Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-04-2021 Ran by Widmowy Jack (administrator) on DESKTOP-B37SBO9 (05-05-2021 18:36:37) Running from C:\Users\Widmowy Jack\Downloads Loaded Profiles: Widmowy Jack Platform: Windows 10 Pro Version 20H2 19042.928 (X64) Language: English (United States) Default browser: FF Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe (Epic Games Inc. -> Epic Games, Inc.) D:\Programy\Epic Games\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <3> (Epic Games Inc. -> Epic Games, Inc.) D:\Programy\Epic Games\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe (GOG Sp. z o.o. -> GOG.com) C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe (GOG Sp. z o.o. -> GOG.com) D:\Programy\GOG Galaxy\GalaxyClient Helper.exe <2> (GOG Sp. z o.o. -> GOG.com) D:\Programy\GOG Galaxy\GalaxyClient.exe (GOG Sp. z o.o. -> GOG.com) D:\Programy\GOG Galaxy\GOG Galaxy Notifications Renderer.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2103.17603.0_x64__8wekyb3d8bbwe\Cortana.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2104.1001.13.0_x64__8wekyb3d8bbwe\XboxAppServices.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.52.13001.0_x64__8wekyb3d8bbwe\GamingServices.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.52.13001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.925_none_e76d4f6f260a683e\TiWorker.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <10> (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (PALIT MICROSYSTEMS LTD. TAIWAN BRANCH (BELIZE) -> Palit Microsystems Ltd.) D:\Programy\Thunder Master\ThPanel.exe (Python Software Foundation -> Python Software Foundation) D:\Programy\GOG Galaxy\python\python.exe <3> (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18384352 2017-07-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321096 2017-07-25] (Intel(R) Rapid Storage Technology -> Intel Corporation) HKU\S-1-5-21-992322469-3752856531-2472332681-1002\...\Run: [Discord] => C:\Users\Widmowy Jack\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub) HKU\S-1-5-21-992322469-3752856531-2472332681-1002\...\Run: [CCleaner Smart Cleaning] => D:\Programy\CCleaner\CCleaner64.exe [33169992 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-992322469-3752856531-2472332681-1002\...\Run: [Steam] => D:\Programy\Steam\steam.exe [4087528 2021-04-12] (Valve -> Valve Corporation) HKU\S-1-5-21-992322469-3752856531-2472332681-1002\...\Run: [EpicGamesLauncher] => D:\Programy\Epic Games\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33013728 2021-04-26] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-992322469-3752856531-2472332681-1002\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Widmowy Jack\AppData\Local\Microsoft\Teams\Update.exe [2350776 2020-05-30] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-992322469-3752856531-2472332681-1002\...\Run: [GogGalaxy] => D:\Programy\GOG Galaxy\GalaxyClient.exe [14916448 2021-03-29] (GOG Sp. z o.o. -> GOG.com) HKU\S-1-5-21-992322469-3752856531-2472332681-1002\...\Run: [Spotify] => C:\Users\Widmowy Jack\AppData\Roaming\Spotify\Spotify.exe [23839816 2021-04-22] (Spotify AB -> Spotify Ltd) HKU\S-1-5-21-992322469-3752856531-2472332681-1002\...\Run: [Gaijin.Net Updater] => C:\Users\Widmowy Jack\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2374376 2020-12-03] (Gaijin Network LTD -> Gaijin) HKU\S-1-5-21-992322469-3752856531-2472332681-1002\...\Run: [ChomikBox] => D:\Programy\chomikbox\ChomikBox.exe [3941376 2020-06-19] () [File not signed] HKU\S-1-5-21-992322469-3752856531-2472332681-1002\...\MountPoints2: {47c3289b-362a-11eb-b035-5cf37095b303} - "E:\start.exe" HKU\S-1-5-21-992322469-3752856531-2472332681-1002\...\MountPoints2: {6589ed08-3be9-11eb-b043-5cf37095b303} - "E:\HiSuiteDownLoader.exe" HKU\S-1-5-21-992322469-3752856531-2472332681-1002\...\MountPoints2: {66220013-2e61-11eb-b018-5cf37095b303} - "W:\skoki2002start.exe" HKU\S-1-5-21-992322469-3752856531-2472332681-1002\...\MountPoints2: {6622003c-2e61-11eb-b018-5cf37095b303} - "W:\skoki2002start.exe" HKU\S-1-5-21-992322469-3752856531-2472332681-1004\...\Run: [EpicGamesLauncher] => D:\Programy\Epic Games\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33013728 2021-04-26] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-992322469-3752856531-2472332681-1004\...\Run: [CCleaner Smart Cleaning] => D:\Programy\CCleaner\CCleaner64.exe [33169992 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-992322469-3752856531-2472332681-1004\...\MountPoints2: {47c3289b-362a-11eb-b035-5cf37095b303} - "E:\start.exe" HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\WINDOWS\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) [File not signed] HKLM\Software\...\AppCompatFlags\Custom\UnrealTournament.exe: [{fa491d91-322c-4059-a1f7-4a79782edee8}.sdb] -> GOG.com Unreal Tournament GOTY HKLM\Software\...\AppCompatFlags\InstalledSDB\{fa491d91-322c-4059-a1f7-4a79782edee8}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{fa491d91-322c-4059-a1f7-4a79782edee8}.sdb [2013-01-03] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\90.0.4430.93\Installer\chrmstp.exe [2021-04-26] (Google LLC -> Google LLC) GroupPolicy: Restriction ? <==== ATTENTION Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {062E7803-C2D5-42B6-A002-9BBCA5F8BF12} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-29] (Google LLC -> Google LLC) Task: {06BD9977-BA13-4A44-89F7-2C89A8C477B5} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141144 2021-05-04] (Microsoft Corporation -> Microsoft Corporation) Task: {0C061635-3BD9-458F-BC79-330C9D0D4299} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {0DA3A658-16A0-4AB2-B3D3-89FCB09802CA} - System32\Tasks\ThunderMaster => D:\Programy\Thunder Master\ThPanel.exe [4418912 2020-10-08] (PALIT MICROSYSTEMS LTD. TAIWAN BRANCH (BELIZE) -> Palit Microsystems Ltd.) Task: {11472953-D72E-4429-8FDF-45690C72BDBC} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {13AD523E-ADA5-43DA-9C96-6BBCDF8C30D7} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696304 2021-04-21] (Mozilla Corporation -> Mozilla Foundation) Task: {1963DB3B-C9DF-4596-BF2B-387F9DDB70DB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5229504 2021-05-04] (Microsoft Corporation -> Microsoft Corporation) Task: {1EE2B18D-637A-4E8D-A91B-E01332F0D4D3} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141144 2021-05-04] (Microsoft Corporation -> Microsoft Corporation) Task: {255CAD0E-077A-4D93-99C3-BEA8CFC58100} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {262154BE-3EEE-4D51-A68B-DB897288B57B} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3336560 2021-04-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {2E210C52-2CC3-46E4-BE3A-0536D4D34724} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5229504 2021-05-04] (Microsoft Corporation -> Microsoft Corporation) Task: {644E4DDA-B841-4F14-976E-50738F9B5039} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {74511B1D-9609-495F-B62B-9D6148A7727F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {757BF2C3-A90F-4328-9449-2C22514FAC05} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {7DDBCF7D-8EDC-4FAC-9636-EC596E2A0C5E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-29] (Google LLC -> Google LLC) Task: {7F5B613A-8A46-4092-A54D-141B9DEFB8B5} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {82BF1735-E3D6-46B7-814A-9261C06DFB67} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {8C84CA9C-761E-44D5-AFD6-B4373BA169EA} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_445_Plugin.exe [1502264 2020-10-25] (Adobe Inc. -> Adobe) Task: {A2090559-8338-4E7A-AFCC-13E85C10ED11} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-29] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {A4364092-3B43-41E2-9ECF-444BD9C560CB} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {BCAF053E-93E0-4CE5-A632-524FB47EA533} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {BFF7DDA9-F70B-4974-B390-97F83BE884CC} - System32\Tasks\KMS_VL_ALL => C:\Windows\schemas\Scripts\KMS_VL_ALL.cmd 0 Task: {C48CF01F-543D-45C6-973B-E62F08101861} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23103392 2021-04-21] (Microsoft Corporation -> Microsoft Corporation) Task: {CC69801F-05A6-4DCD-987F-0014470DA496} - System32\Tasks\CCleaner Update => D:\Programy\CCleaner\CCUpdate.exe [684976 2021-03-18] (Piriform Software Ltd -> Piriform) Task: {DBB2D335-5FD9-4A77-885C-0F7285F3574D} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation) Task: {DC11EE1B-E9DD-4B9C-93F4-5311AEFC79A0} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-29] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log Task: {E3966801-2228-4741-91CB-983935321BBF} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {EA9C6741-B70D-466B-B9AC-2731097F7F89} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23103392 2021-04-21] (Microsoft Corporation -> Microsoft Corporation) Task: {F4071D1C-A5C0-4400-84E9-DDBC315F6951} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1498552 2021-05-04] (Microsoft Corporation -> Microsoft Corporation) Task: {FF434E8D-3C38-4284-88D6-E8C88A513490} - System32\Tasks\CCleanerSkipUAC => D:\Programy\CCleaner\CCleaner.exe [27616328 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Intel PTT EK Recertification.job => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 79.175.192.28 79.175.208.28 Tcpip\..\Interfaces\{dbb7e456-90ae-4240-b2dd-791dc12bbb83}: [DhcpNameServer] 79.175.192.28 79.175.208.28 Edge: ======= Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found] Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found] Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found] Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found] Edge Profile: C:\Users\Widmowy Jack\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-02] FireFox: ======== FF DefaultProfile: y5zqdtpl.default-1619282357392 FF ProfilePath: C:\Users\Widmowy Jack\AppData\Roaming\Mozilla\Firefox\Profiles\y5zqdtpl.default-1619282357392 [2021-05-05] FF Extension: (uBlock Origin) - C:\Users\Widmowy Jack\AppData\Roaming\Mozilla\Firefox\Profiles\y5zqdtpl.default-1619282357392\Extensions\uBlock0@raymondhill.net.xpi [2021-05-04] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_445.dll [2020-10-25] (Adobe Inc. -> ) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-04] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_445.dll [2020-10-25] (Adobe Inc. -> ) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-03-06] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR Profile: C:\Users\Widmowy Jack\AppData\Local\Google\Chrome\User Data\Default [2021-05-02] CHR Extension: (Prezentacje) - C:\Users\Widmowy Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-01-29] CHR Extension: (Dokumenty) - C:\Users\Widmowy Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-01-29] CHR Extension: (Dysk Google) - C:\Users\Widmowy Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-29] CHR Extension: (YouTube) - C:\Users\Widmowy Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-01-29] CHR Extension: (Arkusze) - C:\Users\Widmowy Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-01-29] CHR Extension: (Dokumenty Google offline) - C:\Users\Widmowy Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-22] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Widmowy Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR Extension: (Gmail) - C:\Users\Widmowy Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-29] CHR Extension: (Chrome Media Router) - C:\Users\Widmowy Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-05-01] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8901968 2021-02-24] (BattlEye Innovations e.K. -> ) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8798600 2021-04-21] (Microsoft Corporation -> Microsoft Corporation) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2020-11-02] (EasyAntiCheat Oy -> Epic Games, Inc) S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [409456 2021-03-30] (NVIDIA Corporation -> NVIDIA) S3 GalaxyClientService; D:\Programy\GOG Galaxy\GalaxyClientService.exe [1874272 2021-03-29] (GOG Sp. z o.o. -> GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6840672 2021-03-29] (GOG Sp. z o.o. -> GOG.com) S3 MBAMService; D:\Programy\MBAM\MBAMService.exe [7456464 2021-05-02] (Malwarebytes Inc -> Malwarebytes) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2545752 2021-04-09] (Electronic Arts, Inc. -> Electronic Arts) R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3485784 2021-04-09] (Electronic Arts, Inc. -> Electronic Arts) R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75136 2020-03-04] (Even Balance, Inc. -> ) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5361256 2021-04-15] (Microsoft Windows Publisher -> Microsoft Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe [2624104 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe [128376 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AsrSetupDrv; C:\Windows\SysWOW64\Drivers\AsrSetupDrv.sys [22352 2018-08-16] (ASROCK Incorporation -> RW-Everything) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-11-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-05-02] (Malwarebytes Inc -> Malwarebytes) R3 MpKsl287a3327; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CF77E5B7-16AE-4116-88FB-1374F7D4AE2D}\MpKslDrv.sys [47336 2021-05-05] (Microsoft Windows -> Microsoft Corporation) S3 NAL; C:\Windows\system32\Drivers\iqvw64e.sys [50152 2017-04-06] (Intel(R) INTELND1617 -> Intel Corporation) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [421088 2021-04-11] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72928 2021-04-11] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2021-05-05 18:36 - 2021-05-05 18:37 - 000024198 _____ C:\Users\Widmowy Jack\Downloads\FRST.txt 2021-05-05 18:36 - 2021-05-05 18:36 - 000000000 ____D C:\FRST 2021-05-05 18:35 - 2021-05-05 18:35 - 002298368 _____ (Farbar) C:\Users\Widmowy Jack\Downloads\FRST64.exe 2021-05-04 19:11 - 2021-05-04 19:10 - 001173560 _____ (Akeo Consulting) C:\Users\Widmowy Jack\Desktop\rufus-3.14.exe 2021-05-04 19:10 - 2021-05-04 19:42 - 000000400 __RSH C:\ProgramData\ntuser.pol 2021-05-04 19:10 - 2021-05-04 19:10 - 001173560 _____ (Akeo Consulting) C:\Users\Widmowy Jack\Downloads\rufus-3.14.exe 2021-05-04 19:09 - 2021-05-04 19:11 - 2877227008 _____ C:\Users\Widmowy Jack\Downloads\ubuntu-20.04.2.0-desktop-amd64.iso 2021-05-02 17:18 - 2021-05-02 17:18 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2021-05-02 17:18 - 2021-05-02 17:18 - 000000724 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2021-05-02 17:18 - 2021-05-02 17:18 - 000000724 _____ C:\ProgramData\Desktop\Malwarebytes.lnk 2021-05-02 17:17 - 2020-11-12 18:02 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2021-05-02 17:10 - 2021-05-02 17:11 - 000000000 ____D C:\AdwCleaner 2021-04-29 18:51 - 2021-04-28 15:54 - 001855192 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2021-04-29 18:51 - 2021-04-28 15:54 - 001855192 _____ C:\WINDOWS\system32\vulkaninfo.exe 2021-04-29 18:51 - 2021-04-28 15:54 - 001453344 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2021-04-29 18:51 - 2021-04-28 15:54 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2021-04-29 18:51 - 2021-04-28 15:54 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2021-04-29 18:51 - 2021-04-28 15:54 - 001192728 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2021-04-29 18:51 - 2021-04-28 15:54 - 001094880 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2021-04-29 18:51 - 2021-04-28 15:54 - 001094880 _____ C:\WINDOWS\system32\vulkan-1.dll 2021-04-29 18:51 - 2021-04-28 15:54 - 000948952 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2021-04-29 18:51 - 2021-04-28 15:54 - 000948952 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2021-04-29 18:51 - 2021-04-28 15:52 - 000715552 _____ C:\WINDOWS\system32\nvofapi64.dll 2021-04-29 18:51 - 2021-04-28 15:52 - 000575776 _____ C:\WINDOWS\SysWOW64\nvofapi.dll 2021-04-29 18:51 - 2021-04-28 15:51 - 002106144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2021-04-29 18:51 - 2021-04-28 15:51 - 001590560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2021-04-29 18:51 - 2021-04-28 15:51 - 001514776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2021-04-29 18:51 - 2021-04-28 15:51 - 001166104 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2021-04-29 18:51 - 2021-04-28 15:51 - 000675120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2021-04-29 18:51 - 2021-04-28 15:51 - 000564016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2021-04-29 18:51 - 2021-04-28 15:50 - 008317216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2021-04-29 18:51 - 2021-04-28 15:50 - 007434032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2021-04-29 18:51 - 2021-04-28 15:50 - 004795160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2021-04-29 18:51 - 2021-04-28 15:50 - 002823448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2021-04-29 18:51 - 2021-04-28 15:50 - 001730864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6446627.dll 2021-04-29 18:51 - 2021-04-28 15:50 - 001490224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6446627.dll 2021-04-29 18:51 - 2021-04-28 15:50 - 000811800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2021-04-29 18:51 - 2021-04-28 15:50 - 000656152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2021-04-29 18:51 - 2021-04-28 15:42 - 006159152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2021-04-24 20:17 - 2021-04-24 20:18 - 000000000 ____D C:\Users\Widmowy Jack\AppData\Local\enlisted 2021-04-24 20:17 - 2021-04-24 20:17 - 000000000 ____D C:\ProgramData\enlisted 2021-04-24 20:03 - 2021-04-24 20:03 - 000000000 ____D C:\Users\Widmowy Jack\AppData\Local\Gaijin 2021-04-24 20:03 - 2021-04-24 20:03 - 000000000 ____D C:\ProgramData\Gaijin 2021-04-24 20:01 - 2021-04-24 20:01 - 000001581 _____ C:\Users\Widmowy Jack\Desktop\Enlisted.lnk 2021-04-24 20:01 - 2021-04-24 20:01 - 000000000 ____D C:\Users\Widmowy Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Enlisted 2021-04-24 14:04 - 2021-04-24 14:04 - 000000000 ____D C:\Users\Sebastian\Documents\Amnesia 2021-04-24 14:04 - 2021-04-24 14:04 - 000000000 ____D C:\Users\Sebastian\AppData\Roaming\fltk.org 2021-04-24 14:02 - 2021-04-24 14:08 - 000000000 ____D C:\Program Files (x86)\Origin Games 2021-04-24 13:59 - 2021-04-24 13:59 - 000000000 ____D C:\Users\Sebastian\Documents\STAR WARS Battlefront II 2021-04-24 13:53 - 2021-04-24 14:10 - 000000000 ____D C:\Users\Sebastian\AppData\Roaming\Origin 2021-04-24 13:53 - 2021-04-24 14:08 - 000000000 ____D C:\Users\Sebastian\AppData\Local\Origin 2021-04-24 13:53 - 2021-04-24 13:53 - 000000000 ____D C:\Users\Sebastian\.QtWebEngineProcess 2021-04-24 13:53 - 2021-04-24 13:53 - 000000000 ____D C:\Users\Sebastian\.Origin 2021-04-24 13:18 - 2021-04-24 13:20 - 000000000 ____D C:\Users\Widmowy Jack\Documents\STAR WARS Battlefront II 2021-04-24 13:18 - 2021-04-24 13:18 - 000000000 ____D C:\Users\Widmowy Jack\AppData\Local\STAR WARS Battlefront II 2021-04-24 12:34 - 2021-04-24 12:34 - 000000796 _____ C:\Users\Public\Desktop\STAR WARS Battlefront II.lnk 2021-04-24 12:34 - 2021-04-24 12:34 - 000000796 _____ C:\ProgramData\Desktop\STAR WARS Battlefront II.lnk 2021-04-24 12:34 - 2021-04-24 12:34 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller 2021-04-24 12:34 - 2021-04-24 12:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STAR WARS Battlefront II 2021-04-22 11:49 - 2021-04-22 11:49 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-04-21 21:29 - 2021-04-22 17:18 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-04-20 12:53 - 2021-04-20 12:53 - 000000000 __RHD C:\Users\Sebastian\AppData\Roaming\SecuROM 2021-04-15 11:54 - 2021-04-15 11:54 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2021-04-15 11:54 - 2021-04-15 11:54 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll 2021-04-15 11:54 - 2021-04-15 11:54 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-04-15 10:02 - 2020-08-14 09:59 - 000043416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\NvModuleTracker.sys 2021-04-08 08:13 - 2021-05-05 18:33 - 000000000 ____D C:\Users\Widmowy Jack\AppData\Local\Spotify 2021-04-08 08:13 - 2021-05-05 18:32 - 000000000 ____D C:\Users\Widmowy Jack\AppData\Roaming\Spotify 2021-04-08 08:13 - 2021-04-08 08:13 - 000001891 _____ C:\Users\Widmowy Jack\Desktop\Spotify.lnk 2021-04-08 08:13 - 2021-04-08 08:13 - 000001877 _____ C:\Users\Widmowy Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2021-05-05 18:34 - 2020-02-11 21:03 - 000000000 ____D C:\ProgramData\NVIDIA 2021-05-05 18:34 - 2019-02-06 17:43 - 000000000 ____D C:\ProgramData\Mozilla 2021-05-05 18:33 - 2018-08-16 22:28 - 000000000 ____D C:\Users\Widmowy Jack\AppData\LocalLow\Mozilla 2021-05-05 18:32 - 2020-11-12 23:46 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-05-05 18:32 - 2020-11-12 23:40 - 000008192 ___SH C:\DumpStack.log.tmp 2021-05-05 18:32 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-05-04 21:58 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2021-05-04 21:58 - 2018-08-17 18:05 - 000000000 ____D C:\Users\Widmowy Jack\AppData\Roaming\discord 2021-05-04 21:57 - 2020-11-12 23:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-05-04 21:23 - 2018-08-17 18:05 - 000000000 ____D C:\Users\Widmowy Jack\AppData\Local\Discord 2021-05-04 20:39 - 2020-11-12 23:51 - 000842418 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-05-04 20:39 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2021-05-04 20:27 - 2020-06-19 20:11 - 000000000 ____D C:\Users\Widmowy Jack\AppData\Local\ChomikBox 2021-05-04 20:27 - 2020-06-19 20:11 - 000000000 ____D C:\Users\Widmowy Jack\.gstreamer-0.10 2021-05-04 19:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2021-05-04 19:10 - 2017-09-29 15:46 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2021-05-04 11:09 - 2020-05-24 10:19 - 000000000 ____D C:\Program Files\Microsoft Office 2021-05-03 18:58 - 2021-03-22 19:54 - 000000000 ____D C:\Users\Widmowy Jack\Documents\VideoOutput 2021-05-03 18:08 - 2018-10-02 16:43 - 000000000 ____D C:\Users\Widmowy Jack\AppData\Local\D3DSCache 2021-05-02 22:51 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-05-02 18:22 - 2018-08-18 18:42 - 000000000 ____D C:\Users\Widmowy Jack\AppData\Roaming\tixati 2021-05-02 18:10 - 2018-08-17 18:58 - 000000000 ____D C:\Users\Widmowy Jack\AppData\Roaming\MPC-HC 2021-05-02 17:18 - 2020-11-12 18:02 - 000000724 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2021-05-02 17:17 - 2020-11-12 18:02 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2021-05-02 17:17 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2021-05-02 17:13 - 2020-03-15 22:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net 2021-05-02 17:12 - 2020-11-27 17:54 - 000000000 ____D C:\WINDOWS\Minidump 2021-05-02 17:12 - 2020-02-13 22:24 - 000000000 ____D C:\Users\Widmowy Jack\AppData\Local\CrashDumps 2021-05-02 17:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2021-05-02 17:05 - 2020-11-12 23:46 - 000003926 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2021-04-30 21:25 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-04-30 21:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-04-30 21:07 - 2020-06-10 19:14 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-04-30 21:04 - 2018-08-16 22:14 - 000000000 ____D C:\Users\Widmowy Jack\AppData\Local\Packages 2021-04-29 20:29 - 2020-11-12 23:46 - 000003392 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-992322469-3752856531-2472332681-1002 2021-04-29 20:29 - 2020-11-12 23:42 - 000002390 _____ C:\Users\Widmowy Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-04-29 20:29 - 2018-08-16 22:15 - 000000000 ___RD C:\Users\Widmowy Jack\OneDrive 2021-04-29 19:59 - 2020-11-12 23:42 - 000000000 ____D C:\Users\Widmowy Jack 2021-04-29 18:52 - 2020-02-11 21:04 - 000000000 ____D C:\Users\Widmowy Jack\AppData\Local\NVIDIA 2021-04-28 19:53 - 2020-12-12 22:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cyberpunk 2077 [GOG.com] 2021-04-28 15:42 - 2020-11-03 12:48 - 007212248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2021-04-26 21:30 - 2021-01-29 21:26 - 000002259 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-04-26 21:30 - 2021-01-29 21:26 - 000002218 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2021-04-26 21:30 - 2021-01-29 21:26 - 000002218 _____ C:\ProgramData\Desktop\Google Chrome.lnk 2021-04-26 21:01 - 2020-11-28 16:17 - 000003386 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b93d3bc58c2e 2021-04-26 21:01 - 2020-11-12 23:46 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-04-25 15:54 - 2020-11-26 11:59 - 000000000 ____D C:\Users\Sebastian\AppData\Local\Packages 2021-04-25 15:19 - 2020-02-09 22:04 - 000000000 ____D C:\Users\Widmowy Jack\AppData\Roaming\Origin 2021-04-25 15:19 - 2020-02-09 22:04 - 000000000 ____D C:\ProgramData\Origin 2021-04-25 13:38 - 2020-02-09 22:04 - 000000000 ____D C:\Users\Widmowy Jack\AppData\Local\Origin 2021-04-24 20:17 - 2020-11-04 16:56 - 000000000 ____D C:\Users\Widmowy Jack\AppData\Roaming\EasyAntiCheat 2021-04-24 20:01 - 2020-06-13 21:39 - 000000000 ____D C:\Gry 2021-04-24 20:01 - 2019-08-24 18:14 - 000000000 ____D C:\Users\Widmowy Jack\Documents\My Games 2021-04-24 14:09 - 2020-11-26 12:02 - 000000000 ____D C:\Users\Sebastian\AppData\LocalLow\Mozilla 2021-04-24 13:59 - 2020-11-26 12:05 - 000000000 ____D C:\Users\Sebastian\AppData\Local\D3DSCache 2021-04-24 13:53 - 2020-11-26 11:59 - 000000000 ____D C:\Users\Sebastian 2021-04-24 12:25 - 2020-02-09 22:06 - 000000000 ____D C:\Program Files (x86)\Origin 2021-04-24 03:10 - 2020-11-03 12:48 - 000063943 _____ C:\WINDOWS\system32\nvinfo.pb 2021-04-23 23:13 - 2020-03-15 23:25 - 005667696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2021-04-23 23:13 - 2020-03-15 23:25 - 002637680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2021-04-23 23:13 - 2020-03-15 23:25 - 001758064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2021-04-23 23:13 - 2020-03-15 23:25 - 000990064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll 2021-04-23 23:13 - 2020-03-15 23:25 - 000120176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2021-04-23 23:13 - 2020-03-15 23:25 - 000082288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll 2021-04-23 22:10 - 2020-09-21 21:17 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2021-04-22 21:24 - 2021-01-26 21:40 - 001695184 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll 2021-04-22 21:24 - 2021-01-26 21:40 - 000236472 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll 2021-04-22 21:24 - 2021-01-26 21:40 - 000176592 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll 2021-04-22 21:24 - 2021-01-26 21:40 - 000159672 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll 2021-04-22 21:24 - 2021-01-26 21:40 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll 2021-04-22 21:24 - 2021-01-26 21:40 - 000038328 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe 2021-04-22 17:18 - 2018-08-16 22:28 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-04-22 11:49 - 2018-08-16 22:28 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-04-21 21:24 - 2021-01-29 21:26 - 000003418 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2021-04-21 21:24 - 2021-01-29 21:26 - 000003294 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2021-04-16 09:02 - 2020-03-15 23:25 - 009536587 _____ C:\WINDOWS\system32\nvcoproc.bin 2021-04-15 19:03 - 2020-02-09 22:19 - 000000000 ____D C:\ProgramData\Epic 2021-04-15 12:23 - 2020-11-12 23:40 - 000443992 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-04-15 12:22 - 2019-12-07 11:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2021-04-15 12:22 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2021-04-15 12:22 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-04-15 12:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-04-15 12:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup 2021-04-15 12:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-04-15 12:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2021-04-15 12:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2021-04-15 12:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE 2021-04-15 12:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2021-04-15 12:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning 2021-04-15 12:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-04-15 12:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-04-15 11:54 - 2020-11-12 23:46 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2021-04-15 11:50 - 2018-08-17 07:01 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-04-15 11:48 - 2018-08-17 07:01 - 131963968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-04-15 10:03 - 2020-11-12 23:46 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-04-15 10:03 - 2020-11-12 23:46 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-04-15 10:03 - 2020-11-12 23:46 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-04-15 10:03 - 2020-11-12 23:46 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-04-15 10:03 - 2020-11-12 23:46 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-04-15 10:03 - 2020-11-12 23:46 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-04-15 10:03 - 2020-11-12 23:46 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-04-15 10:03 - 2020-11-12 23:46 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-04-15 10:03 - 2020-03-15 23:29 - 000001449 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2021-04-15 10:03 - 2020-03-15 23:29 - 000001449 _____ C:\ProgramData\Desktop\GeForce Experience.lnk 2021-04-15 10:03 - 2020-02-11 21:03 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2021-04-15 10:03 - 2020-02-11 20:54 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2021-04-15 10:03 - 2020-02-11 20:54 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2021-04-15 10:02 - 2020-11-12 23:46 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-04-15 10:02 - 2020-11-12 23:46 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-04-11 14:02 - 2018-08-17 17:05 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-04-10 17:37 - 2020-11-26 12:01 - 000003386 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-992322469-3752856531-2472332681-1004 2021-04-10 17:37 - 2020-11-26 12:01 - 000000000 ___RD C:\Users\Sebastian\OneDrive 2021-04-10 17:37 - 2020-11-26 11:59 - 000002381 _____ C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-04-07 13:38 - 2020-03-15 23:27 - 002817904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll 2021-04-07 13:38 - 2020-03-15 23:27 - 002171760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll 2021-04-07 13:38 - 2020-03-15 23:27 - 001293680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll ==================== Files in the root of some directories ======== 2018-08-24 22:04 - 2003-04-09 05:28 - 000233472 _____ () C:\Users\Widmowy Jack\AppData\Roaming\MafiaSetup.exe 2020-02-13 17:36 - 2020-12-19 17:04 - 000007597 _____ () C:\Users\Widmowy Jack\AppData\Local\resmon.resmoncfg ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================