REKLAMA

FRST_25-02-2021 18.28.05.txt

Dziwny dzwięk co jakiś czas - Windows 10

tutaj te logi


Pobierz plik - link do postu

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-02-2021
Ran by anon (administrator) on DESKTOP-KF1JKGC (Micro-Star International Co., Ltd MS-7C02) (25-02-2021 18:26:24)
Running from D:\POBRANE
Loaded Profiles: anon
Platform: Windows 10 Home Version 1909 18363.1379 (X64) Language: Polish (Poland) - & gt; English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. - & gt; Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Discord Inc. - & gt; Discord Inc.) C:\Users\anon\AppData\Local\Discord\app-0.0.309\Discord.exe & lt; 6 & gt;
(Electronic Arts, Inc. - & gt; Electronic Arts) D:\origin\OriginWebHelperService.exe
(Even Balance, Inc. - & gt; ) C:\Windows\SysWOW64\PnkBstrA.exe
(Facebook, Inc. - & gt; Facebook, Inc.) C:\Users\anon\AppData\Local\Programs\Messenger\Messenger.exe & lt; 6 & gt;
(GIGA-BYTE TECHNOLOGY CO., LTD. - & gt; GIGABYTE Technology Co.,Ltd.) C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\Xtreme.exe
(Google LLC - & gt; Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe & lt; 25 & gt;
(Google LLC - & gt; Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC - & gt; Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(ICEpower a/s - & gt; ICEpower a/s) C:\Windows\System32\ICEsoundService64.exe
(Microsoft Corporation - & gt; Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe & lt; 2 & gt;
(Microsoft Corporation - & gt; Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2102.1001.17.0_x64__8wekyb3d8bbwe\XboxAppServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.47.10001.0_x64__8wekyb3d8bbwe\GamingServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.47.10001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
(Microsoft Windows - & gt; Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Windows - & gt; Microsoft Corporation) C:\Windows\System32\dllhost.exe & lt; 3 & gt;
(Microsoft Windows - & gt; Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows - & gt; Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows - & gt; Microsoft Corporation) C:\Windows\System32\SnippingTool.exe
(MICRO-STAR INTERNATIONAL CO., LTD. - & gt; MSI) C:\Windows\SysWOW64\muachost.exe & lt; 4 & gt;
(NVIDIA Corporation - & gt; Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation - & gt; NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe & lt; 2 & gt;
(NVIDIA Corporation - & gt; NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe & lt; 2 & gt;
(Oracle America, Inc. - & gt; Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Overwolf Ltd - & gt; Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.165.0.28\OverwolfHelper.exe
(Overwolf Ltd - & gt; Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.165.0.28\OverwolfHelper64.exe
(Overwolf Ltd - & gt; Overwolf LTD) D:\professor\Overwolf\0.165.0.28\OverwolfBrowser.exe & lt; 3 & gt;
(Overwolf Ltd - & gt; Overwolf LTD) D:\professor\Overwolf\Overwolf.exe
(Realtek Semiconductor Corp. - & gt; Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SteelSeries ApS - & gt; SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
(TeamViewer Germany GmbH - & gt; TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Valve - & gt; Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve - & gt; Valve Corporation) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe & lt; 8 & gt;
(Valve - & gt; Valve Corporation) D:\Steam\GameOverlayUI.exe
(Valve - & gt; Valve Corporation) D:\Steam\steam.exe
(Valve - & gt; Valve) E:\SteamLibrary\steamapps\common\Half-Life\hl.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] = & gt; C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18388928 2018-06-20] (Realtek Semiconductor Corp. - & gt; Realtek Semiconductor)
HKLM\...\Run: [Krisp] = & gt; C:\Program Files\Krisp\Krisp.exe [2349216 2020-04-10] (Krisp Technologies, Inc - & gt; Krisp)
HKLM-x32\...\Run: [TeamsMachineInstaller] = & gt; C:\Program Files (x86)\Teams Installer\Teams.exe [97509120 2020-01-03] (Microsoft Corporation - & gt; Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] = & gt; C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-12-09] (Oracle America, Inc. - & gt; Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction & lt; ==== ATTENTION
HKU\S-1-5-21-1789636374-1138102250-348018880-1002\...\Run: [Steam] = & gt; D:\Steam\steam.exe [3412696 2021-02-13] (Valve - & gt; Valve Corporation)
HKU\S-1-5-21-1789636374-1138102250-348018880-1002\...\Run: [Adobe Reader Synchronizer] = & gt; C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5536424 2021-02-20] (Adobe Inc. - & gt; Adobe Systems Incorporated)
HKU\S-1-5-21-1789636374-1138102250-348018880-1002\...\Run: [Facebook.MessengerDesktop] = & gt; C:\Users\anon\AppData\Local\Programs\Messenger\Messenger.exe [110793432 2021-02-16] (Facebook, Inc. - & gt; Facebook, Inc.)
HKU\S-1-5-21-1789636374-1138102250-348018880-1002\...\Run: [Overwolf] = & gt; D:\professor\Overwolf\OverwolfLauncher.exe [1752920 2021-01-24] (Overwolf Ltd - & gt; Overwolf Ltd.)
HKU\S-1-5-21-1789636374-1138102250-348018880-1002\...\Run: [GoogleChromeAutoLaunch_EFE46C712E5FDC136B030193FA27552D] = & gt; " C:\Program Files (x86)\Google\Chrome\Application\chrome.exe " --no-startup-window /prefetch:5
HKU\S-1-5-21-1789636374-1138102250-348018880-1002\...\RunOnce: [Application Restart #1] = & gt; C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. - & gt; MSI)
HKU\S-1-5-21-1789636374-1138102250-348018880-1002\...\MountPoints2: {031e5678-2732-11e9-8b04-806e6f6e6963} - " F:\auto.exe "
HKU\S-1-5-21-1789636374-1138102250-348018880-1003\...\Run: [OPENVPN-GUI] = & gt; D:\OpenVPN\bin\openvpn-gui.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] - & gt; reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /f
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] - & gt; C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.190\Installer\chrmstp.exe [2021-02-22] (Google LLC - & gt; Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2021-01-21]
ShortcutTarget: SteelSeries Engine 3.lnk - & gt; C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS - & gt; SteelSeries ApS)
Startup: C:\Users\anon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE XTREME GAMING ENGINE.lnk [2019-02-02]
ShortcutTarget: GIGABYTE XTREME GAMING ENGINE.lnk - & gt; C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\autorun.exe (GIGA-BYTE TECHNOLOGY CO., LTD. - & gt; )
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction & lt; ==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07CD43D8-6140-4099-A8C4-E99931ECCC28} - System32\Tasks\CCleaner Update = & gt; C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd - & gt; Piriform Software Ltd)
Task: {0A07DE1B-9F7B-4709-BE0D-DEADAFA247F2} - System32\Tasks\Microsoft\Office\Office Feature Updates = & gt; C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141184 2021-02-23] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {0BBCB58F-6D48-4F0A-958A-200F83D01AE3} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify = & gt; C:\WINDOWS\system32\EOSNotify.exe
Task: {0BDEB926-AFA5-49F4-8848-04C367F901F8} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302128 2021-01-27] (NVIDIA Corporation - & gt; NVIDIA Corporation)
Task: {10F0A7CC-5D65-453E-8B04-6E89D73FAE1F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification = & gt; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-07] (Microsoft Windows Publisher - & gt; Microsoft Corporation)
Task: {1566E46F-4036-4FFB-86FF-0680A70DA286} - System32\Tasks\Adobe Acrobat Update Task = & gt; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. - & gt; Adobe Inc.)
Task: {156A094F-43C3-438D-BBDA-06ACD957C998} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation - & gt; NVIDIA Corporation) - & gt; -d " C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck " -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {2281EE5F-D860-40D6-BE2C-B4480F373BB1} - System32\Tasks\AMDAutoUpdate = & gt; C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe [677624 2019-11-21] (Advanced Micro Devices INC. - & gt; )
Task: {23635C0D-B317-4DEF-8327-71E3DE9EE94D} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation - & gt; NVIDIA Corporation)
Task: {237148BA-6F3F-45EA-97ED-60FA40D6DBC1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup = & gt; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-07] (Microsoft Windows Publisher - & gt; Microsoft Corporation)
Task: {287B8C57-9D80-4D16-B9F2-41DDDCCC359E} - System32\Tasks\GoogleUpdateTaskMachineUA = & gt; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-02] (Google Inc - & gt; Google Inc.)
Task: {2D1D05B3-103D-4B22-AD27-F3A8A5B73CAC} - System32\Tasks\MSIAfterburner = & gt; D:\MSI Afterburner\MSIAfterburner.exe [782320 2019-10-26] (MICRO-STAR INTERNATIONAL CO., LTD. - & gt; )
Task: {2E2FABC1-03B6-4C5F-89E4-87BD6ED74566} - System32\Tasks\Opera scheduled assistant Autoupdate 1579891615 = & gt; C:\Users\anon\AppData\Local\Programs\Opera\launcher.exe [1793688 2021-02-09] (Opera Software AS - & gt; Opera Software) - & gt; --scheduledautoupdate --component-name=assistant --component-path= " C:\Users\anon\AppData\Local\Programs\Opera\assistant " $(Arg0)
Task: {3A4ADCCF-32B9-4166-8CA4-5B43D0C030CF} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1789636374-1138102250-348018880-1003 = & gt; C:\Users\anon\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {3A614A35-2CCD-4485-ADCC-36541F24C888} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation - & gt; NVIDIA Corporation)
Task: {4192EE01-5158-449E-BAA5-91D669FCC59E} - System32\Tasks\BlueStacksHelper = & gt; C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [754104 2021-01-07] (BlueStack Systems, Inc. - & gt; BlueStack Systems, Inc.)
Task: {44A7E398-16DA-42B9-8A9E-EB7D4173FBE4} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation - & gt; NVIDIA Corporation)
Task: {48FB3F5B-5982-4E19-BBB7-391B5CE1A91E} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation - & gt; NVIDIA Corporation)
Task: {50CE676C-E2A0-4B5C-9297-BC418EA2A4F7} - System32\Tasks\ProtonVPN Update = & gt; D:\vpn\ProtonVPN.UpdateService.exe [61760 2020-06-04] (ProtonVPN AG - & gt; )
Task: {7E75CD07-2312-45C1-AB2D-BC90D3EBF15B} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation - & gt; NVIDIA Corporation) - & gt; -d " C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck " -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {8A623C69-B6D0-4DF9-AFD7-CED37326FD8E} - System32\Tasks\Launcher GIGABYTE XTREME GAMING ENGINE = & gt; C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\Xtreme.exe [77687440 2017-01-09] (GIGA-BYTE TECHNOLOGY CO., LTD. - & gt; GIGABYTE Technology Co.,Ltd.)
Task: {9135C153-210E-4113-9E4B-AE14ED88DC28} - System32\Tasks\Overwolf Updater Task = & gt; D:\professor\Overwolf\OverwolfUpdater.exe [2489176 2021-01-24] (Overwolf Ltd - & gt; Overwolf LTD)
Task: {9EF8314F-F32A-4C09-84BE-0C6489F9EF4E} - System32\Tasks\MSISW_Host = & gt; C:\WINDOWS\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. - & gt; MSI)
Task: {9F6D7A02-CB39-4AA3-9BAF-B8A7AD358321} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 = & gt; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23082400 2021-02-23] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {A4632CE1-7351-4B5A-93BA-DEA1D10D0A26} - System32\Tasks\CreateExplorerShellUnelevatedTask = & gt; C:\Windows\explorer.exe /NOUACCHECK
Task: {AC1842CB-81D1-48E8-91EE-7F5B27671539} - System32\Tasks\Opera GX scheduled Autoupdate 1612096095 = & gt; C:\Users\anon\AppData\Local\Programs\Opera GX\launcher.exe [1720472 2021-02-16] (Opera Software AS - & gt; Opera Software)
Task: {B2668E03-1820-4177-B009-F2D08ED55981} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 = & gt; C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5207448 2021-02-16] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {BD37B52C-C97E-43B9-B953-2DD3BACE45F0} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation - & gt; NVIDIA Corporation)
Task: {C447A675-B9A3-49A6-A4B9-35C3470ABFE0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 = & gt; C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5207448 2021-02-16] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {CC12B51D-E450-42C5-BB32-D38E22E4AF3C} - System32\Tasks\Opera scheduled Autoupdate 1556154399 = & gt; C:\Users\anon\AppData\Local\Programs\Opera\launcher.exe [1793688 2021-02-09] (Opera Software AS - & gt; Opera Software)
Task: {DFDB931B-1617-4B42-85DD-BAB8A87E0526} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646896 2021-01-27] (NVIDIA Corporation - & gt; NVIDIA Corporation)
Task: {E326DBA9-BC16-4026-8C12-0E46ABC4B624} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon = & gt; C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141184 2021-02-23] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {E684A6D1-A733-4E1F-A618-C069EF9B4BF1} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat = & gt; C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1510776 2002-02-01] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {EB3D468B-F2F9-494B-AEF4-18E9D82113BA} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation - & gt; NVIDIA Corporation)
Task: {F46A4AAF-0003-4616-A7D4-83595FB5B81B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor = & gt; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23082400 2021-02-23] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {F5444F6C-749E-4C0C-A2C2-622873B2C4D7} - System32\Tasks\CCleanerSkipUAC = & gt; C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd - & gt; Piriform Ltd)
Task: {F779B74F-E7C3-43C9-BACC-7294F7C27938} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance = & gt; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-07] (Microsoft Windows Publisher - & gt; Microsoft Corporation)
Task: {F821B832-D817-403D-BA64-099EED0E7C77} - System32\Tasks\GoogleUpdateTaskMachineCore = & gt; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-02] (Google Inc - & gt; Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8f9de47a-b29e-4a2f-b9ec-a56c4df6a140}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{8f9de47a-b29e-4a2f-b9ec-a56c4df6a140}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge Profile: C:\Users\anon\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-15]

FireFox:
========
FF DefaultProfile: cecuihll.default
FF ProfilePath: C:\Users\anon\AppData\Roaming\Mozilla\Firefox\Profiles\cecuihll.default [2020-11-29]
FF DownloadDir: D:\POBRANE
FF Homepage: Mozilla\Firefox\Profiles\cecuihll.default - & gt; hxxps://www.netflix.com/browse
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\anon\AppData\Roaming\Mozilla\Firefox\Profiles\cecuihll.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-02-18]
FF Plugin: @java.com/DTPlugin,version=11.281.2 - & gt; C:\Program Files\Java\jre1.8.0_281\bin\dtplugin\npDeployJava1.dll [2021-01-30] (Oracle America, Inc. - & gt; Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.281.2 - & gt; C:\Program Files\Java\jre1.8.0_281\bin\plugin2\npjp2.dll [2021-01-30] (Oracle America, Inc. - & gt; Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - & gt; C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-02-10] (Microsoft Corporation - & gt; Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.6 - & gt; D:\VLC\npvlc.dll [2019-01-10] (VideoLAN - & gt; VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - & gt; C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-02-10] (Microsoft Corporation - & gt; Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - & gt; C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-02-10] (Microsoft Corporation - & gt; Microsoft Corporation)
FF Plugin-x32: Adobe Reader - & gt; C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-02-20] (Adobe Inc. - & gt; Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\anon\AppData\Local\Google\Chrome\User Data\Default [2021-02-25]
CHR DownloadDir: D:\POBRANE
CHR StartupUrls: Default - & gt; " hxxp://www.google.com/ "
CHR Extension: (Slides) - C:\Users\anon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-02-02]
CHR Extension: (BetterTTV) - C:\Users\anon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2020-12-18]
CHR Extension: (h264ify) - C:\Users\anon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aleakchihdccplidncghkekgioiakgal [2020-03-03]
CHR Extension: (Docs) - C:\Users\anon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-02-02]
CHR Extension: (Twitch AdBlock) - C:\Users\anon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aoopdgpjipanilhidfjchaicanjhgmnd [2020-06-03]
CHR Extension: (Google Drive) - C:\Users\anon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\anon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-02-02]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\anon\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-01-30]
CHR Extension: (uBlock Origin) - C:\Users\anon\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-02-08]
CHR Extension: (Steam Inventory Helper) - C:\Users\anon\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2021-02-25]
CHR Extension: (Tampermonkey) - C:\Users\anon\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2020-10-10]
CHR Extension: (Dark Mode) - C:\Users\anon\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmghijelimhndkbmpgbldicpogfkceaj [2021-02-25]
CHR Extension: (minerBlock) - C:\Users\anon\AppData\Local\Google\Chrome\User Data\Default\Extensions\emikbbbebcdfohonlaifafnoanocnebl [2021-02-03]
CHR Extension: (Sheets) - C:\Users\anon\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-02-02]
CHR Extension: (Midnight Train Dark Blue Theme) - C:\Users\anon\AppData\Local\Google\Chrome\User Data\Default\Extensions\fknakadllglpelhlgjbeipjakapjaoad [2020-05-30]
CHR Extension: (Nano Adblocker) - C:\Users\anon\AppData\Local\Google\Chrome\User Data\Default\Extensions\gabbbocakeomblphkmmnoamkioajlkfo [2020-10-17]
CHR Extension: (Google Docs Offline) - C:\Users\anon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-13]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\anon\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-02-25]
CHR Extension: (Night Messenger) - C:\Users\anon\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjhnmilbfdehpgfcojlmmooknnkhgdmh [2020-04-27]
CHR Extension: (Darkness - Beautiful Dark Themes) - C:\Users\anon\AppData\Local\Google\Chrome\User Data\Default\Extensions\imilbobhamcfahccagbncamhpnbkaenm [2020-12-23]
CHR Extension: (The Great Suspender) - C:\Users\anon\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2020-10-27]
CHR Extension: (FACEIT Enhancer) - C:\Users\anon\AppData\Local\Google\Chrome\User Data\Default\Extensions\mokknliiomknodkdmpcellamkopbdmao [2021-02-04]
CHR Extension: (YouTube NonStop) - C:\Users\anon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlkaejimjacpillmajjnopmpbkbnocid [2021-01-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\anon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (Gmail) - C:\Users\anon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\anon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-30]

Opera:
=======
OPR Profile: C:\Users\anon\AppData\Roaming\Opera Software\Opera Stable [2021-02-25]
OPR Notifications: Opera Stable - & gt; hxxps://www1a.samcunningham.pro; hxxps://www1p.delmarmora.pro
OPR DefaultSuggestURL: Opera Stable - & gt; hxxps://www.google.com/complete/search?client=opera & q={searchTerms} & ie={inputEncoding} & oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\anon\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-02-24]
StartMenuInternet: (HKU\S-1-5-21-1789636374-1138102250-348018880-1002) Opera GXStable - " C:\Users\anon\AppData\Local\Programs\Opera GX\Launcher.exe "

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. - & gt; Adobe Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8469592 2020-02-04] (BattlEye Innovations e.K. - & gt; )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8990088 2021-02-10] (Microsoft Corporation - & gt; Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [805488 2020-11-15] (EasyAntiCheat Oy - & gt; EasyAntiCheat Ltd)
S3 FACEITService; D:\Faceit AC\FACEIT AC\FACEITService.exe [20032400 2021-02-05] (FACE IT LIMITED - & gt; )
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [410864 2021-01-25] (NVIDIA Corporation - & gt; NVIDIA)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2020-12-28] (Malwarebytes Inc - & gt; Malwarebytes)
S3 Origin Client Service; D:\origin\OriginClientService.exe [2533952 2021-02-02] (Electronic Arts, Inc. - & gt; Electronic Arts)
R2 Origin Web Helper Service; D:\origin\OriginWebHelperService.exe [3479624 2021-02-02] (Electronic Arts, Inc. - & gt; Electronic Arts)
S3 OverwolfUpdater; D:\professor\Overwolf\OverwolfUpdater.exe [2489176 2021-01-24] (Overwolf Ltd - & gt; Overwolf LTD)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75136 2020-12-01] (Even Balance, Inc. - & gt; )
S3 ProtonVPN Service; D:\vpn\ProtonVPNService.exe [101184 2020-06-04] (ProtonVPN AG - & gt; )
S3 ProtonVPN Update Service; D:\vpn\ProtonVPN.UpdateService.exe [61760 2020-06-04] (ProtonVPN AG - & gt; )
S3 Rockstar Service; D:\rockstarlauncher\Launcher\RockstarService.exe [1679240 2021-02-21] (Rockstar Games, Inc. - & gt; Rockstar Games)
S3 SteelSeriesUpdateService; C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesUpdateService.exe [32648 2021-01-20] (SteelSeries ApS - & gt; )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13206544 2020-02-14] (TeamViewer Germany GmbH - & gt; TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-07] (Microsoft Windows Publisher - & gt; Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-07] (Microsoft Windows Publisher - & gt; Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-03-26] (Bluestack Systems, Inc - & gt; Bluestack System Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-10-02] (Microsoft Corporation) [File not signed]
R0 FACEIT; C:\WINDOWS\System32\Drivers\FACEIT.sys [10927008 2021-02-12] (FACE IT LIMITED - & gt; )
S3 GPCIDrv; C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\GPCIDrv64.sys [14376 2015-05-24] (Giga-Byte Technology - & gt; )
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher - & gt; LogMeIn Inc.)
S3 I2cHkBurn; C:\WINDOWS\system32\drivers\I2cHkBurn.sys [41760 2015-07-27] (Feature Integration Technology - & gt; FINTEK Corp.)
R3 KrispSimple; C:\WINDOWS\System32\drivers\KrispVad.sys [54464 2020-02-25] (Krisp Technologies, Inc - & gt; )
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-28] (Microsoft Windows Early Launch Anti-malware Publisher - & gt; Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-12-28] (Malwarebytes Inc - & gt; Malwarebytes)
U5 PROCMON24; C:\Windows\System32\Drivers\PROCMON24.sys [92008 2021-02-25] (Microsoft Windows Hardware Compatibility Publisher - & gt; Sysinternals - www.sysinternals.com)
S3 ProtonVPNSplitTunnel; D:\vpn\x64\Win10\ProtonVPN.SplitTunnelDriver.sys [31584 2020-06-03] (Microsoft Windows Hardware Compatibility Publisher - & gt; Proton Technologies AG)
S3 RTCore64; D:\MSI Afterburner\RTCore64.sys [24000 2019-09-26] (MICRO-STAR INTERNATIONAL CO., LTD. - & gt; )
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [48848 2020-09-25] (SteelSeries ApS - & gt; SteelSeries ApS)
R3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [57440 2020-11-02] (SteelSeries ApS - & gt; SteelSeries ApS)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [37360 2019-04-23] (Microsoft Windows Hardware Compatibility Publisher - & gt; The OpenVPN Project)
S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. - & gt; The OpenVPN Project)
R3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49008 2020-04-06] (Microsoft Windows Hardware Compatibility Publisher - & gt; The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher - & gt; Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-07] (Microsoft Windows - & gt; Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-07] (Microsoft Windows - & gt; Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-25 18:26 - 2021-02-25 18:26 - 000000000 ____D C:\FRST
2021-02-25 16:47 - 2021-02-25 16:47 - 000092008 ____H (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCMON24.SYS
2021-02-25 16:46 - 2021-02-25 16:46 - 000000000 ____D C:\Users\anon\Desktop\qwe
2021-02-24 18:26 - 2021-02-24 18:28 - 000000000 ____D C:\Users\anon\Desktop\xbvot
2021-02-19 22:57 - 2021-02-19 22:57 - 000000202 _____ C:\Users\anon\Desktop\PAYDAY 2.url
2021-02-19 19:18 - 2021-02-25 16:39 - 000001809 _____ C:\Users\anon\Desktop\Porofessor.gg.lnk
2021-02-19 19:18 - 2021-02-19 19:18 - 000004342 _____ C:\WINDOWS\system32\Tasks\Overwolf Updater Task
2021-02-19 19:18 - 2021-02-19 19:18 - 000000000 ____D C:\Users\anon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2021-02-19 19:18 - 2021-02-19 19:18 - 000000000 ____D C:\ProgramData\Overwolf
2021-02-19 19:17 - 2021-02-25 16:38 - 000000000 ____D C:\Users\anon\AppData\Local\Overwolf
2021-02-12 17:11 - 2021-02-12 17:11 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-12 17:11 - 2021-02-12 17:11 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-12 17:11 - 2021-02-12 17:11 - 000232752 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-02-12 17:11 - 2021-02-12 17:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2021-02-12 17:11 - 2021-02-12 17:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2021-02-12 17:11 - 2021-02-12 17:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2021-02-12 17:11 - 2021-02-12 17:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2021-02-12 17:11 - 2021-02-12 17:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2021-02-12 17:11 - 2021-02-12 17:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2021-02-12 17:11 - 2021-02-12 17:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2021-02-12 17:11 - 2021-02-12 17:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2021-02-12 17:11 - 2021-02-12 17:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2021-02-12 17:11 - 2021-02-12 17:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2021-02-12 17:11 - 2021-02-12 17:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2021-02-12 17:11 - 2021-02-12 17:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2021-02-12 17:11 - 2021-02-12 17:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2021-02-12 17:11 - 2021-02-12 17:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2021-02-12 17:11 - 2021-02-12 17:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2021-02-12 17:11 - 2021-02-12 17:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2021-02-11 15:41 - 2021-02-11 15:42 - 000000000 ____D C:\Users\anon\Documents\Need for Speed Heat
2021-02-11 02:56 - 2021-02-11 02:56 - 000000203 _____ C:\Users\anon\Desktop\Battlefield 1 ™.url
2021-02-11 02:47 - 2021-02-11 02:47 - 000000203 _____ C:\Users\anon\Desktop\Battlefield™ V.url
2021-02-11 02:45 - 2021-02-11 02:45 - 000000203 _____ C:\Users\anon\Desktop\Need for Speed™ Heat.url
2021-02-09 01:13 - 2021-02-09 01:13 - 000000202 _____ C:\Users\anon\Desktop\Business Tour - Online Multiplayer Board Game.url
2021-02-01 00:07 - 2021-02-10 03:26 - 000000000 ____D C:\cycu_cfg
2021-02-01 00:07 - 2021-02-10 03:25 - 000057344 _____ C:\Users\anon\Desktop\2y.exe
2021-02-01 00:06 - 2021-01-31 23:42 - 000260096 _____ () C:\Users\anon\Desktop\NazwijMnie.exe
2021-01-31 22:15 - 2021-01-31 22:15 - 000001469 _____ C:\Users\anon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NVIDIA GeForce NOW.lnk
2021-01-31 22:15 - 2021-01-31 22:15 - 000001461 _____ C:\Users\anon\Desktop\NVIDIA GeForce NOW.lnk
2021-01-31 15:13 - 2021-01-31 15:13 - 000000000 ____D C:\Users\anon\AppData\LocalLow\Unity
2021-01-31 15:13 - 2021-01-31 15:13 - 000000000 ____D C:\Users\anon\AppData\LocalLow\Plarium
2021-01-31 15:12 - 2021-01-31 15:12 - 000000971 _____ C:\Users\anon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Plarium Play.lnk
2021-01-31 13:28 - 2021-02-18 13:32 - 000004210 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1612096095
2021-01-31 13:28 - 2021-02-18 13:32 - 000001431 _____ C:\Users\anon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera GX Browser .lnk
2021-01-31 13:28 - 2021-01-31 13:28 - 000001435 _____ C:\Users\anon\Desktop\Opera GX Browser .lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-25 18:27 - 2020-11-21 17:02 - 000000000 ____D C:\Users\anon\AppData\Local\Messenger
2021-02-25 18:25 - 2020-11-21 17:02 - 000000000 ____D C:\Users\anon\AppData\Roaming\Messenger
2021-02-25 18:25 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-25 18:25 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-25 18:23 - 2019-02-02 17:57 - 000000000 ____D C:\Users\anon\AppData\Roaming\Discord
2021-02-25 17:28 - 2019-05-20 20:22 - 000000000 ____D C:\Users\anon\AppData\Roaming\vlc
2021-02-25 17:16 - 2019-02-06 14:03 - 000000000 ____D C:\Users\anon\AppData\Roaming\obs-studio
2021-02-25 16:51 - 2019-10-03 20:22 - 000000000 ____D C:\Users\anon\AppData\Local\ElevatedDiagnostics
2021-02-25 16:41 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-25 16:40 - 2019-02-02 15:40 - 000000000 ____D C:\ProgramData\NVIDIA
2021-02-25 16:38 - 2020-11-03 00:14 - 000003100 _____ C:\WINDOWS\system32\Tasks\MSIAfterburner
2021-02-25 16:38 - 2019-10-02 15:57 - 000003476 _____ C:\WINDOWS\system32\Tasks\Launcher GIGABYTE XTREME GAMING ENGINE
2021-02-25 16:38 - 2019-02-02 17:05 - 000000000 ____D C:\Users\anon\Documents\temp
2021-02-24 19:54 - 2019-02-02 17:55 - 000000000 ____D C:\ProgramData\Riot Games
2021-02-24 17:46 - 2019-10-02 15:49 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-24 16:40 - 2019-11-19 20:30 - 000000000 ____D C:\Users\anon\AppData\Local\CrashDumps
2021-02-23 22:22 - 2019-05-19 12:48 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-02-23 11:46 - 2019-04-29 15:13 - 000000000 ____D C:\Program Files\Microsoft Office
2021-02-22 19:56 - 2019-02-02 16:06 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-21 14:15 - 2019-02-02 16:11 - 000000000 ____D C:\ProgramData\Package Cache
2021-02-21 00:17 - 2020-09-28 10:48 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-19 22:57 - 2019-02-02 16:51 - 000000000 ____D C:\Users\anon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-02-19 19:18 - 2019-02-05 02:05 - 000000000 ____D C:\Users\anon\AppData\Local\D3DSCache
2021-02-18 01:07 - 2020-10-05 13:55 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-17 02:30 - 2020-11-21 17:02 - 000002320 _____ C:\Users\anon\Desktop\Messenger.lnk
2021-02-16 15:19 - 2019-02-18 18:15 - 000000000 ____D C:\Users\anon\AppData\Roaming\.minecraft
2021-02-16 14:17 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-02-15 15:50 - 2019-10-02 15:57 - 000004198 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1556154399
2021-02-15 15:50 - 2019-04-25 02:06 - 000001402 _____ C:\Users\anon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera browser.lnk
2021-02-14 16:04 - 2019-10-02 16:00 - 001768484 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-14 16:04 - 2019-03-19 13:23 - 000784488 _____ C:\WINDOWS\system32\perfh015.dat
2021-02-14 16:04 - 2019-03-19 13:23 - 000152312 _____ C:\WINDOWS\system32\perfc015.dat
2021-02-14 16:04 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2021-02-14 15:58 - 2019-10-02 15:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-14 15:58 - 2019-10-02 15:49 - 000440288 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-14 15:58 - 2019-04-04 20:14 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-02-14 15:58 - 2019-02-05 00:30 - 000000000 ___RD C:\Users\anon\3D Objects
2021-02-14 01:03 - 2019-10-02 16:32 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB
2021-02-14 01:03 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-02-14 01:03 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-02-14 01:03 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2021-02-14 01:03 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-14 01:03 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-14 01:03 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-02-14 01:03 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-02-14 01:03 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-14 01:03 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-02-14 01:03 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-14 01:03 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-02-12 19:50 - 2019-03-03 14:04 - 010927008 _____ C:\WINDOWS\system32\Drivers\FACEIT.sys
2021-02-12 17:13 - 2019-03-19 13:25 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-02-12 17:13 - 2019-03-19 13:25 - 000019469 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-02-12 17:13 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-11 18:07 - 2019-10-28 20:43 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-11 18:07 - 2019-10-28 20:43 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-11 18:07 - 2019-10-28 20:43 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-11 18:07 - 2019-10-28 20:43 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-11 18:07 - 2019-10-02 15:57 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-11 18:07 - 2019-10-02 15:57 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-11 18:07 - 2019-10-02 15:57 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-11 18:07 - 2019-10-02 15:57 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-11 18:07 - 2019-10-02 15:57 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-11 18:07 - 2019-10-02 15:57 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-11 18:07 - 2019-02-02 15:40 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-02-11 18:07 - 2019-02-02 15:40 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-02-11 18:07 - 2019-02-02 15:40 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-02-11 16:39 - 2019-05-26 00:28 - 000000000 ____D C:\ProgramData\Origin
2021-02-11 16:38 - 2019-05-26 00:28 - 000000000 ____D C:\Users\anon\AppData\Roaming\Origin
2021-02-11 15:40 - 2019-05-26 00:28 - 000000000 ____D C:\Users\anon\AppData\Local\Origin
2021-02-11 14:43 - 2019-10-02 15:57 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-02-10 23:40 - 2019-02-03 20:54 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-10 23:38 - 2019-02-03 20:54 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-10 03:26 - 2019-12-29 20:02 - 000000000 ____D C:\Program Files (x86)\Kaspersky 2017 Total Security
2021-02-09 00:01 - 2020-10-05 13:55 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-09 00:01 - 2020-10-05 13:55 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-07 02:24 - 2019-02-02 17:59 - 000000000 ____D C:\Users\anon\AppData\Roaming\TS3Client
2021-02-05 20:49 - 2019-10-02 15:57 - 000003418 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-05 20:49 - 2019-10-02 15:57 - 000003294 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-05 20:30 - 2020-09-28 10:48 - 000916288 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-02-05 20:30 - 2020-09-28 10:48 - 000437056 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2021-02-03 04:14 - 2019-10-02 15:52 - 000000000 ____D C:\Users\anon
2021-02-01 00:30 - 2019-10-08 13:30 - 000000000 ____D C:\Users\anon\Documents\Pliki programu Outlook
2021-02-01 00:07 - 2019-12-29 20:02 - 000000000 ____D C:\Users\anon\AppData\Local\CycuMultihack
2021-01-31 23:44 - 2020-03-31 21:59 - 000000000 ____D C:\Users\anon\AppData\Local\Battle.net
2021-01-31 22:15 - 2019-02-02 16:32 - 000000000 ____D C:\Users\anon\AppData\Local\NVIDIA Corporation
2021-01-31 13:28 - 2019-04-25 02:06 - 000000000 ____D C:\Users\anon\AppData\Local\Opera Software
2021-01-31 13:27 - 2019-04-25 02:06 - 000000000 ____D C:\Users\anon\AppData\Roaming\Opera Software
2021-01-30 15:56 - 2019-02-02 17:56 - 000192168 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2021-01-30 15:56 - 2019-02-02 17:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2021-01-30 15:56 - 2019-02-02 17:56 - 000000000 ____D C:\Program Files\Java
2021-01-29 01:19 - 2019-02-02 15:59 - 000000000 ____D C:\Users\anon\AppData\Local\Packages
2021-01-27 12:17 - 2019-02-02 16:32 - 002797808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2021-01-27 12:17 - 2019-02-02 16:32 - 002154224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2021-01-27 12:17 - 2019-02-02 16:32 - 001295088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll

==================== Files in the root of some directories ========

2020-02-17 18:46 - 2020-02-17 18:46 - 005322161 _____ () C:\Program Files (x86)\Common Files\OptiFine_1.15.2_HD_U_G1.jar
2019-05-03 16:10 - 2020-04-17 16:38 - 000000018 _____ () C:\Users\anon\AppData\Roaming\.crystalinst
2020-12-29 03:46 - 2020-12-29 03:46 - 000000016 _____ () C:\Users\anon\AppData\Roaming\obs-virtualcam.txt
2021-02-15 21:58 - 2021-02-15 21:58 - 000000023 _____ () C:\Users\anon\AppData\Roaming\Microsoft\{8ADA9B80-E373-E18E-DB02-F11B969F143C}
2020-11-02 23:58 - 2020-11-02 23:58 - 001065984 _____ () C:\Users\anon\AppData\Local\file__0.localstorage
2021-01-31 15:07 - 2021-02-21 14:15 - 000017469 _____ () C:\Users\anon\AppData\Local\PlariumPlay.log
2019-02-21 22:10 - 2020-04-10 14:35 - 000000128 _____ () C:\Users\anon\AppData\Local\PUTTY.RND
2020-11-02 23:57 - 2020-11-02 23:57 - 000001479 _____ () C:\Users\anon\AppData\Local\recently-used.xbel
2019-02-02 20:47 - 2020-09-28 18:35 - 000007602 _____ () C:\Users\anon\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================