Jump to content

Ndu.sys crashes

Rdaniel0512
 Share

Recommended Posts

Rdaniel0512

Rdaniel0512

Posted
Posted

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-03-2021
Ran by rdani (administrator) on DESKTOP-S8QF699 (ASUSTeK Computer INC. CM1740) (03-04-2021 09:22:47)
Running from C:\Users\rdani\Downloads
Loaded Profiles: rdani
Platform: Windows 10 Pro Version 20H2 19042.867 (X64) Language: English (United States)
Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --single-argument %1
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\NetFilter\AvastAntiTrackPremiumFilter.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\BreachGuard\bgsvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\BreachGuard\bgui.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe
(Avast Software s.r.o. -> AVAST Software, s.r.o) C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe
(Avast Software s.r.o. -> Sciensoft Software Security) C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\Updshl10.exe
(Avast Software s.r.o. -> Software Security System) C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\Ekag20nt.exe
(Avast Software s.r.o. -> The CefSharp Authors) C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\CefSharp.BrowserSubprocess.exe <3>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <11>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12101.1001.14.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [117472 2021-03-30] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [DriverUpdUI.exe] => C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe [2874592 2021-02-16] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\Avast Software\Cleanup\TuneupUI.exe [2429664 2021-03-11] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [Avast BreachGuard] => C:\Program Files\Avast Software\BreachGuard\bgui.exe [5045984 2021-03-11] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) [File not signed]
HKLM-x32\...\Run: [Sound Blaster Audigy Fx Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Audigy Fx\Sound Blaster Audigy Fx Control Panel\SBAdgyFx.exe [861184 2013-11-08] (Creative Technology Ltd) [File not signed]
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282120 2013-05-02] (Canon Inc. -> CANON INC.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1201562941-1412934816-2565359534-1001\...\Run: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [1941352 2021-02-23] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1201562941-1412934816-2565359534-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32726088 2021-03-05] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1201562941-1412934816-2565359534-1001\...\Run: [Opera Browser Assistant] => C:\Users\rdani\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3154456 2020-11-25] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-1201562941-1412934816-2565359534-1001\...\Run: [CTRegRun] => C:\Windows\CTRegRun.EXE [53248 2006-10-06] (Creative Technology Ltd) [File not signed]
HKU\S-1-5-21-1201562941-1412934816-2565359534-1001\...\Run: [CreativeTaskScheduler] => C:\Program Files (x86)\Creative\Shared Files\CTSched.exe [53341 2006-11-17] (Creative Technology Ltd) [File not signed]
HKU\S-1-5-21-1201562941-1412934816-2565359534-1001\...\Run: [Creative Software Update] => C:\Program Files (x86)\Creative\Shared Files\Software Update\AutoUpdate.exe [1571088 2011-09-22] (Creative Technology Ltd -> Creative Technology Ltd)
HKU\S-1-5-21-1201562941-1412934816-2565359534-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-1201562941-1412934816-2565359534-1001\...\MountPoints2: {260f5383-b822-11ea-90ea-806e6f6e6963} - "F:\Msetup4.exe" 
HKU\S-1-5-18\...\Run: [CtxfiReg] => CTXFIREG.exe /FAIL2
HKLM\...\Windows x64\Print Processors\Canon MG2500 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBX.DLL [30208 2013-03-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG2500 series: C:\Windows\system32\CNMLMBX.DLL [391168 2013-03-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG2500 series XPS: C:\Windows\system32\CNMXLMBX.DLL [393728 2013-03-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.114\Installer\chrmstp.exe [2021-04-01] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\89.1.8899.91\Installer\chrmstp.exe [2021-03-31] (Avast Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2021-03-18]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
BootExecute: autocheck autochk * icarus_rvrt.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {048916B1-EE6C-4E4C-BB3B-EA6C531D2FCD} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [5493472 2021-03-16] (Avast Software s.r.o. -> Avast Software)
Task: {097A904E-7331-406B-B705-F2AEE7F81C20} - System32\Tasks\Opera scheduled Autoupdate 1607233513 => c:\users\rdani\appdata\local\programs\opera\launcher.exe [1886872 2021-04-01] (Opera Software AS -> Opera Software)
Task: {10BDA787-B424-4707-90FC-8438172FD03E} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4686560 2021-03-30] (Avast Software s.r.o. -> AVAST Software)
Task: {16B45587-8DE2-4961-9A83-488FA0DBF7DF} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-01-23] (Avast Software s.r.o. -> AVAST Software)
Task: {2E7F379E-C6CC-47DC-8AD9-62DF302172AD} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE
Task: {2E7F379E-C6CC-47DC-8AD9-62DF302172AD} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE
Task: {2E7F379E-C6CC-47DC-8AD9-62DF302172AD} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {2E7F379E-C6CC-47DC-8AD9-62DF302172AD} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {2E7F379E-C6CC-47DC-8AD9-62DF302172AD} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\Opera scheduled assistant Autoupdate 1607233519" /ENABLE
Task: {2E7F379E-C6CC-47DC-8AD9-62DF302172AD} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\Opera scheduled Autoupdate 1607233513" /ENABLE
Task: {2E7F379E-C6CC-47DC-8AD9-62DF302172AD} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {4B57FEEA-9CE0-483A-ACFE-002A7A495DE0} - System32\Tasks\Microsoft\Windows\AvastAntiTrackPremium\AvastAntiTrackPremiumStart => C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe [22359800 2020-10-06] (Avast Software s.r.o. -> AVAST Software, s.r.o)
Task: {4D55333C-106C-4CE2-97CD-4773ECA90618} - System32\Tasks\Avast Software\Avast Driver Updater BugReport => C:\Program Files\Avast Software\Driver Updater\AvBugReport.exe [4665568 2021-02-16] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 148 --programpath "C:\Program Files\Avast Software\Driver Updater\Setup\.." --configpath "C:\Program Files\Avast Software\Driver Updater\Setup" --path "C:\ProgramData\Avast Software\Driver Updater\log"  --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid 41cf5447-8e03-463b-8769-7b5898c955b0
Task: {530F79D6-4D91-46B4-8A74-B5C8193A932E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-27] (Google LLC -> Google LLC)
Task: {5509B936-DE30-4F02-A746-63AB7C6E0A12} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1791712 2021-02-23] (Avast Software s.r.o. -> Avast Software)
Task: {566D546B-FEEC-4698-A99C-25E7AF7266AA} - System32\Tasks\Driver Booster SkipUAC (rdani) => C:\Program Files (x86)\IObit\Driver Booster\7.6.0\DriverBooster.exe [7945488 2020-07-24] (IObit Information Technology -> IObit)
Task: {5F4B3931-F702-4414-AC65-ECE5952597E6} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4731616 2021-03-17] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid 558b9a98-1d7e-4563-9243-b95bcd2af081
Task: {653876FE-42A1-4955-8E61-DA5BF1FB8653} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27168840 2021-03-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {6DBCABE1-9841-4D69-B411-D55A9ABC82E8} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\7.6.0\AutoUpdate.exe [2375952 2020-07-24] (IObit Information Technology -> IObit)
Task: {7D4B30E0-83CD-4BEB-B607-412D2EEDE16E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-27] (Google LLC -> Google LLC)
Task: {8D656A89-38D0-4ECC-AA10-F9E74D1F97F1} - System32\Tasks\Opera scheduled assistant Autoupdate 1607233519 => C:\Users\rdani\AppData\Local\Programs\Opera\launcher.exe [1886872 2021-04-01] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\rdani\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {93E3506A-F797-4EE5-A9BF-A21A4F11E562} - System32\Tasks\Uninstaller_SkipUac_rdani => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [6607120 2021-01-05] (IObit Information Technology -> IObit)
Task: {9DCA3A49-2AE5-4096-85CB-E1AFFEA101EB} - System32\Tasks\Avast Software\Avast BreachGuard Crash Reporter => C:\Program Files\Avast Software\BreachGuard\AvBugReport.exe [4729056 2021-03-11] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 135 --path "C:\ProgramData\Avast Software\BreachGuard\log" --configpath "C:\Program Files\Avast Software\BreachGuard\Setup" --programpath "C:\Program Files\Avast Software\BreachGuard" --guid b4e6a0e0-a3a0-4e54-a188-58821a45e09a
Task: {9E03EC22-D4BF-45F1-AAB4-B41DA1A72C02} - System32\Tasks\Avast Software\Avast Cleanup BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [4665568 2021-03-11] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log"  --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid a628424a-8db9-4e58-bbfe-f2944c723327
Task: {A3B6A263-C511-4275-9CF9-5088F7ACC7DC} - System32\Tasks\Avast Software\Avast Driver Updater Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-du\icarus.exe [5493472 2021-02-15] (Avast Software s.r.o. -> Avast Software)
Task: {A851AE3E-5666-4450-B8A3-EE0C17555934} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2250232 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
Task: {B9FC6E13-B8E3-4856-883C-8F17F880FBDB} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1191136 2021-03-17] (Avast Software s.r.o. -> AVAST Software)
Task: {BCB7B035-371A-4BA4-AC88-75829D241E98} - System32\Tasks\Avast Software\Avast BreachGuard Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-bg\icarus.exe [5493472 2021-03-10] (Avast Software s.r.o. -> Avast Software)
Task: {CA9F2190-0D70-4F3C-AF75-2EBAD51646FA} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-01-23] (Avast Software s.r.o. -> AVAST Software)
Task: {CD200204-FF42-4589-AC7A-A03651CA46B7} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2250232 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
Task: {D578ADDA-3CB2-48D7-8525-07DA7F672A79} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-03-05] (Piriform Software Ltd -> Piriform)
Task: {DE8106F4-EC0F-48C6-95B9-BC6B134A3EEA} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [5493472 2021-03-08] (Avast Software s.r.o. -> Avast Software)
Task: {EB3BF201-2D6B-49BD-AF55-53A101E3BE14} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [2856304 2021-02-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {FFCFB863-E4EA-43F1-AD2B-01ABBFD27411} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\7.6.0\Scheduler.exe [149776 2020-07-24] (IObit Information Technology -> IObit)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{83e586cc-72d3-418d-a4e7-be887f191031}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{c365001c-a5f0-428a-942b-a0a0905e3cc0}: [NameServer] 100.120.110.1

Edge: 
=======
DownloadDir: C:\Users\rdani\Downloads
Edge Profile: C:\Users\rdani\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-30]
Edge Extension: (Outlook) - C:\Users\rdani\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjhmmnoficofgoiacjaajpkfndojknpb [2020-12-23]
Edge Extension: (Word) - C:\Users\rdani\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikhggiobiflkdfdgdajcfklmcibbopi [2020-12-23]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\rdani\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-03-13]
Edge Extension: (Excel) - C:\Users\rdani\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\leffmjdabcgaflkikcefahmlgpodjkdm [2020-12-23]
Edge Extension: (PowerPoint) - C:\Users\rdani\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\opfacbhaojodjaojgocnibmklknchehf [2020-12-23]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: 3ojjwpzw.default
FF ProfilePath: C:\Users\rdani\AppData\Roaming\Mozilla\Firefox\Profiles\3ojjwpzw.default [2021-02-23]
FF user.js: detected! => C:\Users\rdani\AppData\Roaming\Mozilla\Firefox\Profiles\3ojjwpzw.default\user.js [2020-12-19]
FF ProfilePath: C:\Users\rdani\AppData\Roaming\Mozilla\Firefox\Profiles\fqyxxeuq.default-release-1608992853971 [2021-04-03]
FF Extension: (Avast AntiTrack Premium) - C:\Users\rdani\AppData\Roaming\Mozilla\Firefox\Profiles\fqyxxeuq.default-release-1608992853971\Extensions\antitrack@avast.com.xpi [2021-01-23]
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.) [File not signed]

Chrome: 
=======
CHR Profile: C:\Users\rdani\AppData\Local\Google\Chrome\User Data\Default [2021-04-03]
CHR HomePage: Default -> hxxp://www.google.com/ncr
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Extension: (Slides) - C:\Users\rdani\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-06-27]
CHR Extension: (Safe Torrent Scanner) - C:\Users\rdani\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2021-01-21]
CHR Extension: (Docs) - C:\Users\rdani\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-06-27]
CHR Extension: (Google Drive) - C:\Users\rdani\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-21]
CHR Extension: (YouTube) - C:\Users\rdani\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-06-27]
CHR Extension: (Honey) - C:\Users\rdani\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2021-03-22]
CHR Extension: (Google Web Homepage) - C:\Users\rdani\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbkfbadbicgpkjjlboknaiiljjpfgmen [2021-03-28]
CHR Extension: (Rakuten: Get Cash Back For Shopping) - C:\Users\rdani\AppData\Local\Google\Chrome\User Data\Default\Extensions\chhjbpecpncaggjpdakmflnfcopglcmi [2021-03-24]
CHR Extension: (BlockSite - Stay Focused & Control Your Time) - C:\Users\rdani\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh [2021-03-26]
CHR Extension: (Avast Passwords) - C:\Users\rdani\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2020-06-27]
CHR Extension: (Dashlane - Password Manager) - C:\Users\rdani\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2021-03-31]
CHR Extension: (Sheets) - C:\Users\rdani\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-06-27]
CHR Extension: (Google Docs Offline) - C:\Users\rdani\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-11]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\rdani\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-04-01]
CHR Extension: (Avast Online Security) - C:\Users\rdani\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-02-17]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\rdani\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-03-29]
CHR Extension: (Google Input Tools) - C:\Users\rdani\AppData\Local\Google\Chrome\User Data\Default\Extensions\mclkkofklkfljcocdinagocijmpgbhab [2021-03-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\rdani\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Amazon Assistant for Chrome) - C:\Users\rdani\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2021-04-01]
CHR Extension: (9gag Night Mode) - C:\Users\rdani\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdoebgohinaejdpncadbahijijgoffke [2020-06-27]
CHR Extension: (Gmail) - C:\Users\rdani\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\rdani\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-11]
CHR Extension: (Password Checkup extension) - C:\Users\rdani\AppData\Local\Google\Chrome\User Data\Default\Extensions\pncabnpcffmalkkjpajodfhijclecjno [2020-08-31]
CHR Extension: (Avast AntiTrack Premium) - C:\Users\rdani\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppdidpcihajhihmghhhkfnpklgdehold [2021-03-31]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

Opera: 
=======
OPR Profile: C:\Users\rdani\AppData\Roaming\Opera Software\Opera Stable [2021-04-01]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\rdani\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-03-28]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [File not signed]
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7888408 2021-03-30] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-01-23] (Avast Software s.r.o. -> AVAST Software)
R2 Avast BreachGuard Service; C:\Program Files\Avast Software\BreachGuard\bgsvc.exe [4718304 2021-03-11] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [623216 2021-03-30] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [1302184 2021-03-30] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [353504 2021-03-30] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-01-23] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\89.1.8899.91\elevation_service.exe [1504864 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56920 2021-03-30] (Avast Software s.r.o. -> AVAST Software)
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [12414176 2021-03-11] (Avast Software s.r.o. -> AVAST Software)
S4 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [429056 2013-10-28] (Creative Technology Ltd) [File not signed]
R2 DriverUpdSvc; C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe [5903584 2021-02-16] (Avast Software s.r.o. -> AVAST Software)
S4 FileSyncHelper; C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\FileSyncHelper.exe [2194288 2021-02-23] (Microsoft Corporation -> Microsoft Corporation)
S4 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] (Canon Inc. -> )
S4 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [158992 2020-10-19] (IObit Information Technology -> IObit)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-01-22] (Malwarebytes Inc -> Malwarebytes)
S4 OneDrive Updater Service; C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\OneDriveUpdaterService.exe [2567552 2021-02-23] (Microsoft Corporation -> Microsoft Corporation)
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [8059104 2021-03-17] (Avast Software s.r.o. -> AVAST Software)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5352528 2021-03-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AFXfilt; C:\Windows\system32\drivers\AFXfilt.sys [35320 2015-08-11] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [208552 2021-03-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [365520 2021-03-30] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [250328 2021-03-30] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [99288 2021-03-30] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [16832 2021-01-23] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [41304 2021-03-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [177872 2021-03-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [524416 2021-03-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [107808 2021-03-30] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [83368 2021-03-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [850120 2021-03-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [466696 2021-03-30] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [216376 2021-03-30] (Avast Software s.r.o. -> AVAST Software)
S3 aswTap; C:\Windows\System32\drivers\aswTap.sys [53904 2020-09-06] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [326976 2021-03-30] (Avast Software s.r.o. -> AVAST Software)
S3 aswVpnRdr; C:\Windows\System32\drivers\aswVpnRdr.sys [59312 2020-09-06] (Avast Software s.r.o. -> Avast Software)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 cthdb; C:\Windows\system32\DRIVERS\cthdb.sys [53616 2021-01-11] (Creative Technology Ltd -> Creative Technology Ltd)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [199128 2021-03-28] (Malwarebytes Inc -> Malwarebytes)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2020-08-08] (Martin Malik - REALiX -> REALiX(tm))
S3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [43896 2020-07-31] (IObit Information Technology -> IObit)
S3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [37112 2020-07-31] (IObit Information Technology -> IObit)
S3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [51128 2020-07-31] (IObit Information Technology -> IObit)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [220616 2021-04-03] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2021-01-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [198248 2021-04-03] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [77496 2021-04-03] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-04-03] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [155360 2021-04-03] (Malwarebytes Inc -> Malwarebytes)
R1 netfilter2; C:\Windows\System32\drivers\netfilter2.sys [86632 2020-10-06] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
U1 aswbdisk; no ImagePath
S3 cpuz145; \??\C:\Windows\temp\cpuz145\cpuz145_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-03 09:22 - 2021-04-03 09:23 - 000033722 _____ C:\Users\rdani\Downloads\FRST.txt
2021-04-03 09:21 - 2021-04-03 09:23 - 000000000 ____D C:\FRST
2021-04-03 09:19 - 2021-04-03 09:19 - 002298368 _____ (Farbar) C:\Users\rdani\Downloads\FRST64.exe
2021-04-03 08:43 - 2021-04-03 08:43 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2021-04-03 08:43 - 2021-04-03 08:43 - 000220616 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2021-04-03 08:43 - 2021-04-03 08:43 - 000198248 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2021-04-03 08:43 - 2021-04-03 08:43 - 000155360 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2021-04-03 08:43 - 2021-04-03 08:43 - 000077496 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2021-04-02 19:09 - 2021-04-02 19:09 - 000004028 _____ C:\Windows\system32\Tasks\Avast SecureLine VPN Update
2021-04-02 19:08 - 2021-04-02 19:10 - 000766044 _____ C:\Windows\Minidump\040221-10375-01.dmp
2021-04-02 19:08 - 2021-04-02 19:08 - 000008192 ___SH C:\DumpStack.log.tmp
2021-04-02 14:20 - 2021-04-02 19:08 - 717103273 _____ C:\Windows\MEMORY.DMP
2021-04-02 14:20 - 2021-04-02 14:21 - 001214924 _____ C:\Windows\Minidump\040221-10843-01.dmp
2021-04-02 07:08 - 2021-04-02 19:10 - 000003604 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1607233513
2021-04-02 07:08 - 2021-04-02 07:08 - 000001455 _____ C:\Users\rdani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2021-04-01 22:44 - 2021-04-01 22:44 - 000467388 _____ C:\Windows\Minidump\040121-10593-01.dmp
2021-04-01 07:12 - 2021-04-01 07:12 - 001016804 _____ C:\Windows\Minidump\040121-18296-01.dmp
2021-04-01 07:12 - 2021-04-01 07:12 - 000257824 _____ C:\Windows\system32\FNTCACHE.DAT
2021-03-30 11:11 - 2021-03-30 11:11 - 000850120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2021-03-30 11:11 - 2021-03-30 11:11 - 000524416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2021-03-30 11:11 - 2021-03-30 11:11 - 000466696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2021-03-30 11:11 - 2021-03-30 11:11 - 000365520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2021-03-30 11:11 - 2021-03-30 11:11 - 000339680 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2021-03-30 11:11 - 2021-03-30 11:11 - 000326976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2021-03-30 11:11 - 2021-03-30 11:11 - 000250328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2021-03-30 11:11 - 2021-03-30 11:11 - 000216376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2021-03-30 11:11 - 2021-03-30 11:11 - 000208552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2021-03-30 11:11 - 2021-03-30 11:11 - 000177872 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2021-03-30 11:11 - 2021-03-30 11:11 - 000107808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2021-03-30 11:11 - 2021-03-30 11:11 - 000099288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2021-03-30 11:11 - 2021-03-30 11:11 - 000083368 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2021-03-30 11:11 - 2021-03-30 11:11 - 000041304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2021-03-30 11:11 - 2021-03-30 11:11 - 000003990 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2021-03-22 22:58 - 2013-02-04 15:10 - 000321536 _____ (CANON INC.) C:\Windows\SysWOW64\CNC_BXL.dll
2021-03-22 22:58 - 2012-11-09 10:43 - 000088064 _____ C:\Windows\SysWOW64\CNC176DD.TBL
2021-03-22 22:58 - 2008-08-25 18:02 - 000015872 _____ (CANON INC.) C:\Windows\SysWOW64\CNHMCA.dll
2021-03-22 22:56 - 2021-03-22 22:56 - 000000000 ____D C:\Users\rdani\AppData\LocalLow\Canon Easy-WebPrint EX2
2021-03-22 22:56 - 2021-03-22 22:56 - 000000000 ____D C:\Users\rdani\AppData\LocalLow\Canon Easy-WebPrint EX
2021-03-22 22:56 - 2021-03-22 22:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG2500 series User Registration
2021-03-22 22:55 - 2021-03-22 22:55 - 000002100 _____ C:\ProgramData\Desktop\Canon Quick Menu.lnk
2021-03-22 22:51 - 2021-03-22 22:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2021-03-22 22:51 - 2021-03-22 22:56 - 000000000 ____D C:\Program Files\Canon
2021-03-22 22:50 - 2021-03-22 22:50 - 000002447 _____ C:\ProgramData\Desktop\Canon MG2500 series On-screen Manual.lnk
2021-03-22 22:50 - 2021-03-22 22:50 - 000000000 ___HD C:\ProgramData\CanonBJ
2021-03-22 22:50 - 2021-03-22 22:50 - 000000000 ___HD C:\Program Files\CanonBJ
2021-03-22 22:50 - 2021-03-22 22:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG2500 series Manual
2021-03-22 22:50 - 2013-02-04 15:12 - 000367104 _____ (CANON INC.) C:\Windows\system32\CNC_BXL.dll
2021-03-22 22:50 - 2012-11-09 10:43 - 000088064 _____ C:\Windows\system32\CNC176DD.TBL
2021-03-22 22:50 - 2012-11-08 13:04 - 000282624 _____ (CANON INC.) C:\Windows\system32\CNC_BXC.dll
2021-03-22 22:50 - 2012-11-08 13:03 - 000106496 _____ (CANON INC.) C:\Windows\system32\CNC_BXI.dll
2021-03-22 22:50 - 2008-08-25 18:02 - 000017920 _____ (CANON INC.) C:\Windows\system32\CNHMCA6.dll
2021-03-16 18:02 - 2021-03-16 18:02 - 000937605 _____ C:\Windows\gethelp_audiotroubleshooter_latestpackage.zip
2021-03-13 12:35 - 2021-03-13 12:35 - 000038520 _____ C:\Users\rdani\Documents\cc_20210313_113502.reg
2021-03-13 12:33 - 2021-04-02 19:09 - 000003194 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-03-11 02:16 - 2021-03-11 02:16 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2021-03-11 02:16 - 2021-03-11 02:16 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2021-03-11 02:16 - 2021-03-11 02:16 - 000480256 _____ C:\Windows\system32\AssignedAccessCsp.dll
2021-03-11 02:15 - 2021-03-11 02:15 - 001822272 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2021-03-11 02:15 - 2021-03-11 02:15 - 001394024 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2021-03-11 02:15 - 2021-03-11 02:15 - 001314128 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2021-03-11 02:15 - 2021-03-11 02:15 - 001163776 _____ C:\Windows\system32\MBR2GPT.EXE
2021-03-11 02:15 - 2021-03-11 02:15 - 000611952 _____ C:\Windows\SysWOW64\TextShaping.dll
2021-03-11 02:15 - 2021-03-11 02:15 - 000011359 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-03-11 02:14 - 2021-03-11 02:14 - 000707016 _____ C:\Windows\system32\TextShaping.dll
2021-03-11 02:14 - 2021-03-11 02:14 - 000231248 _____ C:\Windows\system32\containerdevicemanagement.dll
2021-03-11 02:14 - 2021-03-11 02:14 - 000091136 _____ C:\Windows\system32\Drivers\cimfs.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-03 09:23 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-03 08:35 - 2020-06-26 21:59 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-04-03 00:33 - 2020-09-05 12:39 - 000000000 ____D C:\Program Files\CCleaner
2021-04-02 19:16 - 2020-06-26 19:07 - 000795738 _____ C:\Windows\system32\PerfStringBackup.INI
2021-04-02 19:16 - 2019-12-07 05:13 - 000000000 ____D C:\Windows\INF
2021-04-02 19:15 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-04-02 19:15 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\AppReadiness
2021-04-02 19:14 - 2020-12-23 19:24 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-02 19:14 - 2020-12-23 19:24 - 000002278 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-04-02 19:10 - 2020-12-30 12:15 - 000000000 ____D C:\Windows\Minidump
2021-04-02 19:10 - 2020-12-06 01:45 - 000003858 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1607233519
2021-04-02 19:10 - 2020-06-27 15:33 - 000003346 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-04-02 19:10 - 2020-06-27 15:33 - 000003122 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-04-02 19:09 - 2020-09-05 12:39 - 000002238 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2021-04-02 19:08 - 2020-06-26 21:59 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-04-02 14:36 - 2020-06-26 19:51 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2021-04-02 14:22 - 2020-06-26 19:04 - 000000000 ____D C:\Users\rdani
2021-04-02 14:20 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\ServiceState
2021-04-02 07:06 - 2020-08-06 06:53 - 000000000 ____D C:\Users\rdani\AppData\Local\CrashDumps
2021-04-02 06:30 - 2020-06-26 19:49 - 000000000 ____D C:\ProgramData\Avast Software
2021-04-01 22:54 - 2019-12-07 05:03 - 000524288 _____ C:\Windows\system32\config\BBI
2021-04-01 22:48 - 2020-06-27 15:33 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-04-01 22:48 - 2020-06-27 15:33 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-03-31 11:41 - 2021-01-23 22:56 - 000002510 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2021-03-31 11:41 - 2021-01-23 22:56 - 000002475 _____ C:\ProgramData\Desktop\Avast Secure Browser.lnk
2021-03-30 11:11 - 2019-12-07 05:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-03-30 06:37 - 2020-06-26 19:10 - 000000000 ____D C:\ProgramData\Mozilla
2021-03-30 06:36 - 2020-06-26 19:10 - 000000000 ____D C:\Users\rdani\AppData\LocalLow\Mozilla
2021-03-28 16:22 - 2021-01-22 09:12 - 000199128 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2021-03-27 10:20 - 2021-01-23 22:56 - 000000000 ____D C:\Users\rdani\AppData\Local\AVAST Software
2021-03-24 11:55 - 2020-11-25 16:41 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-03-24 11:55 - 2020-06-26 19:10 - 000001011 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-03-23 22:08 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\NDF
2021-03-23 12:00 - 2021-02-23 16:27 - 000000000 ____D C:\ProgramData\CanonIJPLM
2021-03-22 22:58 - 2020-07-20 17:39 - 000000000 ____D C:\Program Files (x86)\Canon
2021-03-22 22:58 - 2019-12-07 05:14 - 000000000 __RSD C:\Windows\Media
2021-03-22 22:55 - 2020-07-20 17:46 - 000000000 ____D C:\ProgramData\CanonIJWSpt
2021-03-22 22:43 - 2021-01-08 07:50 - 000002462 _____ C:\Windows\system32\Tasks\Uninstaller_SkipUac_rdani
2021-03-22 22:43 - 2020-07-10 13:04 - 000000000 ____D C:\ProgramData\ProductData
2021-03-22 01:34 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\LiveKernelReports
2021-03-11 14:06 - 2019-12-07 05:54 - 000000000 ___SD C:\Windows\system32\AppV
2021-03-11 14:06 - 2019-12-07 05:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-03-11 14:06 - 2019-12-07 05:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-03-11 14:06 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2021-03-11 14:06 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2021-03-11 14:06 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2021-03-11 14:06 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\SystemResources
2021-03-11 14:06 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2021-03-11 14:06 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2021-03-11 14:06 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\setup
2021-03-11 14:06 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\oobe
2021-03-11 14:06 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\Dism
2021-03-11 14:06 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\Provisioning
2021-03-11 14:06 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-03-11 14:06 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\bcastdvr
2021-03-11 02:21 - 2019-12-07 05:03 - 000000000 ____D C:\Windows\CbsTemp
2021-03-10 16:58 - 2020-07-21 06:42 - 000000000 ____D C:\Windows\system32\MRT
2021-03-10 16:55 - 2020-07-21 06:42 - 131005360 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-03-05 17:46 - 2020-12-22 23:27 - 000000000 ____D C:\Users\rdani\AppData\LocalLow\uTorrent

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Link to post
Share on other sites
Porthos

Porthos

Posted
Posted

Can you please collect and upload as an attachment the diagnostic data using our MBST?

  • Download and run the Malwarebytes Support Tool
  • Accept the EULA and click Advanced tab on the left (not Start Repair)
  • Click the Gather Logs button, and once it completes, attach the zip file it creates on your desktop to your next reply
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.