JustPaste.it

FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-09-2021
Ran by Marek (administrator) on DESKTOP-VVUFV66 (TOSHIBA SATELLITE C70D-C-12U) (19-09-2021 22:43:25)
Running from C:\Users\Marek\Downloads
Loaded Profiles: Marek
Platform: Windows 10 Home Version 21H1 19043.1237 (X64) Language: English (United Kingdom)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_3a7a9fcae48f1ca6\DSDFunctionKeyCtlService.exe <2>
(Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_3a7a9fcae48f1ca6\dynabookSystemService.exe
(Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_3a7a9fcae48f1ca6\RMService.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Lespeed Technology Ltd. -> WiseCleaner.com) C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe
(Malwarebytes Inc -> Malwarebytes) C:\Users\Marek\Downloads\adwcleaner_8.3.0.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <11>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <11>
(Vivaldi Technologies AS -> Vivaldi Technologies AS) C:\Users\Marek\AppData\Local\Vivaldi\Application\vivaldi.exe <22>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [124184 2021-09-09] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-3559403019-2055364116-2686755073-1001\...\Run: [MicrosoftEdgeAutoLaunch_03B5A3EA4209A3DB74DEEA6B651FF542] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKU\S-1-5-21-3559403019-2055364116-2686755073-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [34612864 2021-06-07] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3559403019-2055364116-2686755073-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\...\Windows x64\Print Processors\Canon MP250 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9W.DLL [28672 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP250 series: C:\WINDOWS\system32\CNMLM9W.DLL [336896 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0237FB25-32DE-4E4B-98AB-D2D9F4788CD1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {0A542472-D9DC-432F-8B55-8C66C1EBAF4C} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61112 2019-07-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {10ECDF8C-5169-4546-A0A7-67EFA657618D} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [68280 2019-07-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {12C9B18A-D1E2-4D04-B923-35CC75CBBA42} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [468992 2019-07-30] (Advanced Micro Devices, Inc.) [File not signed]
Task: {21B946EF-AA62-41B7-83BD-BF3DE23C2AD5} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\Explorer.exe /NoUACCheck
Task: {952A4F34-F7C7-4D76-BD07-99CED271D1BE} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1790184 2021-04-29] (Avast Software s.r.o. -> Avast Software)
Task: {96617203-0FB6-400B-804D-2F1D7C576DCD} - System32\Tasks\AMD ThankingURL => C:\Program Files\AMD\CIM\Bin64\Setup.exe [891576 2019-07-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {B9E7AF97-1B6D-468E-9FDB-9168C4597E83} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [468992 2019-07-30] (Advanced Micro Devices, Inc.) [File not signed]
Task: {BE46867A-7412-477B-923C-0286179DC877} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-06-07] (Piriform Software Ltd -> Piriform)
Task: {D72C4AD8-043D-4540-BBD2-EB67B904CB3A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28985472 2021-06-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DB87ED54-5541-412F-B5B8-172F7C165E51} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4917528 2021-09-09] (Avast Software s.r.o. -> AVAST Software)
Task: {DE866E60-F32A-4BCA-9243-0BEABE232601} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [680888 2021-09-10] (Mozilla Corporation -> Mozilla Foundation)
Task: {EC45CEBB-AF0B-4239-BEE2-B5EB28D5C87E} - System32\Tasks\Wise Turbo Checker.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe [1609384 2017-12-29] (Lespeed Technology Ltd. -> WiseCleaner.COM)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{c2a17150-e462-41e9-85e9-6d5e3dcd3fa4}: [DhcpNameServer] 192.168.1.254

Edge: 
=======
DownloadDir: C:\Users\Marek\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Marek\AppData\Local\Microsoft\Edge\User Data\Default [2021-09-19]

FireFox:
========
FF DefaultProfile: w3s8oxdt.default
FF ProfilePath: C:\Users\Marek\AppData\Roaming\TomTom\HOME\Profiles\b2wzxqgv.default [2019-12-10]
FF Extension: (No Name) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [not found]
FF ProfilePath: C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\w3s8oxdt.default [2019-08-16]
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\w3s8oxdt.default\Extensions\sp@avast.com.xpi [2019-07-24]
FF Extension: (Avast Online Security) - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\w3s8oxdt.default\Extensions\wrc@avast.com.xpi [2019-07-24]
FF ProfilePath: C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\xt01kjbo.default-release [2021-09-19]
FF Homepage: Mozilla\Firefox\Profiles\xt01kjbo.default-release -> hxxps://www.wp.pl/
FF Extension: (AdBlocker Ultimate) - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\xt01kjbo.default-release\Extensions\adblockultimate@adblockultimate.net.xpi [2021-08-21]
FF Extension: (To Google Translate) - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\xt01kjbo.default-release\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2021-06-22]
FF Extension: (Polski Language Pack) - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\xt01kjbo.default-release\Extensions\langpack-pl@firefox.mozilla.org.xpi [2021-09-11]
FF Extension: (Polish Spellchecker Dictionary) - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\xt01kjbo.default-release\Extensions\pl@dictionaries.addons.mozilla.org.xpi [2020-07-01]
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\xt01kjbo.default-release\Extensions\sp@avast.com.xpi [2021-09-16]
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2009-03-26] (CANON INC.) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

Vivaldi: 
=======
VIV Profile: C:\Users\Marek\AppData\Local\Vivaldi\User Data\Default [2021-09-19]
VIV HomePage: Default -> hxxps://vivaldi.com/
VIV Extension: (Adobe Acrobat) - C:\Users\Marek\AppData\Local\Vivaldi\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-09-07]
VIV Extension: (Chrome Media Router) - C:\Users\Marek\AppData\Local\Vivaldi\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-29]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AbAdminService; C:\Program Files (x86)\ToolbarTerminator\AbAdminService.exe [36840 2019-03-13] (Ascora GmbH -> Ascora GmbH)
S3 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [88648 2020-02-25] (Adobe Inc. -> Adobe Systems)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8303184 2021-09-09] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [630040 2021-09-09] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [377624 2021-09-09] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-05-20] (Avast Software s.r.o. -> AVAST Software)
R2 DSDFunctionKeyCtlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_3a7a9fcae48f1ca6\DSDFunctionKeyCtlService.exe [631496 2021-09-10] (Dynabook Inc. -> Dynabook Inc.)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1874272 2021-05-05] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6840672 2021-05-05] (GOG Sp. z o.o. -> GOG.com)
S3 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-02-10] (Canon Inc. -> )
S3 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2019-08-10] (Even Balance, Inc. -> )
S3 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [13921616 2021-06-14] (Adlice -> )
S3 tbaseprovisioning; C:\WINDOWS\SysWOW64\tbaseprovisioning.exe [60432 2015-06-23] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R2 TSDSettingService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_3a7a9fcae48f1ca6\dynabookSystemService.exe [44783792 2021-09-10] (Dynabook Inc. -> Dynabook Inc.)
S2 TSDTabletControlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_3a7a9fcae48f1ca6\TOSTABSYSSVC.exe [304888 2021-09-10] (Dynabook Inc. -> Dynabook Inc.)
R2 TSDWirelessLEDCtlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_3a7a9fcae48f1ca6\RMService.exe [454848 2021-09-10] (Dynabook Inc. -> Dynabook Inc.)
S3 TTHOMEService; C:\Program Files (x86)\TomTom HOME 2\TTHOMEService.exe [97792 2019-04-17] (TomTom) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\NisSrv.exe [2772856 2021-09-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MsMpEng.exe [136640 2021-09-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [658600 2017-07-06] (Lespeed Technology Ltd. -> WiseCleaner.com)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35712 2021-09-09] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [221584 2021-09-09] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [367632 2021-09-09] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250384 2021-09-09] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99344 2021-09-09] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [17344 2021-08-21] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41344 2021-09-09] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [184120 2021-09-09] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [538464 2021-09-09] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107840 2021-09-09] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82904 2021-09-09] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851704 2021-09-09] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [553496 2021-09-09] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215384 2021-09-09] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [328568 2021-09-09] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 cpuz143; C:\WINDOWS\temp\cpuz143\cpuz143_x64.sys [48960 2021-09-19] (CPUID -> CPUID)
S3 cpuz145; C:\WINDOWS\temp\cpuz145\cpuz145_x64.sys [49968 2021-09-19] (CPUID -> CPUID)
S3 MpKsla94e1753; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7B58E98B-C639-47BB-88BA-A66A089BE8EB}\MpKslDrv.sys [130296 2021-09-17] (Microsoft Windows -> Microsoft Corporation)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-09-23] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [47816 2020-07-22] (Dynabook Inc. -> Dynabook Inc.)
R3 tosrfec; C:\WINDOWS\System32\drivers\tosrfec.sys [37808 2019-04-30] (Dynabook Inc. -> Dynabook Inc.)
R1 TosSrvCtlDrv; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_3a7a9fcae48f1ca6\TosSrvCtlDrv.sys [27120 2021-09-10] (Dynabook Inc. -> Dynabook Inc.)
R0 TVALZ_O; C:\WINDOWS\System32\drivers\TVALZ_O.SYS [46088 2019-04-30] (Dynabook Inc. -> Dynabook Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2021-09-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [433384 2021-09-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86264 2021-09-04] (Microsoft Windows -> Microsoft Corporation)
S3 WiseHDInfo; C:\Windows\WiseHDInfo64.dll [33864 2021-09-19] (Beijing Lang Xingda Network Technology Co., Ltd -> wisecleaner.com)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2020-01-29] (Zemana Ltd. -> Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2020-01-29] (Zemana Ltd. -> Zemana Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-09-19 21:54 - 2021-09-19 21:54 - 000041318 _____ C:\Users\Marek\Downloads\Shortcut.txt
2021-09-19 21:50 - 2021-09-19 21:54 - 000030117 _____ C:\Users\Marek\Downloads\Addition.txt
2021-09-19 21:45 - 2021-09-19 22:45 - 000018338 _____ C:\Users\Marek\Downloads\FRST.txt
2021-09-19 21:40 - 2021-09-19 22:44 - 000000000 ____D C:\FRST
2021-09-19 21:40 - 2021-09-19 21:40 - 002304000 _____ (Farbar) C:\Users\Marek\Downloads\FRST64.exe
2021-09-19 20:40 - 2021-09-19 20:40 - 000276184 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-09-19 20:31 - 2021-09-19 20:37 - 000000000 ____D C:\AdwCleaner
2021-09-19 20:31 - 2021-09-19 20:31 - 008553680 _____ (Malwarebytes) C:\Users\Marek\Downloads\adwcleaner_8.3.0.exe
2021-09-19 08:47 - 2021-09-19 16:20 - 000002590 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2021-09-19 08:18 - 2021-09-19 08:18 - 000000000 ____D C:\ProgramData\{F86B0233-9A85-4589-8AAF-524CC4F8211B}
2021-09-19 08:16 - 2021-09-19 08:18 - 000000000 ____D C:\ProgramData\ProductData
2021-09-19 08:15 - 2021-09-19 08:47 - 000000000 ____D C:\Users\Marek\AppData\Roaming\IObit
2021-09-19 08:15 - 2021-09-19 08:47 - 000000000 ____D C:\Users\Marek\AppData\LocalLow\IObit
2021-09-19 08:15 - 2021-09-19 08:15 - 000000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled
2021-09-19 08:15 - 2021-09-19 08:15 - 000000000 ____D C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216}
2021-09-19 08:15 - 2021-09-19 08:15 - 000000000 ____D C:\Program Files (x86)\IObit
2021-09-19 08:14 - 2021-09-19 08:47 - 000000000 ____D C:\ProgramData\IObit
2021-09-19 08:02 - 2021-09-19 08:02 - 000001233 _____ C:\Users\Public\Desktop\Wise Care 365.lnk
2021-09-16 23:24 - 2021-09-16 23:24 - 001313608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-09-16 23:24 - 2021-09-16 23:24 - 000672768 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-09-16 23:24 - 2021-09-16 23:24 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-09-16 23:24 - 2021-09-16 23:24 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-09-16 23:24 - 2021-09-16 23:24 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2021-09-16 23:24 - 2021-09-16 23:24 - 000011355 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-09-16 23:23 - 2021-09-16 23:23 - 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll
2021-09-16 23:23 - 2021-09-16 23:23 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-09-16 23:23 - 2021-09-16 23:23 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-09-16 23:23 - 2021-09-16 23:23 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-09-16 23:23 - 2021-09-16 23:23 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-09-16 23:23 - 2021-09-16 23:23 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2021-09-16 23:22 - 2021-09-16 23:22 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-09-16 23:22 - 2021-09-16 23:22 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-09-16 23:22 - 2021-09-16 23:22 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-09-16 23:21 - 2021-09-16 23:21 - 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll
2021-09-16 23:21 - 2021-09-16 23:21 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-09-16 23:21 - 2021-09-16 23:21 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-09-16 23:21 - 2021-09-16 23:21 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-09-16 23:21 - 2021-09-16 23:21 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-09-16 22:25 - 2021-09-16 22:25 - 000000000 ___HD C:\$WinREAgent
2021-09-11 13:13 - 2021-09-11 13:13 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-09-10 09:11 - 2021-09-14 22:02 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-09-09 13:17 - 2021-09-09 13:16 - 000340248 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-09-09 13:17 - 2021-09-09 13:16 - 000215384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-09-08 19:22 - 2021-09-08 19:22 - 000459310 _____ C:\Users\Marek\Downloads\Zacieramy ślady w komputerze - praktyczny poradnik.htm
2021-09-08 19:22 - 2021-09-08 19:22 - 000000000 ____D C:\Users\Marek\Downloads\Zacieramy ślady w komputerze - praktyczny poradnik_pliki
2021-09-08 18:38 - 2021-09-08 18:38 - 000000320 _____ C:\Users\Marek\Documents\Czyszczenie pliku wymiany przy zamykaniu komputera.txt
2021-08-23 03:09 - 2021-08-23 03:09 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-08-23 03:08 - 2021-08-23 03:08 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-08-23 03:03 - 2021-08-23 03:03 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-08-21 02:13 - 2021-08-21 02:13 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-08-21 02:13 - 2021-08-21 02:13 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-08-21 02:13 - 2021-08-21 02:13 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-08-21 02:13 - 2021-08-21 02:13 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb
2021-08-21 00:45 - 2021-09-19 16:20 - 000003214 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6af18e2a465aa

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-09-19 22:45 - 2020-01-29 08:59 - 000093116 _____ C:\WINDOWS\ZAM.krnl.trace
2021-09-19 22:45 - 2020-01-29 08:59 - 000062279 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2021-09-19 21:19 - 2021-06-04 06:54 - 000000000 ____D C:\Users\Marek\AppData\Local\Avast Software
2021-09-19 21:10 - 2020-02-16 14:42 - 000000374 _____ C:\Users\Marek\.vivaldi_reporting_data
2021-09-19 20:55 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-09-19 20:50 - 2019-07-24 17:01 - 000000000 ____D C:\Program Files\CCleaner
2021-09-19 20:48 - 2019-07-26 11:22 - 000000000 ____D C:\Users\Marek\AppData\LocalLow\Mozilla
2021-09-19 20:46 - 2019-07-28 19:23 - 000000000 ____D C:\Users\Marek\AppData\Roaming\Wise Care 365
2021-09-19 20:46 - 2019-07-24 17:59 - 000000000 ____D C:\ProgramData\AVAST Software
2021-09-19 20:40 - 2020-10-31 01:17 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-09-19 20:40 - 2020-10-31 00:46 - 000008192 ___SH C:\DumpStack.log.tmp
2021-09-19 20:38 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-09-19 20:38 - 2019-07-24 15:26 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2021-09-19 20:37 - 2020-10-30 21:32 - 000000000 ____D C:\Users\Marek
2021-09-19 20:18 - 2019-07-27 18:48 - 000000000 ____D C:\Users\Marek\AppData\Local\CrashDumps
2021-09-19 16:20 - 2020-10-31 01:17 - 000003408 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-09-19 16:20 - 2020-10-31 01:17 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-09-19 16:20 - 2020-10-31 01:17 - 000002238 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-09-19 16:20 - 2020-10-31 01:17 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-09-19 15:43 - 2020-10-31 00:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-09-19 08:50 - 2019-07-28 19:24 - 000033864 _____ (wisecleaner.com) C:\WINDOWS\WiseHDInfo64.dll
2021-09-19 08:22 - 2019-07-25 12:09 - 000000425 _____ C:\Users\Marek\Desktop\CD Drive - Shortcut.lnk
2021-09-19 08:02 - 2019-07-28 19:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Care 365
2021-09-18 21:45 - 2021-07-06 19:15 - 000001276 _____ C:\Users\Marek\Desktop\ESET Online Scanner.lnk
2021-09-18 21:45 - 2021-07-06 19:13 - 000001382 _____ C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2021-09-18 21:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-09-18 19:56 - 2020-10-31 01:17 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-09-18 11:55 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-09-18 11:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-09-18 10:57 - 2020-06-25 22:33 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-09-18 10:57 - 2020-06-25 22:33 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-09-17 21:41 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-09-17 20:40 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-09-17 13:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-09-17 00:46 - 2020-10-31 01:03 - 001678234 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-09-17 00:46 - 2020-10-30 19:22 - 000753040 _____ C:\WINDOWS\system32\perfh015.dat
2021-09-17 00:46 - 2020-10-30 19:22 - 000148584 _____ C:\WINDOWS\system32\perfc015.dat
2021-09-17 00:34 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-09-17 00:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-09-17 00:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-09-17 00:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-09-17 00:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-09-17 00:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-09-17 00:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-09-17 00:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-09-17 00:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-09-17 00:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-09-17 00:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2021-09-17 00:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-09-17 00:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-09-17 00:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-09-17 00:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-09-17 00:34 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-09-16 23:51 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-09-16 22:19 - 2019-07-24 23:37 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-09-16 22:16 - 2019-07-24 23:36 - 135637312 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-09-14 22:06 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-09-14 22:02 - 2019-07-26 11:21 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-09-14 22:02 - 2019-07-24 15:30 - 000000000 ____D C:\ProgramData\Realtek
2021-09-11 13:13 - 2019-07-26 11:21 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-09-09 13:18 - 2019-07-24 18:01 - 000328568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-09-09 13:16 - 2020-12-18 21:10 - 000035712 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-09-09 13:16 - 2020-10-29 06:38 - 000184120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-09-09 13:16 - 2020-04-10 07:54 - 000538464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-09-09 13:16 - 2019-07-24 18:01 - 000851704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-09-09 13:16 - 2019-07-24 18:01 - 000553496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-09-09 13:16 - 2019-07-24 18:01 - 000367632 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-09-09 13:16 - 2019-07-24 18:01 - 000250384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-09-09 13:16 - 2019-07-24 18:01 - 000221584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-09-09 13:16 - 2019-07-24 18:01 - 000107840 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-09-09 13:16 - 2019-07-24 18:01 - 000099344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-09-09 13:16 - 2019-07-24 18:01 - 000082904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-09-09 13:16 - 2019-07-24 18:01 - 000041344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-09-04 16:44 - 2020-05-15 14:47 - 000000000 ___RD C:\Users\Marek\iCloudDrive
2021-09-04 14:53 - 2019-07-24 14:57 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-09-03 08:12 - 2020-10-29 08:35 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-09-01 00:29 - 2019-07-24 15:24 - 000000000 ____D C:\Users\Marek\AppData\Local\Packages
2021-08-31 06:00 - 2019-07-24 17:40 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-08-23 04:03 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-08-21 06:59 - 2019-08-04 18:19 - 000007604 _____ C:\Users\Marek\AppData\Local\resmon.resmoncfg
2021-08-21 02:31 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-08-21 01:09 - 2019-07-24 18:01 - 000017344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys

==================== Files in the root of some directories ========

2019-08-04 18:19 - 2021-08-21 06:59 - 000007604 _____ () C:\Users\Marek\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================