files\CCleaner\CCleaner.exe [32602448 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
- Task: {72367DA9-1D4F-47E9-84B8-3F067ADB6A18} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26326520 2023-01-19] (Microsoft Corporation -> Microsoft Corporation)
- Task: {7D948B35-E3E7-4BF0-A74E-7CA2BC52CEC8} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
- Task: {87E842CE-EB8E-4F45-9087-2C410DC341A5} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [160696 2023-01-19] (Microsoft Corporation -> Microsoft Corporation)
- Task: {8A457C94-DAC5-48D4-B6E7-E27937DD2E6D} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
- Task: {8AE114F9-5284-4E49-98BC-6ABBA0ED8BF0} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
- Task: {91C107B7-F083-4D18-BC37-7C912BBF3570} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649216 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
- Task: {99E83483-ACEA-402B-9AAA-6981DA158438} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
- Task: {A19FF57A-124B-4779-8051-0DA38E573F80} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-11-16] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
- Task: {B8237DFB-5B80-4196-8C36-49BB34A45951} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4954008 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
- Task: {BF9CFB0A-1972-4F46-B5C4-2EC074E15E3B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144288 2023-01-19] (Microsoft Corporation -> Microsoft Corporation)
- Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
- Task: {D08F51BC-B1B4-4549-B21C-604087930B5D} - System32\Tasks\NahimicSvc64Run => C:\WINDOWS\system32\NahimicSvc64.exe [1088624 2021-03-30] (A-Volute SAS -> Nahimic)
- Task: {D1EA6823-359F-4E06-8108-36102BAB20CB} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3341312 2021-12-09] (Nvidia Corporation -> NVIDIA Corporation)
- Task: {D508CA34-8ED5-425A-A122-223071B7B987} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
- Task: {DE85F910-CB41-4616-835B-852181860510} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
- Task: {F62F609C-CD33-4662-84B8-B3B28D641343} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
- Task: {FA782FF5-59A5-415D-945E-CF044526B2E8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-17] (Google LLC -> Google LLC)
- (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
- Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
- Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
- Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
- ==================== Internet (Whitelisted) ====================
- (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
- Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
- Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
- Tcpip\..\Interfaces\{768fd166-8c12-4b35-a94b-7e9071aab9f2}: [DhcpNameServer] 172.16.50.12 172.16.50.14
- Tcpip\..\Interfaces\{d2160c1a-1750-4f32-acdd-605b36c2a719}: [DhcpNameServer] 192.168.1.1
- Edge:
- =======
- Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
- Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
- Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
- Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
- Edge Profile: C:\Users\krzys\AppData\Local\Microsoft\Edge\User Data\Default [2023-01-20]
- Edge Extension: (Citavi Picker) - C:\Users\krzys\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mielbhbkcliienpdicphhecpodcaeefg [2021-05-28]
- Edge HKLM-x32\...\Edge\Extension: [mielbhbkcliienpdicphhecpodcaeefg]
- FireFox:
- ========
- FF DefaultProfile: yc1z9c3v.default
- FF ProfilePath: C:\Users\krzys\AppData\Roaming\Mozilla\Firefox\Profiles\yc1z9c3v.default [2020-11-25]
- FF ProfilePath: C:\Users\krzys\AppData\Roaming\Mozilla\Firefox\Profiles\720ra7ah.default-release [2022-12-24]
- FF Homepage: Mozilla\Firefox\Profiles\720ra7ah.default-release -> hxxp://www.gazeta.pl/0,0.html?p=190
- FF Extension: (Citavi Picker) - C:\Users\krzys\AppData\Roaming\Mozilla\Firefox\Profiles\720ra7ah.default-release\Extensions\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}.xpi [2021-04-28]
- FF Extension: (Citavi Picker) - C:\Program Files\Mozilla Firefox\distribution\extensions\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}.xpi [2020-10-27]
- FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
- FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
- FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
- FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
- FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
- FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-12-24] (Adobe Inc. -> Adobe Systems Inc.)
- Chrome:
- =======
- CHR DefaultProfile: Default
- CHR Profile: C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Default [2023-01-20]
- CHR DownloadDir: D:\Downloads
- CHR Notifications: Default -> hxxps://www.napiprojekt.pl
- CHR Extension: (Send to Kindle for Google Chrome™) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgdjpilhipecahhcilnafpblkieebhea [2023-01-10]
- CHR Extension: (Reader View) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecabifbgmdmgdllomnfinbmaellmclnh [2023-01-17]
- CHR Extension: (Dokumenty Google offline) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-20]
- CHR Extension: (AdBlock — najlepszy bloker reklam) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-12-21]
- CHR Extension: (Hola VPN - The Website Unblocker) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2023-01-13]
- CHR Extension: (Grammarly: Grammar Checker and Writing App) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2023-01-19]
- CHR Extension: (Grammar and Spelling checker by Ginger) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdfieneakcjfaiglcfcgkidlkmlijjnh [2021-06-29]
- CHR Extension: (Bypass Paywall) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkofljmpfaanangehehmbkkmbgjjlgja [2022-02-07]
- CHR Extension: (BigBlueButton Screenshare Extension) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldjhogfpafjhgbhcgccghdjdnjmoaafi [2020-11-25]
- CHR Extension: (Program uruchamiający aplikacje dla plików z Dysku (od Google)) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-11-06]
- CHR Extension: (Rozszerzenie Google Keep do Chrome) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2023-01-13]
- CHR Extension: (Sprawdzanie poczty Google) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2020-11-17]
- CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
- CHR Extension: (ProWritingAid Grammar Checker & Writing Coach) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Default\Extensions\npnbdojkgkbcdfdjlfdmplppdphlhhcf [2022-12-31]
- CHR Extension: (Citavi Picker) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohgndokldibnndfnjnagojmheejlengn [2021-04-13]
- CHR Extension: (Ads Killer Adblocker Plus) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgbllmbdjgcalkoimdfcpknbjgnhjclg [2020-11-17]
- CHR Profile: C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-01-20]
- CHR Profile: C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-07-02]
- CHR Extension: (Safe Torrent Scanner) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2022-07-02]
- CHR Extension: (Dokumenty Google offline) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-07-02]
- CHR Extension: (Program uruchamiający aplikacje dla plików z Dysku (od Google)) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-12-01]
- CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-26]
- CHR Extension: (Citavi Picker) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ohgndokldibnndfnjnagojmheejlengn [2021-08-26]
- CHR Profile: C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Profile 3 [2022-06-17]
- CHR Extension: (Safe Torrent Scanner) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2022-06-05]
- CHR Extension: (Dokumenty Google offline) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-06-05]
- CHR Extension: (Program uruchamiający aplikacje dla plików z Dysku (od Google)) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2022-06-05]
- CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-06-05]
- CHR Extension: (Citavi Picker) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ohgndokldibnndfnjnagojmheejlengn [2022-06-05]
- CHR Profile: C:\Users\krzys\AppData\Local\Google\Chrome\User Data\System Profile [2023-01-20]
- CHR HKU\S-1-5-21-2077876318-3397547300-1458395553-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
- CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
- CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn]
- ==================== Services (Whitelisted) ===================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
- R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8553880 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
- R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [597400 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
- R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [597400 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
- R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-09-23] (Avast Software s.r.o. -> AVAST Software)
- S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
- R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12548520 2023-01-19] (Microsoft Corporation -> Microsoft Corporation)
- S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
- S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
- R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2023-01-12] (Dropbox, Inc -> Dropbox, Inc.)
- S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [5030592 2020-11-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
- S2 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [602768 2018-11-27] (Dolby Laboratories, Inc. -> )
- S4 FMAPOService; C:\WINDOWS\System32\FMService64.exe [372200 2019-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
- R2 Huawei_OSDServer; C:\Windows\system32\RPC\OSD\osdservice.exe [217072 2019-08-16] (Huawei Technologies Co., Ltd. -> )
- S2 HWVEAudioService; C:\WINDOWS\system32\HWVEAudioService.exe [104600 2021-02-25] (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.)
- R2 LCD_Service; C:\Program Files\Huawei\HwLcdEnhancement\LCD_Service.exe [24840 2020-11-05] (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.)
- R2 MBAMainService; C:\Program Files\Huawei\PCManager\MateBookService.exe [673032 2020-11-05] (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.)
- R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8891160 2023-01-16] (Malwarebytes Inc. -> Malwarebytes)
- R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1675376 2021-03-30] (A-Volute SAS -> Nahimic)
- S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [245224 2022-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
- R2 SonosLibraryService; C:\Program Files (x86)\SonosV2\SonosLibraryService.exe [27648 2022-07-12] () [File not signed]
- S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\NisSrv.exe [2772856 2021-09-08] (Microsoft Windows Publisher -> Microsoft Corporation)
- S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MsMpEng.exe [136640 2021-09-08] (Microsoft Windows Publisher -> Microsoft Corporation)
- R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvhqi.inf_amd64_17d4c726820dfed6\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvhqi.inf_amd64_17d4c726820dfed6\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
- ===================== Drivers (Whitelisted) ===================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- S3 ACR39U; C:\WINDOWS\system32\DRIVERS\acr39u.sys [86880 2018-07-12] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Card Systems Ltd.)
- R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [31424 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
- R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [229208 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
- R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [391272 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
- R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [297832 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
- R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [95960 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
- R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2022-10-17] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
- R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [39648 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
- R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [267888 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
- R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [555560 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
- R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [105248 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
- R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [80376 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
- R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [852000 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
- R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [695496 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
- R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [212632 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
- R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [318456 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
- S3 BrSerIb; C:\WINDOWS\system32\DRIVERS\BrSerIb.sys [95344 2013-05-22] (Brother Industries, Ltd. -> Brother Industries Ltd.)
- S3 BrUsbSIb; C:\WINDOWS\system32\DRIVERS\BrUsbSIb.sys [21872 2013-05-22] (Brother Industries, Ltd. -> Brother Industries Ltd.)
- S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [507904 2022-08-26] (Microsoft Corporation) [File not signed]
- S3 dlcdcncm; C:\WINDOWS\System32\drivers\dlcdcncm62_x64.sys [90344 2020-04-28] (DISPLAYLINK (UK) LIMITED -> DisplayLink Corp.)
- R3 DroidCam; C:\WINDOWS\System32\drivers\droidcam.sys [32240 2020-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Dev47Apps)
- R3 DroidCamVideo; C:\WINDOWS\System32\DriverStore\FileRepository\droidcamvideo.inf_amd64_47e18363cbf3dfe0\droidcamvideo.sys [33784 2021-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
- R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-11-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
- R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-11-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
- R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
- R0 IBtRstd; C:\WINDOWS\System32\drivers\ibtrstd.sys [52800 2019-12-13] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
- R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2023-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
- S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-06-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
- R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-07-02] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
- R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [85592 2020-06-16] (A-Volute -> Windows (R) Win 7 DDK provider)
- R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-12-15] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
- R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [37336 2021-03-09] (MiniTool Solution Ltd -> )
- S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
- S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2021-09-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
- S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [433384 2021-09-08] (Microsoft Windows -> Microsoft Corporation)
- S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86264 2021-09-08] (Microsoft Windows -> Microsoft Corporation)
- R3 WDTDrv; C:\WINDOWS\System32\Drivers\WDTDrv.sys [55600 2019-10-31] (Huaqin Telecom Technology Co.,LTD -> )
- ==================== NetSvcs (Whitelisted) ===================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- ==================== Three months (created) (Whitelisted) =========
- (If an entry is included in the fixlist, the file/folder will be moved.)
- 2023-01-17 09:39 - 2023-01-17 09:39 - 000002283 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
- 2023-01-15 09:07 - 2023-01-15 09:07 - 000000000 ___HD C:\$WinREAgent
- 2023-01-14 20:53 - 2023-01-14 20:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
- 2023-01-12 08:12 - 2023-01-12 08:12 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
- 2023-01-04 10:38 - 2023-01-04 10:38 - 000002334 _____ C:\Users\krzys\Desktop\Suuntolink.lnk
- 2022-12-14 13:05 - 2022-12-14 21:32 - 000000000 ____D C:\Program Files\Mozilla Firefox
- 2022-12-13 19:39 - 2022-12-13 19:39 - 000002408 _____ C:\WINDOWS\system32\Drivers\etc\hosts.rollback
- 2022-12-13 19:39 - 2022-12-13 19:39 - 000000000 ____D C:\Users\krzys\Documents\Electronic Arts
- 2022-12-13 19:39 - 2022-12-13 19:39 - 000000000 ____D C:\Users\krzys\AppData\Local\anadius
- 2022-12-13 19:39 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts.backup
- 2022-12-13 18:41 - 2022-12-13 18:41 - 000273816 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
- 2022-12-13 18:16 - 2022-12-13 18:16 - 000000697 _____ C:\Users\Public\Desktop\The Sims 4.lnk
- 2022-12-11 20:05 - 2022-12-11 20:05 - 000000000 ____D C:\Users\krzys\AppData\Roaming\Blender Foundation
- 2022-12-11 20:05 - 2022-12-11 20:05 - 000000000 ____D C:\Users\krzys\.thumbnails
- 2022-12-11 20:01 - 2022-12-11 20:01 - 000000959 _____ C:\Users\krzys\Desktop\Blender 3.4.lnk
- 2022-12-11 20:01 - 2022-12-11 20:01 - 000000000 ____D C:\Users\krzys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\blender
- 2022-11-27 20:18 - 2022-11-27 20:18 - 002567993 _____ C:\Users\krzys\Desktop\herschel1800 (1).pdf
- 2022-11-27 20:10 - 2022-11-27 20:10 - 003044249 _____ C:\Users\krzys\Desktop\herschel1800.pdf
- 2022-11-25 18:07 - 2022-11-25 18:07 - 000000000 ____D C:\Users\krzys\AppData\Roaming\SketchUp
- 2022-11-25 18:07 - 2022-11-25 18:07 - 000000000 ____D C:\Users\krzys\AppData\Local\SketchUp
- 2022-11-25 18:07 - 2022-11-25 18:07 - 000000000 ____D C:\ProgramData\Reprise
- 2022-11-25 18:07 - 2022-11-25 18:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2022
- 2022-11-25 18:06 - 2022-11-25 18:06 - 000000000 ____D C:\ProgramData\SketchUp
- 2022-11-25 18:06 - 2022-11-25 18:06 - 000000000 ____D C:\Program Files\SketchUp
- 2022-11-24 18:15 - 2022-12-11 19:39 - 000000000 ____D C:\Users\krzys\Documents\Komornik
- 2022-11-21 11:11 - 2023-01-06 20:15 - 000000000 ____D C:\WINDOWS\Panther
- 2022-11-20 11:08 - 2022-11-20 11:10 - 000000000 ____D C:\Users\krzys\Desktop\Tor Browser
- 2022-11-15 17:26 - 2022-11-15 17:26 - 001618806 _____ C:\Users\krzys\Desktop\archive_3.pdf
- 2022-11-15 13:33 - 2022-11-15 13:33 - 002845074 _____ C:\Users\krzys\Desktop\BABOTA.1.pdf
- 2022-11-13 20:31 - 2022-11-13 20:31 - 000175540 _____ C:\Users\krzys\Desktop\hacking2010.pdf
- 2022-11-13 20:30 - 2022-11-13 20:30 - 001356264 _____ C:\Users\krzys\Desktop\hacking1988.pdf
- 2022-11-09 09:41 - 2022-11-09 09:41 - 000000000 ____D C:\Users\krzys\AppData\Roaming\QtProject
- 2022-11-09 09:40 - 2023-01-20 06:35 - 000002464 _____ C:\WINDOWS\system32\Tasks\MiniToolPartitionWizard
- 2022-11-09 09:40 - 2022-11-09 09:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard 12
- 2022-11-09 09:40 - 2022-11-09 09:40 - 000000000 ____D C:\Program Files\MiniTool Partition Wizard 12
- 2022-11-09 09:40 - 2021-03-09 18:41 - 000037336 _____ C:\WINDOWS\system32\pwdrvio.sys
- 2022-11-09 09:40 - 2019-11-08 10:15 - 003600896 _____ C:\WINDOWS\system32\pwNative.exe
- 2022-11-09 09:40 - 2019-11-08 10:15 - 000012504 _____ C:\WINDOWS\system32\pwdspio.sys
- 2022-11-08 09:22 - 2022-11-08 09:22 - 098609427 _____ C:\Users\krzys\Desktop\R.G. Collingwood - The Idea of Nature (1945, Oxford University Press) - libgen.li.pdf
- 2022-11-07 08:50 - 2022-11-07 08:50 - 000000000 __SHD C:\Users\krzys\.dropbox_bi
- 2022-11-06 22:58 - 2022-11-06 22:58 - 002253896 _____ (Intel Corporation) C:\WINDOWS\system32\qve.signed.dll
- 2022-11-06 22:58 - 2022-11-06 22:58 - 002109512 _____ (Intel Corporation) C:\WINDOWS\system32\sgx_dcap_quoteverify.dll
- 2022-11-06 22:58 - 2022-11-06 22:58 - 000693840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\sgx_epid.dll
- 2022-11-06 22:58 - 2022-11-06 22:58 - 000693832 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\sgx_quote_ex.dll
- 2022-11-06 22:58 - 2022-11-06 22:58 - 000688200 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\sgx_launch.dll
- 2022-11-06 22:58 - 2022-11-06 22:58 - 000174664 _____ (Intel Corporation) C:\WINDOWS\system32\sgx_dcap_ql.dll
- 2022-11-06 22:58 - 2022-11-06 22:58 - 000107640 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\sgx_urts.dll
- 2022-11-06 22:58 - 2022-11-06 22:58 - 000060488 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\sgx_enclave_common.dll
- 2022-11-06 22:58 - 2022-11-06 22:58 - 000048712 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\sgx_platform.dll
- 2022-11-06 22:58 - 2022-11-06 22:58 - 000037960 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\sgx_uae_service.dll
- 2022-11-06 22:57 - 2022-11-06 22:57 - 001116248 _____ (Intel Corporation) C:\WINDOWS\system32\qe3.signed.dll
- 2022-11-06 22:57 - 2022-11-06 22:57 - 000805464 _____ (Intel Corporation) C:\WINDOWS\system32\sgx_epid.dll
- 2022-11-06 22:57 - 2022-11-06 22:57 - 000804984 _____ (Intel Corporation) C:\WINDOWS\system32\sgx_quote_ex.dll
- 2022-11-06 22:57 - 2022-11-06 22:57 - 000800888 _____ (Intel Corporation) C:\WINDOWS\system32\sgx_launch.dll
- 2022-11-06 22:57 - 2022-11-06 22:57 - 000713800 _____ (Intel Corporation) C:\WINDOWS\system32\pce.signed.dll
- 2022-11-06 22:57 - 2022-11-06 22:57 - 000145936 _____ (Intel Corporation) C:\WINDOWS\system32\id_enclave.signed.dll
- 2022-11-06 22:57 - 2022-11-06 22:57 - 000131160 _____ (Intel Corporation) C:\WINDOWS\system32\sgx_urts.dll
- 2022-11-06 22:57 - 2022-11-06 22:57 - 000075864 _____ (Intel Corporation) C:\WINDOWS\system32\sgx_enclave_common.dll
- 2022-11-06 22:57 - 2022-11-06 22:57 - 000059512 _____ (Intel Corporation) C:\WINDOWS\system32\sgx_platform.dll
- 2022-11-06 22:57 - 2022-11-06 22:57 - 000043608 _____ (Intel Corporation) C:\WINDOWS\system32\sgx_uae_service.dll
- 2022-11-06 12:36 - 2022-11-06 12:36 - 000594494 _____ C:\Users\krzys\Desktop\putnam1990.pdf
- 2022-11-03 09:43 - 2022-11-03 09:43 - 003483160 _____ C:\Users\krzys\Desktop\spor_o_racjonalnosc_open.pdf
- 2022-11-02 15:52 - 2022-11-02 15:52 - 008225876 _____ C:\Users\krzys\Desktop\noesis1314uoft.pdf
- 2022-11-02 09:07 - 2022-11-02 09:07 - 000589327 _____ C:\Users\krzys\Desktop\IHwyiw.pdf
- 2022-11-02 09:00 - 2022-11-02 09:00 - 000124711 _____ C:\Users\krzys\Desktop\000296430.pdf
- 2022-10-29 08:16 - 2022-11-21 11:06 - 000000000 ____D C:\Users\krzys\AppData\Roaming\Wargaming.net
- 2022-10-29 08:15 - 2022-10-29 08:15 - 000000000 ____D C:\ProgramData\Wargaming.net
- 2022-10-26 20:00 - 2022-10-26 20:00 - 014125766 _____ C:\Users\krzys\Desktop\ian_h_statistics2.pdf
- 2022-10-26 19:46 - 2022-10-26 19:46 - 005646207 _____ C:\Users\krzys\Desktop\ian_h_statistics.pdf
- 2022-10-26 09:44 - 2022-10-26 09:44 - 002137556 _____ C:\Users\krzys\Desktop\IH.pdf
- ==================== Three months (modified) ==================
- (If an entry is included in the fixlist, the file/folder will be moved.)
- 2023-01-20 07:46 - 2021-09-23 11:20 - 000000000 ____D C:\FRST
- 2023-01-20 07:43 - 2020-12-09 11:59 - 000000000 ____D C:\Users\krzys\Documents\Citavi 6
- 2023-01-20 07:43 - 2020-04-12 11:46 - 000000000 ____D C:\ProgramData\NVIDIA
- 2023-01-20 07:25 - 2021-08-19 20:39 - 000000000 ____D C:\Program Files\CCleaner
- 2023-01-20 07:21 - 2021-06-05 13:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
- 2023-01-20 07:17 - 2021-09-23 13:32 - 000000000 ____D C:\Users\krzys\AppData\Local\Avast Software
- 2023-01-20 07:13 - 2020-11-17 19:34 - 000000000 ____D C:\Users\krzys\AppData\Roaming\uTorrent
- 2023-01-20 07:12 - 2021-10-18 14:26 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
- 2023-01-20 07:12 - 2020-11-25 11:22 - 000000000 ____D C:\Users\krzys\AppData\LocalLow\Mozilla
- 2023-01-20 06:55 - 2021-06-05 13:01 - 000000000 ____D C:\WINDOWS\CbsTemp
- 2023-01-20 06:51 - 2021-10-18 14:30 - 001787152 _____ C:\WINDOWS\system32\PerfStringBackup.INI
- 2023-01-20 06:51 - 2021-10-18 13:33 - 000794926 _____ C:\WINDOWS\system32\perfh015.dat
- 2023-01-20 06:51 - 2021-10-18 13:33 - 000155990 _____ C:\WINDOWS\system32\perfc015.dat
- 2023-01-20 06:51 - 2021-06-05 13:09 - 000000000 ____D C:\WINDOWS\INF
- 2023-01-20 06:49 - 2020-11-17 13:25 - 000000000 ____D C:\Program Files (x86)\Google
- 2023-01-20 06:48 - 2020-11-17 14:23 - 000000000 ____D C:\Users\krzys\AppData\Local\Dropbox
- 2023-01-20 06:48 - 2020-04-12 11:40 - 000000000 ____D C:\ProgramData\Goodix
- 2023-01-20 06:47 - 2022-06-08 11:48 - 000000000 ____D C:\Users\krzys\AppData\Roaming\DropboxElectron
- 2023-01-20 06:46 - 2021-06-05 13:10 - 000000000 ___HD C:\Program Files\WindowsApps
- 2023-01-20 06:46 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\AppReadiness
- 2023-01-20 06:45 - 2021-09-23 13:19 - 000000000 ____D C:\ProgramData\Avast Software
- 2023-01-20 06:44 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SystemTemp
- 2023-01-20 06:44 - 2020-04-12 12:59 - 000000000 __SHD C:\Users\krzys\IntelGraphicsProfiles
- 2023-01-20 06:43 - 2022-10-01 08:02 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
- 2023-01-20 06:43 - 2021-10-18 14:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
- 2023-01-20 06:43 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\ServiceState
- 2023-01-20 06:43 - 2021-03-21 18:32 - 000012288 ___SH C:\DumpStack.log.tmp
- 2023-01-20 06:43 - 2020-04-12 11:34 - 000000000 ___HD C:\Intel
- 2023-01-20 06:42 - 2021-06-05 13:01 - 000786432 _____ C:\WINDOWS\system32\config\BBI
- 2023-01-20 06:35 - 2022-10-01 08:02 - 000003048 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
- 2023-01-20 06:35 - 2021-10-18 14:30 - 000003498 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
- 2023-01-20 06:35 - 2021-10-18 14:30 - 000003494 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
- 2023-01-20 06:35 - 2021-10-18 14:30 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
- 2023-01-20 06:35 - 2021-10-18 14:30 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
- 2023-01-20 06:35 - 2021-10-18 14:30 - 000003274 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
- 2023-01-20 06:35 - 2021-10-18 14:30 - 000003270 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
- 2023-01-20 06:35 - 2021-10-18 14:30 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
- 2023-01-20 06:35 - 2021-10-18 14:30 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
- 2023-01-20 06:35 - 2021-10-18 14:30 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
- 2023-01-20 06:35 - 2021-10-18 14:30 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
- 2023-01-20 06:35 - 2021-10-18 14:30 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
- 2023-01-20 06:35 - 2021-10-18 14:30 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
- 2023-01-20 06:35 - 2021-10-18 14:30 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
- 2023-01-20 06:35 - 2021-10-18 14:30 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
- 2023-01-20 06:35 - 2021-10-18 14:30 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
- 2023-01-20 06:35 - 2021-10-18 14:30 - 000002254 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - krzys
- 2023-01-20 06:35 - 2021-10-18 14:30 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
- 2023-01-19 21:24 - 2021-10-18 14:30 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
- 2023-01-19 21:24 - 2020-04-12 11:52 - 000000000 ____D C:\Program Files\Microsoft Office
- 2023-01-19 15:43 - 2021-10-18 13:29 - 000000000 ____D C:\Program Files\MSBuild
- 2023-01-19 15:43 - 2021-10-18 13:29 - 000000000 ____D C:\Program Files (x86)\MSBuild
- 2023-01-19 14:48 - 2021-11-06 10:00 - 000002064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
- 2023-01-18 21:25 - 2020-11-18 13:14 - 000000000 ____D C:\Users\krzys\AppData\Roaming\WhatsApp
- 2023-01-18 12:42 - 2020-04-12 12:59 - 000000000 ____D C:\Users\krzys\AppData\Local\Packages
- 2023-01-18 10:32 - 2020-11-17 13:25 - 000002260 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
- 2023-01-17 13:46 - 2021-03-29 14:35 - 000000000 ____D C:\Users\krzys\AppData\Roaming\Suuntolink
- 2023-01-17 09:39 - 2020-11-22 00:09 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
- 2023-01-16 05:05 - 2021-10-18 14:26 - 000741072 _____ C:\WINDOWS\system32\FNTCACHE.DAT
- 2023-01-16 05:04 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SystemResources
- 2023-01-16 05:04 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\oobe
- 2023-01-16 05:04 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\bcastdvr
- 2023-01-15 08:09 - 2022-10-11 19:58 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
- 2023-01-14 21:20 - 2021-10-18 14:27 - 003110912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
- 2023-01-14 20:56 - 2020-11-17 20:10 - 000000000 ____D C:\WINDOWS\system32\MRT
- 2023-01-14 20:54 - 2020-11-17 14:23 - 000000000 ____D C:\Program Files (x86)\Dropbox
- 2023-01-14 20:48 - 2020-11-17 20:10 - 150199536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
- 2023-01-11 11:41 - 2022-05-07 10:06 - 000000000 ___HD C:\$WINDOWS.~BT
- 2023-01-09 13:42 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
- 2023-01-04 10:38 - 2021-03-29 14:35 - 000000000 ____D C:\Users\krzys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Suunto
- 2023-01-04 10:38 - 2021-03-29 14:35 - 000000000 ____D C:\Users\krzys\AppData\Local\Suuntolink
- 2022-12-28 20:15 - 2020-11-17 14:29 - 000000000 ____D C:\Users\krzys\AppData\Local\D3DSCache
- 2022-12-26 12:37 - 2022-10-18 11:44 - 000000000 ____D C:\Users\krzys\AppData\Local\WhatsApp
- 2022-12-24 07:33 - 2020-12-02 16:59 - 000000000 ____D C:\Users\krzys\AppData\Local\CrashDumps
- 2022-12-21 19:50 - 2020-12-01 13:32 - 000000000 ____D C:\Users\krzys\AppData\Local\Spotify
- 2022-12-21 19:50 - 2020-12-01 13:31 - 000000000 ____D C:\Users\krzys\AppData\Roaming\Spotify
- ==================== Files in the root of some directories ========
- 2021-05-28 11:45 - 2021-05-28 12:09 - 000000662 _____ () C:\Users\krzys\AppData\Roaming\Contact Sheet II.xml
- 2021-05-28 11:45 - 2021-05-28 12:14 - 000042610 _____ () C:\Users\krzys\AppData\Roaming\ContactSheetII.log
- ==================== SigCheckExt =========================
- 2021-01-09 15:24 - 2009-12-08 16:19 - 000290304 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BrfxDA5c.dll
- 2022-11-09 09:40 - 2019-11-08 10:15 - 003600896 _____ C:\WINDOWS\system32\pwNative.exe
- 2021-01-09 15:24 - 2010-03-15 19:45 - 000073728 _____ (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2.dll
- 2021-01-09 15:24 - 2007-12-13 22:16 - 000004608 _____ (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2L.dll
- 2021-01-09 15:24 - 2012-07-09 17:19 - 000005120 _____ (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2S.dll
- 2021-01-09 15:24 - 2012-09-10 16:31 - 000245760 _____ (brother) C:\WINDOWS\SysWOW64\NSSearch.dll
- ==================== SigCheck ============================
- (There is no automatic fix for files that do not pass verification.)
- ==================== BCD ================================
- Firmware Boot Manager
- ---------------------
- identifier {fwbootmgr}
- displayorder {bootmgr}
- {a8f1f1d5-7c26-11ea-a30e-006f00080406}
- {a8f1f1d6-7c26-11ea-a30e-006f00080406}
- {a8f1f1d7-7c26-11ea-a30e-006f00080406}
- timeout 0
- Windows Boot Manager
- --------------------
- identifier {bootmgr}
- device partition=\Device\HarddiskVolume1
- path \EFI\Microsoft\Boot\bootmgfw.efi
- description Windows Boot Manager
- locale en-US
- inherit {globalsettings}
- default {current}
- resumeobject {cc01a822-7cb3-11ea-876f-5c80b6dc8c9a}
- displayorder {current}
- toolsdisplayorder {memdiag}
- timeout 30
- Firmware Application (101fffff)
- -------------------------------
- identifier {a8f1f1d5-7c26-11ea-a30e-006f00080406}
- description EFI USB Device
- Firmware Application (101fffff)
- -------------------------------
- identifier {a8f1f1d6-7c26-11ea-a30e-006f00080406}
- description EFI DVD/CDROM
- Firmware Application (101fffff)
- -------------------------------
- identifier {a8f1f1d7-7c26-11ea-a30e-006f00080406}
- description EFI Network
- Windows Boot Loader
- -------------------
- identifier {current}
- device partition=C:
- path \WINDOWS\system32\winload.efi
- description Windows 11
- locale en-US
- inherit {bootloadersettings}
- recoverysequence {cc01a825-7cb3-11ea-876f-5c80b6dc8c9a}
- displaymessageoverride Recovery
- recoveryenabled Yes
- isolatedcontext Yes
- allowedinmemorysettings 0x15000075
- osdevice partition=C:
- systemroot \WINDOWS
- resumeobject {cc01a822-7cb3-11ea-876f-5c80b6dc8c9a}
- nx OptIn
- bootmenupolicy Standard
- Windows Boot Loader
- -------------------
- identifier {cc01a825-7cb3-11ea-876f-5c80b6dc8c9a}
- device ramdisk=[\Device\HarddiskVolume7]\Recovery\WindowsRE\Winre.wim,{cc01a826-7cb3-11ea-876f-5c80b6dc8c9a}
- path \windows\system32\winload.efi
- description Windows Recovery Environment
- locale en-US
- inherit {bootloadersettings}
- displaymessage Recovery
- osdevice ramdisk=[\Device\HarddiskVolume7]\Recovery\WindowsRE\Winre.wim,{cc01a826-7cb3-11ea-876f-5c80b6dc8c9a}
- systemroot \windows
- nx OptIn
- bootmenupolicy Standard
- winpe Yes
- Resume from Hibernate
- ---------------------
- identifier {cc01a822-7cb3-11ea-876f-5c80b6dc8c9a}
- device partition=C:
- path \WINDOWS\system32\winresume.efi
- description Windows Resume Application
- locale en-US
- inherit {resumeloadersettings}
- recoverysequence {cc01a825-7cb3-11ea-876f-5c80b6dc8c9a}
- recoveryenabled Yes
- isolatedcontext Yes
- allowedinmemorysettings 0x15000075
- filedevice partition=C:
- custom:21000026 partition=C:
- filepath \hiberfil.sys
- bootmenupolicy Standard
- debugoptionenabled No
- Windows Memory Tester
- ---------------------
- identifier {memdiag}
- device partition=\Device\HarddiskVolume1
- path \EFI\Microsoft\Boot\memtest.efi
- description Windows Memory Diagnostic
- locale en-US
- inherit {globalsettings}
- badmemoryaccess Yes
- EMS Settings
- ------------
- identifier {emssettings}
- bootems No
- Debugger Settings
- -----------------
- identifier {dbgsettings}
- debugtype Local
- RAM Defects
- -----------
- identifier {badmemory}
- Global Settings
- ---------------
- identifier {globalsettings}
- inherit {dbgsettings}
- {emssettings}
- {badmemory}
- Boot Loader Settings
- --------------------
- identifier {bootloadersettings}
- inherit {globalsettings}
- {hypervisorsettings}
- Hypervisor Settings
- -------------------
- identifier {hypervisorsettings}
- hypervisordebugtype Serial
- hypervisordebugport 1
- hypervisorbaudrate 115200
- Resume Loader Settings
- ----------------------
- identifier {resumeloadersettings}
- inherit {globalsettings}
- Device options
- --------------
- identifier {cc01a826-7cb3-11ea-876f-5c80b6dc8c9a}
- description Windows Recovery
- ramdisksdidevice partition=\Device\HarddiskVolume7
- ramdisksdipath \Recovery\WindowsRE\boot.sdi
- ==================== End of FRST.txt ========================
Add Comment
Please, Sign In to add comment