API tools faq
paste
Guest User

FRST

a guest
Jan 20th, 2023
33
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 55.43 KB | None | 0 0
raw download clone embed print report
  1. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-01-2023
  2. Ran by krzys (administrator) on LAPTOP-D2HQFS34 (HUAWEI MACHC-WAX9) (20-01-2023 07:46:31)
  3. Running from D:\Downloads
  4. Loaded Profiles: krzys
  5. Platform: Microsoft Windows 11 Pro Version 21H2 22000.1455 (X64) Language: English (United States)
  6. Default browser: Chrome
  7. Boot Mode: Normal
  8.  
  9. ==================== Processes (Whitelisted) =================
  10.  
  11. (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
  12.  
  13. (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <6>
  14. (C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
  15. (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
  16. (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
  17. (C:\Windows\UUS\amd64\MoUsoCoreWorker.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoNotificationUx.exe
  18. (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <37>
  19. (services.exe ->) () [File not signed] C:\Program Files (x86)\SonosV2\SonosLibraryService.exe
  20. (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
  21. (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
  22. (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
  23. (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
  24. (services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
  25. (services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
  26. (services.exe ->) (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.) C:\Program Files\Huawei\HwLcdEnhancement\LCD_Service.exe
  27. (services.exe ->) (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.) C:\Program Files\Huawei\PCManager\MateBookService.exe
  28. (services.exe ->) (Huawei Technologies Co., Ltd. -> ) C:\Windows\System32\RPC\OSD\osdservice.exe
  29. (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4a3ae74cfa6c37d6\esif_uf.exe
  30. (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
  31. (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_46afe571f647787a\aesm_service.exe
  32. (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
  33. (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
  34. (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
  35. (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
  36. (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvhqi.inf_amd64_17d4c726820dfed6\Display.NvContainer\NVDisplay.Container.exe <2>
  37. (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_4b6fe1c4e6f1d68a\RtkAudUService64.exe <2>
  38. (svchost.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_6eefa7742d2487c3\igfxext.exe
  39. (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
  40. (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
  41. (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
  42. (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\MoUsoCoreWorker.exe
  43.  
  44. ==================== Registry (Whitelisted) ===================
  45.  
  46. (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
  47.  
  48. HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_4b6fe1c4e6f1d68a\RtkAudUService64.exe [1256520 2021-03-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
  49. HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [215960 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
  50. HKLM\...\Run: [MTPW] => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> )
  51. HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11327200 2023-01-12] (Dropbox, Inc -> Dropbox, Inc.)
  52. HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [114824 2020-09-14] (Adobe Inc. -> )
  53. HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.) [File not signed]
  54. HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.) [File not signed]
  55. HKLM-x32\...\Run: [AutoRegisterCerts] => C:\Program Files (x86)\Certum\proCertum CardManager\cryptoCertumScanner.exe [171088 2021-02-11] (Asseco Data Systems S.A. -> Certum)
  56. HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
  57. HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
  58. HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
  59. HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\69.0.0.0\GoogleDriveFS.exe [51022104 2023-01-19] (Google LLC -> Google, Inc.)
  60. HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\69.0.0.0\GoogleDriveFS.exe [51022104 2023-01-19] (Google LLC -> Google, Inc.)
  61. HKU\S-1-5-21-2077876318-3397547300-1458395553-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [409280 2020-11-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
  62. HKU\S-1-5-21-2077876318-3397547300-1458395553-1001\...\Run: [Spotify] => C:\Users\krzys\AppData\Roaming\Spotify\Spotify.exe [24091264 2021-06-24] (Spotify AB -> Spotify Ltd)
  63. HKU\S-1-5-21-2077876318-3397547300-1458395553-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\krzys\AppData\Local\Microsoft\Teams\Update.exe [2508480 2022-07-29] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
  64. HKU\S-1-5-21-2077876318-3397547300-1458395553-1001\...\Run: [SuuntolinkLauncher] => C:\Users\krzys\AppData\Local\Suuntolink\app-4.1.8\resources\app\LaunchAgents\SuuntolinkLauncher.exe [835264 2023-01-04] (Suunto Oy -> )
  65. HKU\S-1-5-21-2077876318-3397547300-1458395553-1001\...\Run: [Napisy24Update] => C:\Program Files\Napisy24\Napisy24Update.exe [3990528 2018-02-02] (Napisy24.pl) [File not signed]
  66. HKU\S-1-5-21-2077876318-3397547300-1458395553-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38916432 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
  67. HKU\S-1-5-21-2077876318-3397547300-1458395553-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\69.0.0.0\GoogleDriveFS.exe [51022104 2023-01-19] (Google LLC -> Google, Inc.)
  68. HKU\S-1-5-21-2077876318-3397547300-1458395553-1001\...\MountPoints2: {014bcd61-4714-11ec-87f9-5c80b6dc8c9a} - "F:\HiSuiteDownLoader.exe"
  69. HKU\S-1-5-21-2077876318-3397547300-1458395553-1001\...\MountPoints2: {2dd70235-7cb4-11ea-8771-5c80b6dc8c9a} - "E:\setup.exe"
  70. HKU\S-1-5-21-2077876318-3397547300-1458395553-1001\...\Winlogon: [Shell] explorer.exe,Explorer.exe <==== ATTENTION
  71. HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\69.0.0.0\GoogleDriveFS.exe [51022104 2023-01-19] (Google LLC -> Google, Inc.)
  72. HKLM\...\Windows x64\Print Processors\Canon TS5100 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDQ.DLL [482816 2017-03-23] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
  73. HKLM\...\Windows x64\Print Processors\ssm1MPC: C:\Windows\System32\spool\prtprocs\x64\ssm1mpc.dll [41984 2014-09-18] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
  74. HKLM\...\Print\Monitors\Canon BJ Language Monitor TS5100 series: C:\Windows\system32\CNMLMDQ.DLL [1302016 2017-03-23] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
  75. HKLM\...\Print\Monitors\Nitro PDF Port 13 Monitor: C:\Windows\system32\NxPrinterMonitor13.dll [359936 2021-11-26] (Nitro Software, Inc. -> Nitro Software, Inc.)
  76. HKLM\...\Print\Monitors\ssm1M Langmon: C:\Windows\system32\ssm1mlm.dll [34304 2014-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
  77. HKLM\...\Print\Monitors\stkMonitor: C:\Windows\system32\stkMonitor.dll [65680 2022-04-28] (Amazon.com Services LLC -> )
  78. HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\109.0.5414.75\Installer\chrmstp.exe [2023-01-18] (Google LLC -> Google LLC)
  79. HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
  80. HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
  81.  
  82. ==================== Scheduled Tasks (Whitelisted) ============
  83.  
  84. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  85.  
  86. Task: {0ED2EF39-CFB0-4ADC-A570-9D19E0E62140} - System32\Tasks\MiniToolPartitionWizard => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> )
  87. Task: {1A78D5C4-9196-4D9D-AB48-CE6AD38BD966} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-17] (Google LLC -> Google LLC)
  88. Task: {1E98FEAE-40C7-4DBF-B777-7DB4DA82988E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-12-09] (Piriform Software Ltd -> Piriform)
  89. Task: {210B2632-5198-48A5-9719-CA3AE90E6A2F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-05-25] (Avast Software s.r.o. -> Avast Software)
  90. Task: {3515E061-A641-4F5B-93AB-8139C28EB697} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
  91. Task: {389EB1D2-37C8-4CF8-A074-D607151BC8C7} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
  92. Task: {3D044B29-CEAF-42E5-85FF-540137B50508} - System32\Tasks\NahimicSvc32Run => C:\WINDOWS\SysWOW64\NahimicSvc32.exe [829552 2021-03-30] (A-Volute SAS -> Nahimic)
  93. Task: {47AFC6D0-E414-412D-8460-409045762C7A} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4669264 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "bdf46932-16ae-4c7b-968d-3ebfaefe6474" --version "6.07.10191" --silent
  94. Task: {531D2252-A926-435C-8B58-9D44E8786A49} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
  95. Task: {5F895FBA-313A-4244-88D9-A932438A3024} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
  96. Task: {60F19AA4-19C0-4D0B-8D81-A9AF30AC7E46} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26326520 2023-01-19] (Microsoft Corporation -> Microsoft Corporation)
  97. Task: {6493039E-9AF5-4EDE-AC0C-E2808514A480} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144288 2023-01-19] (Microsoft Corporation -> Microsoft Corporation)
  98. Task: {70E662A6-2096-4849-B448-0B51911E5839} - System32\Tasks\CCleanerSkipUAC - krzys => C:\Program Files\CCleaner\CCleaner.exe [32602448 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
  99. Task: {72367DA9-1D4F-47E9-84B8-3F067ADB6A18} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26326520 2023-01-19] (Microsoft Corporation -> Microsoft Corporation)
  100. Task: {7D948B35-E3E7-4BF0-A74E-7CA2BC52CEC8} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
  101. Task: {87E842CE-EB8E-4F45-9087-2C410DC341A5} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [160696 2023-01-19] (Microsoft Corporation -> Microsoft Corporation)
  102. Task: {8A457C94-DAC5-48D4-B6E7-E27937DD2E6D} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
  103. Task: {8AE114F9-5284-4E49-98BC-6ABBA0ED8BF0} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
  104. Task: {91C107B7-F083-4D18-BC37-7C912BBF3570} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649216 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
  105. Task: {99E83483-ACEA-402B-9AAA-6981DA158438} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
  106. Task: {A19FF57A-124B-4779-8051-0DA38E573F80} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-11-16] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
  107. Task: {B8237DFB-5B80-4196-8C36-49BB34A45951} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4954008 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
  108. Task: {BF9CFB0A-1972-4F46-B5C4-2EC074E15E3B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144288 2023-01-19] (Microsoft Corporation -> Microsoft Corporation)
  109. Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
  110. Task: {D08F51BC-B1B4-4549-B21C-604087930B5D} - System32\Tasks\NahimicSvc64Run => C:\WINDOWS\system32\NahimicSvc64.exe [1088624 2021-03-30] (A-Volute SAS -> Nahimic)
  111. Task: {D1EA6823-359F-4E06-8108-36102BAB20CB} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3341312 2021-12-09] (Nvidia Corporation -> NVIDIA Corporation)
  112. Task: {D508CA34-8ED5-425A-A122-223071B7B987} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
  113. Task: {DE85F910-CB41-4616-835B-852181860510} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
  114. Task: {F62F609C-CD33-4662-84B8-B3B28D641343} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
  115. Task: {FA782FF5-59A5-415D-945E-CF044526B2E8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-17] (Google LLC -> Google LLC)
  116.  
  117. (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
  118.  
  119. Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
  120. Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
  121. Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
  122.  
  123. ==================== Internet (Whitelisted) ====================
  124.  
  125. (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
  126.  
  127. Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
  128. Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
  129. Tcpip\..\Interfaces\{768fd166-8c12-4b35-a94b-7e9071aab9f2}: [DhcpNameServer] 172.16.50.12 172.16.50.14
  130. Tcpip\..\Interfaces\{d2160c1a-1750-4f32-acdd-605b36c2a719}: [DhcpNameServer] 192.168.1.1
  131.  
  132. Edge:
  133. =======
  134. Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
  135. Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
  136. Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
  137. Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
  138. Edge Profile: C:\Users\krzys\AppData\Local\Microsoft\Edge\User Data\Default [2023-01-20]
  139. Edge Extension: (Citavi Picker) - C:\Users\krzys\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mielbhbkcliienpdicphhecpodcaeefg [2021-05-28]
  140. Edge HKLM-x32\...\Edge\Extension: [mielbhbkcliienpdicphhecpodcaeefg]
  141.  
  142. FireFox:
  143. ========
  144. FF DefaultProfile: yc1z9c3v.default
  145. FF ProfilePath: C:\Users\krzys\AppData\Roaming\Mozilla\Firefox\Profiles\yc1z9c3v.default [2020-11-25]
  146. FF ProfilePath: C:\Users\krzys\AppData\Roaming\Mozilla\Firefox\Profiles\720ra7ah.default-release [2022-12-24]
  147. FF Homepage: Mozilla\Firefox\Profiles\720ra7ah.default-release -> hxxp://www.gazeta.pl/0,0.html?p=190
  148. FF Extension: (Citavi Picker) - C:\Users\krzys\AppData\Roaming\Mozilla\Firefox\Profiles\720ra7ah.default-release\Extensions\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}.xpi [2021-04-28]
  149. FF Extension: (Citavi Picker) - C:\Program Files\Mozilla Firefox\distribution\extensions\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}.xpi [2020-10-27]
  150. FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
  151. FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
  152. FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
  153. FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
  154. FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
  155. FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-12-24] (Adobe Inc. -> Adobe Systems Inc.)
  156.  
  157. Chrome:
  158. =======
  159. CHR DefaultProfile: Default
  160. CHR Profile: C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Default [2023-01-20]
  161. CHR DownloadDir: D:\Downloads
  162. CHR Notifications: Default -> hxxps://www.napiprojekt.pl
  163. CHR Extension: (Send to Kindle for Google Chrome™) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgdjpilhipecahhcilnafpblkieebhea [2023-01-10]
  164. CHR Extension: (Reader View) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecabifbgmdmgdllomnfinbmaellmclnh [2023-01-17]
  165. CHR Extension: (Dokumenty Google offline) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-20]
  166. CHR Extension: (AdBlock — najlepszy bloker reklam) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-12-21]
  167. CHR Extension: (Hola VPN - The Website Unblocker) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2023-01-13]
  168. CHR Extension: (Grammarly: Grammar Checker and Writing App) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2023-01-19]
  169. CHR Extension: (Grammar and Spelling checker by Ginger) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdfieneakcjfaiglcfcgkidlkmlijjnh [2021-06-29]
  170. CHR Extension: (Bypass Paywall) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkofljmpfaanangehehmbkkmbgjjlgja [2022-02-07]
  171. CHR Extension: (BigBlueButton Screenshare Extension) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldjhogfpafjhgbhcgccghdjdnjmoaafi [2020-11-25]
  172. CHR Extension: (Program uruchamiający aplikacje dla plików z Dysku (od Google)) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-11-06]
  173. CHR Extension: (Rozszerzenie Google Keep do Chrome) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2023-01-13]
  174. CHR Extension: (Sprawdzanie poczty Google) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2020-11-17]
  175. CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
  176. CHR Extension: (ProWritingAid Grammar Checker & Writing Coach) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Default\Extensions\npnbdojkgkbcdfdjlfdmplppdphlhhcf [2022-12-31]
  177. CHR Extension: (Citavi Picker) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohgndokldibnndfnjnagojmheejlengn [2021-04-13]
  178. CHR Extension: (Ads Killer Adblocker Plus) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgbllmbdjgcalkoimdfcpknbjgnhjclg [2020-11-17]
  179. CHR Profile: C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-01-20]
  180. CHR Profile: C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-07-02]
  181. CHR Extension: (Safe Torrent Scanner) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2022-07-02]
  182. CHR Extension: (Dokumenty Google offline) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-07-02]
  183. CHR Extension: (Program uruchamiający aplikacje dla plików z Dysku (od Google)) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-12-01]
  184. CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-26]
  185. CHR Extension: (Citavi Picker) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ohgndokldibnndfnjnagojmheejlengn [2021-08-26]
  186. CHR Profile: C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Profile 3 [2022-06-17]
  187. CHR Extension: (Safe Torrent Scanner) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2022-06-05]
  188. CHR Extension: (Dokumenty Google offline) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-06-05]
  189. CHR Extension: (Program uruchamiający aplikacje dla plików z Dysku (od Google)) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2022-06-05]
  190. CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-06-05]
  191. CHR Extension: (Citavi Picker) - C:\Users\krzys\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ohgndokldibnndfnjnagojmheejlengn [2022-06-05]
  192. CHR Profile: C:\Users\krzys\AppData\Local\Google\Chrome\User Data\System Profile [2023-01-20]
  193. CHR HKU\S-1-5-21-2077876318-3397547300-1458395553-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
  194. CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
  195. CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn]
  196.  
  197. ==================== Services (Whitelisted) ===================
  198.  
  199. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  200.  
  201. S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
  202. R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8553880 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
  203. R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [597400 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
  204. R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [597400 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
  205. R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-09-23] (Avast Software s.r.o. -> AVAST Software)
  206. S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
  207. R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12548520 2023-01-19] (Microsoft Corporation -> Microsoft Corporation)
  208. S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
  209. S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
  210. R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2023-01-12] (Dropbox, Inc -> Dropbox, Inc.)
  211. S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [5030592 2020-11-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
  212. S2 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [602768 2018-11-27] (Dolby Laboratories, Inc. -> )
  213. S4 FMAPOService; C:\WINDOWS\System32\FMService64.exe [372200 2019-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
  214. R2 Huawei_OSDServer; C:\Windows\system32\RPC\OSD\osdservice.exe [217072 2019-08-16] (Huawei Technologies Co., Ltd. -> )
  215. S2 HWVEAudioService; C:\WINDOWS\system32\HWVEAudioService.exe [104600 2021-02-25] (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.)
  216. R2 LCD_Service; C:\Program Files\Huawei\HwLcdEnhancement\LCD_Service.exe [24840 2020-11-05] (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.)
  217. R2 MBAMainService; C:\Program Files\Huawei\PCManager\MateBookService.exe [673032 2020-11-05] (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.)
  218. R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8891160 2023-01-16] (Malwarebytes Inc. -> Malwarebytes)
  219. R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1675376 2021-03-30] (A-Volute SAS -> Nahimic)
  220. S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [245224 2022-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
  221. R2 SonosLibraryService; C:\Program Files (x86)\SonosV2\SonosLibraryService.exe [27648 2022-07-12] () [File not signed]
  222. S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\NisSrv.exe [2772856 2021-09-08] (Microsoft Windows Publisher -> Microsoft Corporation)
  223. S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MsMpEng.exe [136640 2021-09-08] (Microsoft Windows Publisher -> Microsoft Corporation)
  224. R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvhqi.inf_amd64_17d4c726820dfed6\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvhqi.inf_amd64_17d4c726820dfed6\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
  225.  
  226. ===================== Drivers (Whitelisted) ===================
  227.  
  228. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  229.  
  230. S3 ACR39U; C:\WINDOWS\system32\DRIVERS\acr39u.sys [86880 2018-07-12] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Card Systems Ltd.)
  231. R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [31424 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
  232. R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [229208 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
  233. R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [391272 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
  234. R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [297832 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
  235. R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [95960 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
  236. R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2022-10-17] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
  237. R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [39648 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
  238. R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [267888 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
  239. R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [555560 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
  240. R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [105248 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
  241. R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [80376 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
  242. R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [852000 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
  243. R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [695496 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
  244. R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [212632 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
  245. R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [318456 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
  246. S3 BrSerIb; C:\WINDOWS\system32\DRIVERS\BrSerIb.sys [95344 2013-05-22] (Brother Industries, Ltd. -> Brother Industries Ltd.)
  247. S3 BrUsbSIb; C:\WINDOWS\system32\DRIVERS\BrUsbSIb.sys [21872 2013-05-22] (Brother Industries, Ltd. -> Brother Industries Ltd.)
  248. S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [507904 2022-08-26] (Microsoft Corporation) [File not signed]
  249. S3 dlcdcncm; C:\WINDOWS\System32\drivers\dlcdcncm62_x64.sys [90344 2020-04-28] (DISPLAYLINK (UK) LIMITED -> DisplayLink Corp.)
  250. R3 DroidCam; C:\WINDOWS\System32\drivers\droidcam.sys [32240 2020-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Dev47Apps)
  251. R3 DroidCamVideo; C:\WINDOWS\System32\DriverStore\FileRepository\droidcamvideo.inf_amd64_47e18363cbf3dfe0\droidcamvideo.sys [33784 2021-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
  252. R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-11-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
  253. R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-11-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
  254. R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
  255. R0 IBtRstd; C:\WINDOWS\System32\drivers\ibtrstd.sys [52800 2019-12-13] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
  256. R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2023-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
  257. S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-06-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
  258. R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-07-02] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
  259. R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [85592 2020-06-16] (A-Volute -> Windows (R) Win 7 DDK provider)
  260. R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-12-15] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
  261. R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [37336 2021-03-09] (MiniTool Solution Ltd -> )
  262. S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
  263. S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2021-09-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
  264. S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [433384 2021-09-08] (Microsoft Windows -> Microsoft Corporation)
  265. S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86264 2021-09-08] (Microsoft Windows -> Microsoft Corporation)
  266. R3 WDTDrv; C:\WINDOWS\System32\Drivers\WDTDrv.sys [55600 2019-10-31] (Huaqin Telecom Technology Co.,LTD -> )
  267.  
  268. ==================== NetSvcs (Whitelisted) ===================
  269.  
  270. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  271.  
  272.  
  273. ==================== Three months (created) (Whitelisted) =========
  274.  
  275. (If an entry is included in the fixlist, the file/folder will be moved.)
  276.  
  277. 2023-01-17 09:39 - 2023-01-17 09:39 - 000002283 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
  278. 2023-01-15 09:07 - 2023-01-15 09:07 - 000000000 ___HD C:\$WinREAgent
  279. 2023-01-14 20:53 - 2023-01-14 20:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
  280. 2023-01-12 08:12 - 2023-01-12 08:12 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
  281. 2023-01-04 10:38 - 2023-01-04 10:38 - 000002334 _____ C:\Users\krzys\Desktop\Suuntolink.lnk
  282. 2022-12-14 13:05 - 2022-12-14 21:32 - 000000000 ____D C:\Program Files\Mozilla Firefox
  283. 2022-12-13 19:39 - 2022-12-13 19:39 - 000002408 _____ C:\WINDOWS\system32\Drivers\etc\hosts.rollback
  284. 2022-12-13 19:39 - 2022-12-13 19:39 - 000000000 ____D C:\Users\krzys\Documents\Electronic Arts
  285. 2022-12-13 19:39 - 2022-12-13 19:39 - 000000000 ____D C:\Users\krzys\AppData\Local\anadius
  286. 2022-12-13 19:39 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts.backup
  287. 2022-12-13 18:41 - 2022-12-13 18:41 - 000273816 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
  288. 2022-12-13 18:16 - 2022-12-13 18:16 - 000000697 _____ C:\Users\Public\Desktop\The Sims 4.lnk
  289. 2022-12-11 20:05 - 2022-12-11 20:05 - 000000000 ____D C:\Users\krzys\AppData\Roaming\Blender Foundation
  290. 2022-12-11 20:05 - 2022-12-11 20:05 - 000000000 ____D C:\Users\krzys\.thumbnails
  291. 2022-12-11 20:01 - 2022-12-11 20:01 - 000000959 _____ C:\Users\krzys\Desktop\Blender 3.4.lnk
  292. 2022-12-11 20:01 - 2022-12-11 20:01 - 000000000 ____D C:\Users\krzys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\blender
  293. 2022-11-27 20:18 - 2022-11-27 20:18 - 002567993 _____ C:\Users\krzys\Desktop\herschel1800 (1).pdf
  294. 2022-11-27 20:10 - 2022-11-27 20:10 - 003044249 _____ C:\Users\krzys\Desktop\herschel1800.pdf
  295. 2022-11-25 18:07 - 2022-11-25 18:07 - 000000000 ____D C:\Users\krzys\AppData\Roaming\SketchUp
  296. 2022-11-25 18:07 - 2022-11-25 18:07 - 000000000 ____D C:\Users\krzys\AppData\Local\SketchUp
  297. 2022-11-25 18:07 - 2022-11-25 18:07 - 000000000 ____D C:\ProgramData\Reprise
  298. 2022-11-25 18:07 - 2022-11-25 18:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2022
  299. 2022-11-25 18:06 - 2022-11-25 18:06 - 000000000 ____D C:\ProgramData\SketchUp
  300. 2022-11-25 18:06 - 2022-11-25 18:06 - 000000000 ____D C:\Program Files\SketchUp
  301. 2022-11-24 18:15 - 2022-12-11 19:39 - 000000000 ____D C:\Users\krzys\Documents\Komornik
  302. 2022-11-21 11:11 - 2023-01-06 20:15 - 000000000 ____D C:\WINDOWS\Panther
  303. 2022-11-20 11:08 - 2022-11-20 11:10 - 000000000 ____D C:\Users\krzys\Desktop\Tor Browser
  304. 2022-11-15 17:26 - 2022-11-15 17:26 - 001618806 _____ C:\Users\krzys\Desktop\archive_3.pdf
  305. 2022-11-15 13:33 - 2022-11-15 13:33 - 002845074 _____ C:\Users\krzys\Desktop\BABOTA.1.pdf
  306. 2022-11-13 20:31 - 2022-11-13 20:31 - 000175540 _____ C:\Users\krzys\Desktop\hacking2010.pdf
  307. 2022-11-13 20:30 - 2022-11-13 20:30 - 001356264 _____ C:\Users\krzys\Desktop\hacking1988.pdf
  308. 2022-11-09 09:41 - 2022-11-09 09:41 - 000000000 ____D C:\Users\krzys\AppData\Roaming\QtProject
  309. 2022-11-09 09:40 - 2023-01-20 06:35 - 000002464 _____ C:\WINDOWS\system32\Tasks\MiniToolPartitionWizard
  310. 2022-11-09 09:40 - 2022-11-09 09:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard 12
  311. 2022-11-09 09:40 - 2022-11-09 09:40 - 000000000 ____D C:\Program Files\MiniTool Partition Wizard 12
  312. 2022-11-09 09:40 - 2021-03-09 18:41 - 000037336 _____ C:\WINDOWS\system32\pwdrvio.sys
  313. 2022-11-09 09:40 - 2019-11-08 10:15 - 003600896 _____ C:\WINDOWS\system32\pwNative.exe
  314. 2022-11-09 09:40 - 2019-11-08 10:15 - 000012504 _____ C:\WINDOWS\system32\pwdspio.sys
  315. 2022-11-08 09:22 - 2022-11-08 09:22 - 098609427 _____ C:\Users\krzys\Desktop\R.G. Collingwood - The Idea of Nature (1945, Oxford University Press) - libgen.li.pdf
  316. 2022-11-07 08:50 - 2022-11-07 08:50 - 000000000 __SHD C:\Users\krzys\.dropbox_bi
  317. 2022-11-06 22:58 - 2022-11-06 22:58 - 002253896 _____ (Intel Corporation) C:\WINDOWS\system32\qve.signed.dll
  318. 2022-11-06 22:58 - 2022-11-06 22:58 - 002109512 _____ (Intel Corporation) C:\WINDOWS\system32\sgx_dcap_quoteverify.dll
  319. 2022-11-06 22:58 - 2022-11-06 22:58 - 000693840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\sgx_epid.dll
  320. 2022-11-06 22:58 - 2022-11-06 22:58 - 000693832 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\sgx_quote_ex.dll
  321. 2022-11-06 22:58 - 2022-11-06 22:58 - 000688200 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\sgx_launch.dll
  322. 2022-11-06 22:58 - 2022-11-06 22:58 - 000174664 _____ (Intel Corporation) C:\WINDOWS\system32\sgx_dcap_ql.dll
  323. 2022-11-06 22:58 - 2022-11-06 22:58 - 000107640 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\sgx_urts.dll
  324. 2022-11-06 22:58 - 2022-11-06 22:58 - 000060488 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\sgx_enclave_common.dll
  325. 2022-11-06 22:58 - 2022-11-06 22:58 - 000048712 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\sgx_platform.dll
  326. 2022-11-06 22:58 - 2022-11-06 22:58 - 000037960 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\sgx_uae_service.dll
  327. 2022-11-06 22:57 - 2022-11-06 22:57 - 001116248 _____ (Intel Corporation) C:\WINDOWS\system32\qe3.signed.dll
  328. 2022-11-06 22:57 - 2022-11-06 22:57 - 000805464 _____ (Intel Corporation) C:\WINDOWS\system32\sgx_epid.dll
  329. 2022-11-06 22:57 - 2022-11-06 22:57 - 000804984 _____ (Intel Corporation) C:\WINDOWS\system32\sgx_quote_ex.dll
  330. 2022-11-06 22:57 - 2022-11-06 22:57 - 000800888 _____ (Intel Corporation) C:\WINDOWS\system32\sgx_launch.dll
  331. 2022-11-06 22:57 - 2022-11-06 22:57 - 000713800 _____ (Intel Corporation) C:\WINDOWS\system32\pce.signed.dll
  332. 2022-11-06 22:57 - 2022-11-06 22:57 - 000145936 _____ (Intel Corporation) C:\WINDOWS\system32\id_enclave.signed.dll
  333. 2022-11-06 22:57 - 2022-11-06 22:57 - 000131160 _____ (Intel Corporation) C:\WINDOWS\system32\sgx_urts.dll
  334. 2022-11-06 22:57 - 2022-11-06 22:57 - 000075864 _____ (Intel Corporation) C:\WINDOWS\system32\sgx_enclave_common.dll
  335. 2022-11-06 22:57 - 2022-11-06 22:57 - 000059512 _____ (Intel Corporation) C:\WINDOWS\system32\sgx_platform.dll
  336. 2022-11-06 22:57 - 2022-11-06 22:57 - 000043608 _____ (Intel Corporation) C:\WINDOWS\system32\sgx_uae_service.dll
  337. 2022-11-06 12:36 - 2022-11-06 12:36 - 000594494 _____ C:\Users\krzys\Desktop\putnam1990.pdf
  338. 2022-11-03 09:43 - 2022-11-03 09:43 - 003483160 _____ C:\Users\krzys\Desktop\spor_o_racjonalnosc_open.pdf
  339. 2022-11-02 15:52 - 2022-11-02 15:52 - 008225876 _____ C:\Users\krzys\Desktop\noesis1314uoft.pdf
  340. 2022-11-02 09:07 - 2022-11-02 09:07 - 000589327 _____ C:\Users\krzys\Desktop\IHwyiw.pdf
  341. 2022-11-02 09:00 - 2022-11-02 09:00 - 000124711 _____ C:\Users\krzys\Desktop\000296430.pdf
  342. 2022-10-29 08:16 - 2022-11-21 11:06 - 000000000 ____D C:\Users\krzys\AppData\Roaming\Wargaming.net
  343. 2022-10-29 08:15 - 2022-10-29 08:15 - 000000000 ____D C:\ProgramData\Wargaming.net
  344. 2022-10-26 20:00 - 2022-10-26 20:00 - 014125766 _____ C:\Users\krzys\Desktop\ian_h_statistics2.pdf
  345. 2022-10-26 19:46 - 2022-10-26 19:46 - 005646207 _____ C:\Users\krzys\Desktop\ian_h_statistics.pdf
  346. 2022-10-26 09:44 - 2022-10-26 09:44 - 002137556 _____ C:\Users\krzys\Desktop\IH.pdf
  347.  
  348. ==================== Three months (modified) ==================
  349.  
  350. (If an entry is included in the fixlist, the file/folder will be moved.)
  351.  
  352. 2023-01-20 07:46 - 2021-09-23 11:20 - 000000000 ____D C:\FRST
  353. 2023-01-20 07:43 - 2020-12-09 11:59 - 000000000 ____D C:\Users\krzys\Documents\Citavi 6
  354. 2023-01-20 07:43 - 2020-04-12 11:46 - 000000000 ____D C:\ProgramData\NVIDIA
  355. 2023-01-20 07:25 - 2021-08-19 20:39 - 000000000 ____D C:\Program Files\CCleaner
  356. 2023-01-20 07:21 - 2021-06-05 13:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
  357. 2023-01-20 07:17 - 2021-09-23 13:32 - 000000000 ____D C:\Users\krzys\AppData\Local\Avast Software
  358. 2023-01-20 07:13 - 2020-11-17 19:34 - 000000000 ____D C:\Users\krzys\AppData\Roaming\uTorrent
  359. 2023-01-20 07:12 - 2021-10-18 14:26 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
  360. 2023-01-20 07:12 - 2020-11-25 11:22 - 000000000 ____D C:\Users\krzys\AppData\LocalLow\Mozilla
  361. 2023-01-20 06:55 - 2021-06-05 13:01 - 000000000 ____D C:\WINDOWS\CbsTemp
  362. 2023-01-20 06:51 - 2021-10-18 14:30 - 001787152 _____ C:\WINDOWS\system32\PerfStringBackup.INI
  363. 2023-01-20 06:51 - 2021-10-18 13:33 - 000794926 _____ C:\WINDOWS\system32\perfh015.dat
  364. 2023-01-20 06:51 - 2021-10-18 13:33 - 000155990 _____ C:\WINDOWS\system32\perfc015.dat
  365. 2023-01-20 06:51 - 2021-06-05 13:09 - 000000000 ____D C:\WINDOWS\INF
  366. 2023-01-20 06:49 - 2020-11-17 13:25 - 000000000 ____D C:\Program Files (x86)\Google
  367. 2023-01-20 06:48 - 2020-11-17 14:23 - 000000000 ____D C:\Users\krzys\AppData\Local\Dropbox
  368. 2023-01-20 06:48 - 2020-04-12 11:40 - 000000000 ____D C:\ProgramData\Goodix
  369. 2023-01-20 06:47 - 2022-06-08 11:48 - 000000000 ____D C:\Users\krzys\AppData\Roaming\DropboxElectron
  370. 2023-01-20 06:46 - 2021-06-05 13:10 - 000000000 ___HD C:\Program Files\WindowsApps
  371. 2023-01-20 06:46 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\AppReadiness
  372. 2023-01-20 06:45 - 2021-09-23 13:19 - 000000000 ____D C:\ProgramData\Avast Software
  373. 2023-01-20 06:44 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SystemTemp
  374. 2023-01-20 06:44 - 2020-04-12 12:59 - 000000000 __SHD C:\Users\krzys\IntelGraphicsProfiles
  375. 2023-01-20 06:43 - 2022-10-01 08:02 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
  376. 2023-01-20 06:43 - 2021-10-18 14:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
  377. 2023-01-20 06:43 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\ServiceState
  378. 2023-01-20 06:43 - 2021-03-21 18:32 - 000012288 ___SH C:\DumpStack.log.tmp
  379. 2023-01-20 06:43 - 2020-04-12 11:34 - 000000000 ___HD C:\Intel
  380. 2023-01-20 06:42 - 2021-06-05 13:01 - 000786432 _____ C:\WINDOWS\system32\config\BBI
  381. 2023-01-20 06:35 - 2022-10-01 08:02 - 000003048 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
  382. 2023-01-20 06:35 - 2021-10-18 14:30 - 000003498 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
  383. 2023-01-20 06:35 - 2021-10-18 14:30 - 000003494 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
  384. 2023-01-20 06:35 - 2021-10-18 14:30 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
  385. 2023-01-20 06:35 - 2021-10-18 14:30 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
  386. 2023-01-20 06:35 - 2021-10-18 14:30 - 000003274 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
  387. 2023-01-20 06:35 - 2021-10-18 14:30 - 000003270 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
  388. 2023-01-20 06:35 - 2021-10-18 14:30 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
  389. 2023-01-20 06:35 - 2021-10-18 14:30 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
  390. 2023-01-20 06:35 - 2021-10-18 14:30 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
  391. 2023-01-20 06:35 - 2021-10-18 14:30 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
  392. 2023-01-20 06:35 - 2021-10-18 14:30 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
  393. 2023-01-20 06:35 - 2021-10-18 14:30 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
  394. 2023-01-20 06:35 - 2021-10-18 14:30 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
  395. 2023-01-20 06:35 - 2021-10-18 14:30 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
  396. 2023-01-20 06:35 - 2021-10-18 14:30 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
  397. 2023-01-20 06:35 - 2021-10-18 14:30 - 000002254 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - krzys
  398. 2023-01-20 06:35 - 2021-10-18 14:30 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
  399. 2023-01-19 21:24 - 2021-10-18 14:30 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
  400. 2023-01-19 21:24 - 2020-04-12 11:52 - 000000000 ____D C:\Program Files\Microsoft Office
  401. 2023-01-19 15:43 - 2021-10-18 13:29 - 000000000 ____D C:\Program Files\MSBuild
  402. 2023-01-19 15:43 - 2021-10-18 13:29 - 000000000 ____D C:\Program Files (x86)\MSBuild
  403. 2023-01-19 14:48 - 2021-11-06 10:00 - 000002064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
  404. 2023-01-18 21:25 - 2020-11-18 13:14 - 000000000 ____D C:\Users\krzys\AppData\Roaming\WhatsApp
  405. 2023-01-18 12:42 - 2020-04-12 12:59 - 000000000 ____D C:\Users\krzys\AppData\Local\Packages
  406. 2023-01-18 10:32 - 2020-11-17 13:25 - 000002260 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
  407. 2023-01-17 13:46 - 2021-03-29 14:35 - 000000000 ____D C:\Users\krzys\AppData\Roaming\Suuntolink
  408. 2023-01-17 09:39 - 2020-11-22 00:09 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
  409. 2023-01-16 05:05 - 2021-10-18 14:26 - 000741072 _____ C:\WINDOWS\system32\FNTCACHE.DAT
  410. 2023-01-16 05:04 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SystemResources
  411. 2023-01-16 05:04 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\oobe
  412. 2023-01-16 05:04 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\bcastdvr
  413. 2023-01-15 08:09 - 2022-10-11 19:58 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
  414. 2023-01-14 21:20 - 2021-10-18 14:27 - 003110912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
  415. 2023-01-14 20:56 - 2020-11-17 20:10 - 000000000 ____D C:\WINDOWS\system32\MRT
  416. 2023-01-14 20:54 - 2020-11-17 14:23 - 000000000 ____D C:\Program Files (x86)\Dropbox
  417. 2023-01-14 20:48 - 2020-11-17 20:10 - 150199536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
  418. 2023-01-11 11:41 - 2022-05-07 10:06 - 000000000 ___HD C:\$WINDOWS.~BT
  419. 2023-01-09 13:42 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
  420. 2023-01-04 10:38 - 2021-03-29 14:35 - 000000000 ____D C:\Users\krzys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Suunto
  421. 2023-01-04 10:38 - 2021-03-29 14:35 - 000000000 ____D C:\Users\krzys\AppData\Local\Suuntolink
  422. 2022-12-28 20:15 - 2020-11-17 14:29 - 000000000 ____D C:\Users\krzys\AppData\Local\D3DSCache
  423. 2022-12-26 12:37 - 2022-10-18 11:44 - 000000000 ____D C:\Users\krzys\AppData\Local\WhatsApp
  424. 2022-12-24 07:33 - 2020-12-02 16:59 - 000000000 ____D C:\Users\krzys\AppData\Local\CrashDumps
  425. 2022-12-21 19:50 - 2020-12-01 13:32 - 000000000 ____D C:\Users\krzys\AppData\Local\Spotify
  426. 2022-12-21 19:50 - 2020-12-01 13:31 - 000000000 ____D C:\Users\krzys\AppData\Roaming\Spotify
  427.  
  428. ==================== Files in the root of some directories ========
  429.  
  430. 2021-05-28 11:45 - 2021-05-28 12:09 - 000000662 _____ () C:\Users\krzys\AppData\Roaming\Contact Sheet II.xml
  431. 2021-05-28 11:45 - 2021-05-28 12:14 - 000042610 _____ () C:\Users\krzys\AppData\Roaming\ContactSheetII.log
  432.  
  433. ==================== SigCheckExt =========================
  434.  
  435. 2021-01-09 15:24 - 2009-12-08 16:19 - 000290304 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BrfxDA5c.dll
  436. 2022-11-09 09:40 - 2019-11-08 10:15 - 003600896 _____ C:\WINDOWS\system32\pwNative.exe
  437. 2021-01-09 15:24 - 2010-03-15 19:45 - 000073728 _____ (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2.dll
  438. 2021-01-09 15:24 - 2007-12-13 22:16 - 000004608 _____ (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2L.dll
  439. 2021-01-09 15:24 - 2012-07-09 17:19 - 000005120 _____ (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2S.dll
  440. 2021-01-09 15:24 - 2012-09-10 16:31 - 000245760 _____ (brother) C:\WINDOWS\SysWOW64\NSSearch.dll
  441.  
  442. ==================== SigCheck ============================
  443.  
  444. (There is no automatic fix for files that do not pass verification.)
  445.  
  446.  
  447. ==================== BCD ================================
  448.  
  449. Firmware Boot Manager
  450. ---------------------
  451. identifier {fwbootmgr}
  452. displayorder {bootmgr}
  453. {a8f1f1d5-7c26-11ea-a30e-006f00080406}
  454. {a8f1f1d6-7c26-11ea-a30e-006f00080406}
  455. {a8f1f1d7-7c26-11ea-a30e-006f00080406}
  456. timeout 0
  457.  
  458. Windows Boot Manager
  459. --------------------
  460. identifier {bootmgr}
  461. device partition=\Device\HarddiskVolume1
  462. path \EFI\Microsoft\Boot\bootmgfw.efi
  463. description Windows Boot Manager
  464. locale en-US
  465. inherit {globalsettings}
  466. default {current}
  467. resumeobject {cc01a822-7cb3-11ea-876f-5c80b6dc8c9a}
  468. displayorder {current}
  469. toolsdisplayorder {memdiag}
  470. timeout 30
  471.  
  472. Firmware Application (101fffff)
  473. -------------------------------
  474. identifier {a8f1f1d5-7c26-11ea-a30e-006f00080406}
  475. description EFI USB Device
  476.  
  477. Firmware Application (101fffff)
  478. -------------------------------
  479. identifier {a8f1f1d6-7c26-11ea-a30e-006f00080406}
  480. description EFI DVD/CDROM
  481.  
  482. Firmware Application (101fffff)
  483. -------------------------------
  484. identifier {a8f1f1d7-7c26-11ea-a30e-006f00080406}
  485. description EFI Network
  486.  
  487. Windows Boot Loader
  488. -------------------
  489. identifier {current}
  490. device partition=C:
  491. path \WINDOWS\system32\winload.efi
  492. description Windows 11
  493. locale en-US
  494. inherit {bootloadersettings}
  495. recoverysequence {cc01a825-7cb3-11ea-876f-5c80b6dc8c9a}
  496. displaymessageoverride Recovery
  497. recoveryenabled Yes
  498. isolatedcontext Yes
  499. allowedinmemorysettings 0x15000075
  500. osdevice partition=C:
  501. systemroot \WINDOWS
  502. resumeobject {cc01a822-7cb3-11ea-876f-5c80b6dc8c9a}
  503. nx OptIn
  504. bootmenupolicy Standard
  505.  
  506. Windows Boot Loader
  507. -------------------
  508. identifier {cc01a825-7cb3-11ea-876f-5c80b6dc8c9a}
  509. device ramdisk=[\Device\HarddiskVolume7]\Recovery\WindowsRE\Winre.wim,{cc01a826-7cb3-11ea-876f-5c80b6dc8c9a}
  510. path \windows\system32\winload.efi
  511. description Windows Recovery Environment
  512. locale en-US
  513. inherit {bootloadersettings}
  514. displaymessage Recovery
  515. osdevice ramdisk=[\Device\HarddiskVolume7]\Recovery\WindowsRE\Winre.wim,{cc01a826-7cb3-11ea-876f-5c80b6dc8c9a}
  516. systemroot \windows
  517. nx OptIn
  518. bootmenupolicy Standard
  519. winpe Yes
  520.  
  521. Resume from Hibernate
  522. ---------------------
  523. identifier {cc01a822-7cb3-11ea-876f-5c80b6dc8c9a}
  524. device partition=C:
  525. path \WINDOWS\system32\winresume.efi
  526. description Windows Resume Application
  527. locale en-US
  528. inherit {resumeloadersettings}
  529. recoverysequence {cc01a825-7cb3-11ea-876f-5c80b6dc8c9a}
  530. recoveryenabled Yes
  531. isolatedcontext Yes
  532. allowedinmemorysettings 0x15000075
  533. filedevice partition=C:
  534. custom:21000026 partition=C:
  535. filepath \hiberfil.sys
  536. bootmenupolicy Standard
  537. debugoptionenabled No
  538.  
  539. Windows Memory Tester
  540. ---------------------
  541. identifier {memdiag}
  542. device partition=\Device\HarddiskVolume1
  543. path \EFI\Microsoft\Boot\memtest.efi
  544. description Windows Memory Diagnostic
  545. locale en-US
  546. inherit {globalsettings}
  547. badmemoryaccess Yes
  548.  
  549. EMS Settings
  550. ------------
  551. identifier {emssettings}
  552. bootems No
  553.  
  554. Debugger Settings
  555. -----------------
  556. identifier {dbgsettings}
  557. debugtype Local
  558.  
  559. RAM Defects
  560. -----------
  561. identifier {badmemory}
  562.  
  563. Global Settings
  564. ---------------
  565. identifier {globalsettings}
  566. inherit {dbgsettings}
  567. {emssettings}
  568. {badmemory}
  569.  
  570. Boot Loader Settings
  571. --------------------
  572. identifier {bootloadersettings}
  573. inherit {globalsettings}
  574. {hypervisorsettings}
  575.  
  576. Hypervisor Settings
  577. -------------------
  578. identifier {hypervisorsettings}
  579. hypervisordebugtype Serial
  580. hypervisordebugport 1
  581. hypervisorbaudrate 115200
  582.  
  583. Resume Loader Settings
  584. ----------------------
  585. identifier {resumeloadersettings}
  586. inherit {globalsettings}
  587.  
  588. Device options
  589. --------------
  590. identifier {cc01a826-7cb3-11ea-876f-5c80b6dc8c9a}
  591. description Windows Recovery
  592. ramdisksdidevice partition=\Device\HarddiskVolume7
  593. ramdisksdipath \Recovery\WindowsRE\boot.sdi
  594.  
  595. ==================== End of FRST.txt ========================
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!