Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-01-2025 Ran by SYSTEM on MININT-DM2ADM7 (29-01-2025 19:52:09) Running from h:\\FRST64.exe Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Polski (Polska) -> Polski (Polska) Boot Mode: Recovery Default: ControlSet001 [b]ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.[/b] ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [427816 2024-12-20] (Avast Software s.r.o. -> Gen Digital Inc.) HKLM-x32\...\Run: [Genshin Impact_launcher_mihoyo_1_0] => D:\Genshin Impact\updateProgram\Update.exe (No File) HKLM\...\RunOnce: [*WerKernelReporting] => C:\Windows\SYSTEM32\WerFault.exe [415232 2009-07-14] (Microsoft Corporation) HKU\Administrator\...\Run: [AvastBrowserAutoLaunch_8901C211194C0DFF277C9606C1448E31] => "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --check-run=src=logon --auto-launch-at-startup --profile-directory="Default" (No File) HKU\Baltuss\...\Run: [AvastBrowserAutoLaunch_0BE1254EF4F64572E84D2FE0975B59B2] => "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --check-run=src=logon --onboarding-at-startup --auto-launch-at-startup --profile-directory="Default" (No File) HKU\Baltuss\...\Run: [Steam] => "C:\Program Files (x86)\Steam\steam.exe" -silent (No File) HKU\Martyna\...\Run: [ALLUpdate] => C:\Program Files\ALLPlayer\ALLUpdate.exe [4189064 2022-07-13] (ALLPlayer Group sp. z o.o. -> ALLPlayer.org) HKU\Martyna\...\Run: [Wargaming.net Game Center] => C:\Program Files (x86)\Wargaming.net\GameCenter\wgc.exe [2148016 2022-11-24] (Wargaming.net Limited -> Wargaming.net) HKU\Martyna\...\Run: [AvastBrowserAutoLaunch_1CC11B308769223F46EB880C91BFA998] => "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --check-run=src=logon --auto-launch-at-startup --profile-directory="Default" (No File) HKU\NieTykajBoPożre\...\Run: [com.squirrel.Teams.Teams] => C:\Users\NieTykajBoPożre\AppData\Local\Microsoft\Teams\Update.exe [2594040 2024-12-19] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\TEZTYSIA\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Martyna\AppData\Local\Microsoft\Teams\Update.exe [2587336 2023-01-24] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\TEZTYSIA\...\Run: [AvastBrowserAutoLaunch_5A29C5F4A4D8E75C2B8E8233F0628BFD] => "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --check-run=src=logon --onboarding-at-startup --auto-launch-at-startup --profile-directory="Default" (No File) HKLM\Software\...\Authentication\Credential Providers: [{25CBB996-92ED-457e-B28C-4774084BD562}] -> C:\Windows\system32\authui.dll [2016-08-29] (Microsoft Corporation) HKLM\Software\...\Authentication\Credential Providers: [{3dd6bec0-8193-4ffe-ae25-e08e39ea4063}] -> C:\Windows\system32\authui.dll [2016-08-29] (Microsoft Corporation) HKLM\Software\...\Authentication\Credential Providers: [{6f45dc1e-5384-457a-bc13-2cd81b0d28ed}] -> C:\Windows\system32\authui.dll [2016-08-29] (Microsoft Corporation) HKLM\Software\...\Authentication\Credential Provider Filters: [{DDC0EED2-ADBE-40b6-A217-EDE16A79A0DE}] -> C:\Windows\system32\authui.dll [2016-08-29] (Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}] -> C:\Windows\SysWOW64\scecli.dll [2010-11-21] (Microsoft Corporation) GroupPolicy: Restriction - Chrome <==== ATTENTION Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION ==================== Scheduled Tasks (All) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {B02B2410-57CE-4532-A9E4-0DD7B37FE707} - System32\Tasks\{57681832-2342-46FA-95BE-7889B7AA8149} => C:\Program Files\Genshin Impact\launcher.exe [3455600 2023-07-31] (COGNOSPHERE PTE. LTD. -> HoYoverse) Task: {A0B3D804-9494-47E3-A1F0-EF8479A45FD2} - System32\Tasks\{87C3D470-3982-4015-8273-CE9189CCB22C} => C:\Windows\System32\pcalua.exe [9728 2019-02-10] (Microsoft Corporation) -> -a "C:\Riot Games\Riot Client\RiotClientServices.exe" -c --uninstall-product=league_of_legends --uninstall-patchline=live Task: {177B4455-7FC0-40F8-86A1-16C9ACFDA08E} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-09] (Adobe Inc. -> Adobe) Task: {36BF4FC3-16A3-480D-AFA8-4B9D23652062} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe) Task: {1AE6833F-B564-4999-A408-1B8EB98E18AC} - System32\Tasks\Avast Software\Avast Antivirus Patcher => C:\Program Files\Common Files\Avast Software\Icarus\avast-av\icarus.exe [8400680 2024-12-16] (Avast Software s.r.o. -> Gen Digital Inc.) Task: {7FD24B7B-9C72-442F-9068-3677C8C5BEA2} - System32\Tasks\Avast Software\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5214504 2024-12-20] (Avast Software s.r.o. -> Gen Digital Inc.) Task: {E789831B-F55A-4E4D-818E-936FDEED134A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2564904 2024-11-19] (Avast Software s.r.o. -> Gen Digital Inc.) Task: {DFB31765-C8F1-46AE-B2AB-BAF551D062F1} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [302968 2024-02-26] (Now.gg, INC -> BlueStack Systems, Inc.) Task: {A66BD1EC-97E3-4B25-814B-2493A4F8B0C6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-01-28] (Google Inc -> Google Inc.) Task: {B74A3748-3227-40CB-8FA6-6F0B58F58CE1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-01-28] (Google Inc -> Google Inc.) Task: {300BFC9C-055A-4738-B7EF-52005BF7592D} - System32\Tasks\HP AR Program Upload - 00a45e4b44ee473abc0accc440ea02d42341207cc8664a5496eaa4d92147a005 => C:\Program Files\HP\HP DeskJet 4530 series\Bin\HPRewards.exe [3871240 2015-03-09] (Hewlett Packard -> Hewlett-Packard Development Company, LP) Task: {D3222BAE-6EEF-401E-AD3B-02B54F9C6E8C} - System32\Tasks\HP AR Program Upload - 3b7a2c73400d4161953dc64a6ae87bdb1d0a5aa6df204173aceb00241b246832 => C:\Program Files\HP\HP DeskJet 4530 series\Bin\HPRewards.exe [3871240 2015-03-09] (Hewlett Packard -> Hewlett-Packard Development Company, LP) Task: {663F24E4-A614-40CD-BA18-2B0833451FF3} - System32\Tasks\HP AR Program Upload - 76e63c1b7ff64b7c9cc231118f3fb3f6939e0339b8414972bb877c84f9f1346a => C:\Program Files\HP\HP DeskJet 4530 series\Bin\HPRewards.exe [3871240 2015-03-09] (Hewlett Packard -> Hewlett-Packard Development Company, LP) Task: {69927579-8B9B-4820-9C85-33E6090868AF} - System32\Tasks\HP AR Program Upload - 7d2c710b69ea4213b0eddc5a334bad248c9aa9e63fcf4b7d9df5e5723214d3c5 => C:\Program Files\HP\HP DeskJet 4530 series\Bin\HPRewards.exe [3871240 2015-03-09] (Hewlett Packard -> Hewlett-Packard Development Company, LP) Task: {2DDD2A63-B61E-4D07-B294-D08591FADD93} - System32\Tasks\HP AR Program Upload - a32133854256413ab8f80cc680d18e0879eace4d740440758f70bf48f79a71f5 => C:\Program Files\HP\HP DeskJet 4530 series\Bin\HPRewards.exe [3871240 2015-03-09] (Hewlett Packard -> Hewlett-Packard Development Company, LP) Task: {67A6B9E1-2EDF-4790-8126-EE69104842FB} - System32\Tasks\HP AR Program Upload - b9c1b0f6fa8346b99f50ac4ce69dcf0c9778087168c84196bb630bc2b244ebd5 => C:\Program Files\HP\HP DeskJet 4530 series\Bin\HPRewards.exe [3871240 2015-03-09] (Hewlett Packard -> Hewlett-Packard Development Company, LP) Task: {E48300F6-1FB7-46BB-BBFD-6D300B70CE0E} - System32\Tasks\HPCustPartic.exe_{BDC2EDDF-3AB4-4242-BEA7-9575BBDE4176} => C:\Program Files\HP\HP DeskJet 4530 series\Bin\HPCustPartic.exe /surveydata /cc pl /zipcode /usagetype /lang pl (No File) Task: {800CE2BF-7AB0-4670-9588-429B9F5892A4} - System32\Tasks\HPCustPartic.exe_{E0BAE2DA-68CC-41F1-9D63-A836486D8013} => C:\Program Files\HP\HP DeskJet 4530 series\Bin\HPCustPartic.exe /installoptout 1485619537 /installreport no (No File) Task: {613612BA-897D-44CE-8DC1-8FC283F9FD51} - System32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated) => {CF2CF428-325B-48D3-8CA8-7633E36E5A32} C:\Windows\system32\msdrm.dll [528384 2013-12-04] (Microsoft Corporation) Task: {28011108-68DF-4C73-B91B-57427D501BBA} - System32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual) => {BF5CB148-7C77-4d8a-A53E-D81C70CF743C} C:\Windows\system32\msdrm.dll [528384 2013-12-04] (Microsoft Corporation) Task: {A48CABBF-24C8-4B87-B00F-9261807C3B43} - System32\Tasks\Microsoft\Windows\AppID\PolicyConverter => C:\Windows\system32\appidpolicyconverter.exe [148480 2019-02-21] (Microsoft Corporation) Task: {72DB7465-BC54-491B-A92A-4637A28C9BBF} - System32\Tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck => C:\Windows\system32\appidcertstorecheck.exe [17920 2019-02-21] (Microsoft Corporation) Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent (No File) Task: {A7C73732-9F11-4281-8D19-764D4EC9D94D} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\SysWOW64\rundll32.exe [44544 2009-07-14] (Microsoft Corporation) -> aepdu.dll,AePduRunUpdate <==== ATTENTION Task: {D7B6E81D-3CF4-432C-84D2-24213F4316E6} - System32\Tasks\Microsoft\Windows\Autochk\Proxy => C:\Windows\SysWOW64\rundll32.exe [44544 2009-07-14] (Microsoft Corporation) -> /d acproxy.dll,PerformAutochkOperations <==== ATTENTION Task: {E3163C33-301D-4730-A266-5518C5ED3967} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => C:\Windows\SysWOW64\BthUdTask.exe [35328 2009-07-14] (Microsoft Corporation) Task: {5F5A18EB-DC73-4E45-A11C-B59043598412} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\SystemTask => {58fb76b9-ac85-4e55-ac04-427593b1d060} C:\Windows\system32\dimsjob.dll [40448 2009-07-14] (Microsoft Corporation) Task: {7AFCC0CA-7121-422A-AB45-B0E8D599FF08} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\UserTask => {58fb76b9-ac85-4e55-ac04-427593b1d060} C:\Windows\system32\dimsjob.dll [40448 2009-07-14] (Microsoft Corporation) Task: {9979CB83-103A-4105-9E5D-C74B0AF6D198} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\UserTask-Roam => {58fb76b9-ac85-4e55-ac04-427593b1d060} C:\Windows\system32\dimsjob.dll [40448 2009-07-14] (Microsoft Corporation) Task: {C016366B-7126-46CA-B36B-592A3D95A60B} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator => C:\Windows\System32\wsqmcons.exe [293888 2010-11-21] (Microsoft Corporation) Task: {FDD56C73-F0D5-41B6-B767-6EFFD7966428} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask => {e7ed314f-2816-4c26-aeb5-54a34d02404c} C:\Windows\System32\kernelceip.dll [18432 2009-07-14] (Microsoft Corporation) Task: {47536D45-EEEC-4BDC-8183-A4DC1F8DA9E4} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\UsbCeip => {c27f6b1d-fe0b-45e4-9257-38799fa69bc8} C:\Windows\System32\usbceip.dll [27648 2009-07-14] (Microsoft Corporation) Task: {5C0AEEEA-C154-45BE-8499-BEA5F11BAFF6} - System32\Tasks\Microsoft\Windows\Defrag\ScheduledDefrag => C:\Windows\system32\defrag.exe [183296 2009-07-14] (Microsoft Corp.) Task: {BE669C13-8165-4536-96D0-6D6C39292AAE} - System32\Tasks\Microsoft\Windows\Diagnosis\Scheduled => {c1f85ef8-bcc2-4606-bb39-70c523715eb3} C:\Windows\System32\sdiagschd.dll [51200 2009-07-14] (Microsoft Corporation) Task: {507E3B71-CCE9-4D4D-9015-A78C2697A666} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector => C:\Windows\SysWOW64\rundll32.exe [44544 2009-07-14] (Microsoft Corporation) -> dfdts.dll,DfdGetDefaultPolicyAndSMART <==== ATTENTION Task: {CB0E96FB-E023-41ED-999B-F1107D9D661D} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver => C:\Windows\system32\DFDWiz.exe [79360 2009-07-14] (Microsoft Corporation) Task: {3D0ABC2B-E9EF-48E3-8174-918349FBCEC9} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => C:\Windows\system32\sipnotify.exe [334848 2019-07-13] (Microsoft Corporation) Task: {8D5E7246-C078-4107-9E6B-7FB39559BD47} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => C:\Windows\system32\sipnotify.exe [334848 2019-07-13] (Microsoft Corporation) Task: {A6AF9377-77CE-47AB-AD7D-EC32CAD0C82D} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotifications.exe [90112 2009-07-14] (Microsoft Corporation) Task: {DA41DE71-8431-42FB-9DB0-EB64A961DEAD} - System32\Tasks\Microsoft\Windows\Maintenance\WinSAT => {A9A33436-678B-4C9C-A211-7CC38785E79D} C:\Windows\system32\WinSATAPI.dll [501248 2010-11-21] (Microsoft Corporation) Task: {33F7CFB2-5F1C-4E4C-BF2E-7C81096BA8D4} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe [295936 2010-11-21] (Microsoft Corporation) Task: {42A78D8A-07EA-42E7-9FDE-5E241980D254} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe [295936 2010-11-21] (Microsoft Corporation) Task: {80E23487-9C5D-448E-9C87-6FDEC14DD3D8} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe [295936 2010-11-21] (Microsoft Corporation) Task: {B7FA7213-D006-43F8-8266-1D2058BEB339} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe [295936 2010-11-21] (Microsoft Corporation) Task: {1CADEFE9-1B1E-4FC3-8600-3CF6F074C4A1} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe [295936 2010-11-21] (Microsoft Corporation) Task: {AF0179D2-6F03-485D-A11D-B68F9AF3DE5A} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe [198656 2010-11-21] (Microsoft Corporation) Task: {3675A9C6-FBF3-45D7-975E-956277723418} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [198656 2010-11-21] (Microsoft Corporation) Task: {89907654-33ED-4CB8-9A5C-728C6EAF44AC} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe [198656 2010-11-21] (Microsoft Corporation) Task: {93993223-1902-4E82-B7F6-4132E142DA90} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe [198656 2010-11-21] (Microsoft Corporation) Task: {FC564E84-067F-4A8B-A15F-3A9AAE3AF7B3} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe [295936 2010-11-21] (Microsoft Corporation) Task: {19DC70FB-61EC-452B-BB08-924382E54A90} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe [295936 2010-11-21] (Microsoft Corporation) Task: {939C54D0-589B-4A03-A8EF-5427F5C2EE1D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe [295936 2010-11-21] (Microsoft Corporation) Task: {888C2850-9F60-49A7-A6AE-16448A6019D4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe [295936 2010-11-21] (Microsoft Corporation) Task: {7C13B09E-EC60-4247-845D-88AC54EB0E7D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe [295936 2010-11-21] (Microsoft Corporation) Task: {B8AD79DB-6827-4976-93C0-841C6AA6E049} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe [198656 2010-11-21] (Microsoft Corporation) Task: {FFEB819B-4D21-4B4E-8077-6BCBB517E78F} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe [198656 2010-11-21] (Microsoft Corporation) Task: {D0E6527D-41F3-4A21-B147-C55548D7E4BA} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe [198656 2010-11-21] (Microsoft Corporation) Task: {595A4F4C-97D4-49C2-8C33-8FCB2BB8324C} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe [76800 2009-07-14] (Microsoft Corporation) Task: {B28F6AD9-05A2-4C99-9EB1-F4E7F9A438F3} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe [295936 2010-11-21] (Microsoft Corporation) Task: {7FC823F3-4D52-4E5D-A0F5-02DFADEBEE8E} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe [295936 2010-11-21] (Microsoft Corporation) Task: {4558272F-D2A7-45A2-9A1A-2EDBE9B106BD} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe [198656 2010-11-21] (Microsoft Corporation) Task: {B9165866-CAC0-4C3B-9E88-320396D5F4DF} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe [76800 2009-07-14] (Microsoft Corporation) Task: {671BFDD7-01B5-4BA9-B940-6534C5AF1D1A} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe [295936 2010-11-21] (Microsoft Corporation) Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\CorruptionDetector => {190BA3F6-0205-4f46-B589-95C6822899D2} C:\Windows\System32\memdiag.dll [18432 2009-07-14] (Microsoft Corporation) Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector => {190BA3F6-0205-4f46-B589-95C6822899D2} C:\Windows\System32\memdiag.dll [18432 2009-07-14] (Microsoft Corporation) Task: {63082627-E646-44B9-93D9-5ABD3116B141} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E} C:\Windows\System32\HotStartUserAgent.dll [27136 2010-11-21] (Microsoft Corporation) Task: {EB02381F-D652-4B1C-894A-712498C62C51} - System32\Tasks\Microsoft\Windows\MUI\LPRemove => C:\Windows\system32\lpremove.exe [71168 2009-07-14] (Microsoft Corporation) Task: {2470470F-2634-478E-B181-571E98A789BB} - System32\Tasks\Microsoft\Windows\Multimedia\SystemSoundsService => {2DEA658F-54C1-4227-AF9B-260AB5FC3543} C:\Windows\System32\PlaySndSrv.dll [84992 2009-07-14] (Microsoft Corporation) Task: {81540B9F-B5BF-47EB-9C95-BE195BF2C664} - System32\Tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo => C:\Windows\system32\gatherNetworkInfo.vbs [40552 2009-06-10] () Task: {583F6EEF-1D82-435D-8B22-EB2B1D88F112} - System32\Tasks\Microsoft\Windows\Offline Files\Background Synchronization => {FA3F3DD9-4C1A-456B-A8FA-C76EF3ED83B8} C:\Windows\System32\cscui.dll [498688 2010-11-21] (Microsoft Corporation) Task: {83900D28-1B8D-40E3-A072-F7D8B6C87784} - System32\Tasks\Microsoft\Windows\Offline Files\Logon Synchronization => {FA3F3DD9-4C1A-456B-A8FA-C76EF3ED83B8} C:\Windows\System32\cscui.dll [498688 2010-11-21] (Microsoft Corporation) Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40b4-8963-D3C761B18371} C:\Windows\System32\perftrack.dll [867840 2009-07-14] (Microsoft Corporation) Task: {FB3C354D-297A-4EB2-9B58-090F6361906B} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem => C:\Windows\System32\powercfg.exe [71168 2009-07-14] (Microsoft Corporation) Task: {EACA24FF-236C-401D-A1E7-B3D5267B8A50} - System32\Tasks\Microsoft\Windows\RAC\RacTask => {42060D27-CA53-41f5-96E4-B1E8169308A6} C:\Windows\system32\RacEngn.dll [1556992 2010-11-21] (Microsoft Corporation) Task: {AC668097-4D6B-4093-AC14-014C09DBF820} - System32\Tasks\Microsoft\Windows\Ras\MobilityManager => {c463a0fc-794f-4fdf-9201-01938ceacafa} C:\Windows\system32\rasmbmgr.dll [57344 2009-07-14] (Microsoft Windows -> Microsoft Corporation) Task: {CA4B8FF2-A4D2-4D88-A52E-3A5BDAF7F56E} - System32\Tasks\Microsoft\Windows\Registry\RegIdleBackup => {ca767aa8-9157-4604-b64b-40747123d5f2} C:\Windows\System32\regidle.dll [14336 2009-07-14] (Microsoft Corporation) Task: {CB3D64BF-C0C9-45FF-BFB0-FF1A8F680186} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [125952 2009-07-14] (Microsoft Corporation) -> %windir%\/offerraupdate Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A} C:\Windows\System32\wpcumi.dll [188416 2009-07-14] (Microsoft Corporation) Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47c2-B62A-B7C4CED925CB} C:\Windows\System32\wpcmig.dll [17408 2009-07-14] (Microsoft Corporation) Task: {1979CBEE-65C4-4B0F-BB77-EA4B3FB1241F} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316} C:\Windows\System32\AuxiliaryDisplayServices.dll [135680 2010-11-21] (Microsoft Corporation) Task: {6E728BE5-35AC-4354-B49D-97488760188E} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61} C:\Windows\System32\AuxiliaryDisplayServices.dll [135680 2010-11-21] (Microsoft Corporation) Task: {ECC4AE56-1E7B-4BBA-A462-B032AF467DD3} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1} C:\Windows\System32\AuxiliaryDisplayServices.dll [135680 2010-11-21] (Microsoft Corporation) Task: {2423EBD8-EB10-42A1-A500-01ED7FDE46FA} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969} C:\Windows\System32\AuxiliaryDisplayServices.dll [135680 2010-11-21] (Microsoft Corporation) Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => C:\Windows\SysWOW64\sc.exe [37376 2009-07-14] (Microsoft Corporation) -> start sppsvc Task: {994C86AD-A929-4B2C-88A0-4E25A107A029} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\SysWOW64\rundll32.exe [44544 2009-07-14] (Microsoft Corporation) -> /d srrstr.dll,ExecuteScheduledSPPCreation <==== ATTENTION Task: {1F7B7221-AE8F-44F3-BA82-F7D260F51964} - System32\Tasks\Microsoft\Windows\Task Manager\Interactive => {855fec53-d2e4-4999-9e87-3414e9cf0ff4} C:\Windows\system32\wdc.dll [1363968 2010-11-21] (Microsoft Corporation) Task: {088482FA-65B8-4E17-9ABF-1DCD48E8D373} - System32\Tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 => C:\Windows\SysWOW64\rundll32.exe [44544 2009-07-14] (Microsoft Corporation) -> ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem <==== ATTENTION Task: {09F06BFE-A3C8-40E3-846A-6E6F4000C238} - System32\Tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 => C:\Windows\SysWOW64\rundll32.exe [44544 2009-07-14] (Microsoft Corporation) -> ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem <==== ATTENTION Task: {4C8B01A2-11FF-4C41-848F-508EF4F00CF7} - System32\Tasks\Microsoft\Windows\TextServicesFramework\MsCtfMonitor => {01575cfe-9a55-4003-a5e1-f38d1ebdcbe1} C:\Windows\system32\MsCtfMonitor.dll [28160 2009-07-14] (Microsoft Corporation) Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => C:\Windows\system32\sc.exe [45056 2009-07-14] (Microsoft Corporation) -> start w32time task_started Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => C:\Windows\SysWOW64\sc.exe [37376 2009-07-14] (Microsoft Corporation) -> config upnphost start= auto Task: {6738BA6E-EA75-4B6B-B8B8-71F0336DD8EF} - System32\Tasks\Microsoft\Windows\User Profile Service\HiveUploadTask => {BA677074-762C-444b-94C8-8C83F93F6605} Task: {9435F817-FED2-454E-88CD-7F78FDA62C48} - System32\Tasks\Microsoft\Windows\WDI\ResolutionHost => {900be39d-6be8-461a-bc4d-b0fa71f5ecb1} C:\Windows\System32\wdi.dll [90624 2009-07-14] (Microsoft Corporation) Task: {93C7DEC6-3233-4FF2-9FA7-17A2B68A1706} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [1255736 2025-01-04] (Microsoft Corporation -> Microsoft Corporation) Task: {C15CA064-0549-4BDC-8CA0-E8647CAA2F8F} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline => C:\Windows\system32\schtasks.exe [285696 2010-11-21] (Microsoft Corporation) -> /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask" Task: {D0250F3F-6480-484F-B719-42F659AC64D5} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting => C:\Windows\system32\wermgr.exe [50688 2009-07-14] (Microsoft Windows -> Microsoft Corporation) Task: {E22A8667-F75B-4BA9-BA46-067ED4429DE8} - System32\Tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange => C:\Windows\SysWOW64\rundll32.exe [44544 2009-07-14] (Microsoft Corporation) -> bfe.dll,BfeOnServiceStartTypeChange <==== ATTENTION Task: {753C47AE-EC5E-44B3-95A9-2C8E553F0E39} - System32\Tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary => C:\Program Files\Windows Media Player\wmpnscfg.exe [70656 2009-07-14] (Microsoft Corporation) Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - System32\Tasks\Microsoft\Windows\WindowsBackup\ConfigNotification => C:\Windows\System32\sdclt.exe [1264640 2010-11-21] (Microsoft Corporation) Task: {A35BB7A6-5F0C-4C9F-8450-2B3BED532D51} - System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader => {B210D694-C8DF-490d-9576-9E20CDBC20BD} C:\Windows\System32\mscms.dll [625664 2010-11-21] (Microsoft Corporation) Task: {364F94E8-B20B-41A6-8430-12F51F189500} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205768 2022-09-11] (Microsoft Corporation -> Microsoft Corporation) Task: {61E52A62-DC47-4295-A83F-D36F7E99F0F1} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205768 2022-09-11] (Microsoft Corporation -> Microsoft Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) UpperFilters: [{4D36E967-E325-11CE-BFC1-08002BE10318}] -> [] LowerFilters: [{71A27CDD-812A-11D0-BEC7-08002BE2092F}] -> [] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (All) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2025-01-29 19:51 - 2025-01-29 19:51 - 000000000 ____D C:\FRST 2025-01-16 16:48 - 2025-01-16 16:48 - 000000000 ____D C:\Users\NieTykajBoPożre\AppData\Roaming\Microsoft\Network 2025-01-16 16:45 - 2025-01-16 16:46 - 000284056 _____ C:\Windows\Minidump\011625-34710-01.dmp 2025-01-13 18:19 - 2025-01-13 18:19 - 000000000 ____D C:\Users\NieTykajBoPożre\AppData\Roaming\Microsoft\Vault 2025-01-13 11:38 - 2025-01-13 11:39 - 000000000 ____D C:\Program Files\chrome_url_fetcher_4748_1785786169 2025-01-12 18:41 - 2025-01-12 18:41 - 000284056 _____ C:\Windows\Minidump\011225-37081-01.dmp 2025-01-12 18:31 - 2025-01-18 10:52 - 000000000 ___SD C:\Windows\System32\CompatTel 2025-01-12 18:31 - 2025-01-18 10:52 - 000000000 ____D C:\Windows\System32\appraiser 2025-01-12 11:35 - 2013-10-14 18:00 - 000028368 _____ (Microsoft Corporation) C:\Windows\System32\IEUDINIT.EXE 2025-01-12 11:23 - 2025-01-12 11:23 - 000010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll 2025-01-12 11:23 - 2025-01-12 11:23 - 000005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2025-01-12 11:23 - 2025-01-12 11:23 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll 2025-01-12 11:23 - 2025-01-12 11:23 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll 2025-01-07 19:47 - 2025-01-17 18:49 - 000000000 ____D C:\Windows\System32\MRT 2025-01-07 19:46 - 2025-01-07 19:46 - 202035632 ____C (Microsoft Corporation) C:\Windows\System32\MRT.exe 2025-01-05 19:01 - 2025-01-05 19:02 - 000000000 ___RD C:\Users\NieTykajBoPożre\Desktop\work 2025-01-05 12:27 - 2025-01-05 12:27 - 000002192 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2025-01-05 12:24 - 2025-01-05 19:00 - 000000000 ____D C:\Users\NieTykajBoPożre\AppData\Roaming\Microsoft\Paint 2025-01-05 12:04 - 2012-07-26 04:08 - 000744448 _____ (Microsoft Corporation) C:\Windows\System32\WUDFx.dll 2025-01-05 12:04 - 2012-07-26 04:08 - 000229888 _____ (Microsoft Corporation) C:\Windows\System32\WUDFHost.exe 2025-01-05 12:04 - 2012-07-26 04:08 - 000194048 _____ (Microsoft Corporation) C:\Windows\System32\WUDFPlatform.dll 2025-01-05 12:04 - 2012-07-26 04:08 - 000084992 _____ (Microsoft Corporation) C:\Windows\System32\WUDFSvc.dll 2025-01-05 12:04 - 2012-07-26 04:08 - 000045056 _____ (Microsoft Corporation) C:\Windows\System32\WUDFCoinstaller.dll 2025-01-05 12:04 - 2012-07-26 03:26 - 000198656 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFRd.sys 2025-01-05 12:04 - 2012-07-26 03:26 - 000087040 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFPf.sys 2025-01-05 12:04 - 2012-06-02 15:57 - 000000003 _____ C:\Windows\System32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf 2025-01-05 12:03 - 2019-12-31 03:40 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe 2025-01-05 12:03 - 2019-12-31 03:32 - 000142336 _____ (Microsoft Corporation) C:\Windows\System32\poqexec.exe 2025-01-05 12:00 - 2017-04-27 23:50 - 003550208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll 2025-01-05 12:00 - 2017-04-12 14:05 - 004296704 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_47.dll 2025-01-04 18:43 - 2019-07-13 09:14 - 000334848 _____ (Microsoft Corporation) C:\Windows\System32\sipnotify.exe 2025-01-04 14:00 - 2015-01-09 00:44 - 000419936 _____ C:\Windows\SysWOW64\locale.nls 2025-01-04 14:00 - 2015-01-09 00:43 - 000419936 _____ C:\Windows\System32\locale.nls 2025-01-04 13:56 - 2015-07-30 14:13 - 000124624 _____ (Microsoft Corporation) C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll 2025-01-04 13:56 - 2015-07-30 14:13 - 000103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2025-01-19 10:15 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\Dism 2025-01-18 12:28 - 2021-04-07 13:58 - 000000000 ____D C:\Users\NieTykajBoPożre\AppData\Roaming\Microsoft\Teams 2025-01-18 12:28 - 2019-04-08 11:06 - 000000000 ____D C:\ProgramData\AVAST Software 2025-01-18 12:28 - 2009-07-14 05:45 - 000026576 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2025-01-18 12:28 - 2009-07-14 05:45 - 000026576 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2025-01-18 12:27 - 2024-03-02 12:06 - 000003880 _____ C:\Windows\System32\Tasks\BlueStacksHelper_nxt 2025-01-18 12:27 - 2022-10-13 14:26 - 000002972 _____ C:\Windows\System32\Tasks\{57681832-2342-46FA-95BE-7889B7AA8149} 2025-01-18 12:27 - 2022-09-11 19:15 - 000003466 _____ C:\Windows\System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2025-01-18 12:27 - 2022-09-11 19:15 - 000003338 _____ C:\Windows\System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2025-01-18 12:27 - 2022-05-28 16:50 - 000003246 _____ C:\Windows\System32\Tasks\{87C3D470-3982-4015-8273-CE9189CCB22C} 2025-01-18 12:27 - 2019-08-14 13:02 - 000003562 _____ C:\Windows\System32\Tasks\HP AR Program Upload - b9c1b0f6fa8346b99f50ac4ce69dcf0c9778087168c84196bb630bc2b244ebd5 2025-01-18 12:27 - 2019-02-03 18:52 - 000003562 _____ C:\Windows\System32\Tasks\HP AR Program Upload - a32133854256413ab8f80cc680d18e0879eace4d740440758f70bf48f79a71f5 2025-01-18 12:27 - 2018-09-28 15:58 - 000003562 _____ C:\Windows\System32\Tasks\HP AR Program Upload - 00a45e4b44ee473abc0accc440ea02d42341207cc8664a5496eaa4d92147a005 2025-01-18 12:27 - 2018-03-13 19:15 - 000004578 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier 2025-01-18 12:27 - 2018-02-07 11:13 - 000003562 _____ C:\Windows\System32\Tasks\HP AR Program Upload - 7d2c710b69ea4213b0eddc5a334bad248c9aa9e63fcf4b7d9df5e5723214d3c5 2025-01-18 12:27 - 2017-11-22 20:15 - 000003562 _____ C:\Windows\System32\Tasks\HP AR Program Upload - 76e63c1b7ff64b7c9cc231118f3fb3f6939e0339b8414972bb877c84f9f1346a 2025-01-18 12:27 - 2017-04-29 20:51 - 000003562 _____ C:\Windows\System32\Tasks\HP AR Program Upload - 3b7a2c73400d4161953dc64a6ae87bdb1d0a5aa6df204173aceb00241b246832 2025-01-18 12:27 - 2017-01-28 17:07 - 000002970 _____ C:\Windows\System32\Tasks\HPCustPartic.exe_{BDC2EDDF-3AB4-4242-BEA7-9575BBDE4176} 2025-01-18 12:27 - 2017-01-28 17:06 - 000002958 _____ C:\Windows\System32\Tasks\HPCustPartic.exe_{E0BAE2DA-68CC-41F1-9D63-A836486D8013} 2025-01-18 12:27 - 2017-01-28 17:05 - 000003778 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2025-01-18 12:27 - 2017-01-28 17:05 - 000003650 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2025-01-18 12:27 - 2014-03-23 00:11 - 000004412 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2025-01-18 11:40 - 2019-04-08 11:16 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software 2025-01-18 10:56 - 2017-01-28 17:04 - 000000000 ____D C:\Program Files (x86)\Google 2025-01-18 10:54 - 2021-04-07 12:42 - 000000000 ____D C:\users\NieTykajBoPożre 2025-01-18 10:54 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2025-01-18 10:53 - 2014-03-23 16:19 - 000000000 ____D C:\ProgramData\NVIDIA 2025-01-18 10:52 - 2023-04-08 10:28 - 000000000 ____D C:\users\gejszit 2025-01-18 10:52 - 2022-10-09 15:38 - 000000000 ____D C:\users\baltusus 2025-01-18 10:52 - 2022-09-04 09:09 - 000000000 ____D C:\users\Administrator 2025-01-18 10:52 - 2021-05-27 13:42 - 000000000 ____D C:\users\TEZTYSIA 2025-01-18 10:52 - 2021-04-09 13:39 - 000000000 ____D C:\users\Baltuss 2025-01-18 10:52 - 2014-03-22 20:41 - 000000000 ____D C:\users\Martyna 2025-01-18 10:52 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files\DVD Maker 2025-01-18 10:52 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\Setup 2025-01-18 10:52 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\migwiz 2025-01-18 10:52 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\System32\Setup 2025-01-18 10:52 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\System32\migwiz 2025-01-18 10:52 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\System32\Dism 2025-01-18 10:52 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\servicing 2025-01-18 10:52 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\PolicyDefinitions 2025-01-18 10:52 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf 2025-01-18 10:52 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared 2025-01-18 10:51 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\registration 2025-01-16 16:45 - 2022-12-04 12:31 - 534601032 _____ C:\Windows\MEMORY.DMP 2025-01-16 16:45 - 2015-04-23 13:21 - 000000000 ____D C:\Windows\Minidump 2025-01-16 16:42 - 2019-04-08 11:14 - 000000000 ____D C:\Program Files\Common Files\AVAST Software 2025-01-13 19:28 - 2021-04-07 12:50 - 000000000 ____D C:\Users\NieTykajBoPożre\AppData\Roaming\Microsoft\Windows Photo Viewer 2025-01-13 18:20 - 2024-07-03 13:42 - 000000000 ___RD C:\Users\NieTykajBoPożre\Desktop\filmy i grafiki 2025-01-13 13:18 - 2019-04-08 11:19 - 000000000 ____D C:\Users\Martyna\AppData\Local\AVAST Software 2025-01-13 11:37 - 2009-07-14 06:09 - 000000000 ____D C:\Windows\System32\Tasks\WPD 2025-01-11 11:17 - 2024-12-09 19:12 - 000000000 ____D C:\Program Files (x86)\SeaMonkey 2025-01-10 16:34 - 2019-04-08 11:14 - 000383056 _____ (Gen Digital Inc.) C:\Windows\System32\Drivers\aswbidsdriver.sys 2025-01-07 19:04 - 2009-07-14 04:20 - 000000000 __RSD C:\Windows\Media 2025-01-07 19:02 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\AppCompat 2025-01-06 14:56 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache 2025-01-06 12:34 - 2011-04-12 14:21 - 010923002 _____ C:\Windows\System32\perfh015.dat 2025-01-06 12:34 - 2011-04-12 14:21 - 003635362 _____ C:\Windows\System32\perfc015.dat 2025-01-06 12:34 - 2009-07-14 06:13 - 000006212 _____ C:\Windows\System32\PerfStringBackup.INI 2025-01-05 19:02 - 2024-07-03 13:43 - 000000000 ___RD C:\Users\NieTykajBoPożre\Desktop\szkoła 2025-01-05 19:00 - 2021-04-07 12:50 - 000065160 _____ C:\Users\NieTykajBoPożre\AppData\Local\GDIPFONTCACHEV1.DAT 2025-01-04 14:23 - 2009-07-14 05:45 - 000298808 _____ C:\Windows\System32\FNTCACHE.DAT 2025-01-04 14:21 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files\Windows Defender 2025-01-04 14:21 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2025-01-04 14:21 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\System32\AdvancedInstallers 2025-01-01 17:41 - 2023-08-16 17:40 - 000001107 _____ C:\Users\NieTykajBoPożre\Desktop\Genshin Impact.lnk 2025-01-01 16:51 - 2023-03-27 13:02 - 003847832 _____ (miHoYo) C:\Windows\System32\HoYoKProtect.sys ==================== KnownDLLs (Whitelisted) ========================= ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\dnsapi.dll => MD5 is legit C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit C:\Windows\System32\dllhost.exe => MD5 is legit C:\Windows\SysWOW64\dllhost.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== Association (Whitelisted) ============= ==================== Restore Points ========================= Restore point date: 2025-01-12 17:30 Restore point date: 2025-01-12 20:48 Restore point date: 2025-01-13 19:29 Restore point date: 2025-01-17 18:38 Restore point date: 2025-01-17 19:19 ==================== Memory info =========================== Percentage of memory in use: 10% Total physical RAM: 8133.98 MB Available physical RAM: 7300.48 MB Total Virtual: 8132.18 MB Available Virtual: 7298.21 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:199.71 GB) (Free:56.05 GB) NTFS Drive e: () (Fixed) (Total:731.71 GB) (Free:637.3 GB) NTFS Drive f: (GSP1RMCULXFRER_PL_DVD) (CDROM) (Total:2.98 GB) (Free:0 GB) UDF Drive h: (JULIA) (Removable) (Total:57.3 GB) (Free:57.21 GB) NTFS Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS Drive y: (Zastrzeżone przez system) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from drive)] ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: BF6CBCF8) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=199.7 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=731.7 GB) - (Type=07 NTFS) ========================================================== Disk: 2 (Size: 57.3 GB) (Disk ID: A591EA7E) Partition 1: (Active) - (Size=57.3 GB) - (Type=07 NTFS) LastRegBack: 2025-01-11 14:31 ==================== End of FRST.txt ========================