Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06.04.2024 01 Ran by 30pingu (administrator) on PINGU (Gigabyte Technology Co., Ltd. B450 AORUS PRO) (06-04-2024 20:23:30) Running from C:\Users\miete\Desktop\FRSTEnglish.exe Loaded Profiles: 30pingu Platform: Microsoft Windows 11 Home Version 23H2 22631.3374 (X64) Language: Polski (Polska) Default browser: Opera Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe <6> (C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 21.3\avp.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 21.3\avpui.exe (C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8> (C:\Program Files\LGHUB\lghub_agent.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\logi_crashpad_handler.exe <2> (C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3> (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.450.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.65\msedgewebview2.exe <6> (C:\Users\miete\AppData\Local\Programs\Opera GX\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\miete\AppData\Local\Programs\Opera GX\107.0.5045.86\opera_crashreporter.exe (C:\Windows\runSW.exe ->) (Realtek Semiconductor Corp. -> Realtek) C:\Windows\SwUSB.exe (Discord Inc. -> Discord Inc.) C:\Users\miete\AppData\Local\Discord\app-1.0.9039\Discord.exe <6> (explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe (explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_11.2401.26.0_x64__8wekyb3d8bbwe\Notepad\Notepad.exe <2> (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Opera Norway AS -> Opera Software) C:\Users\miete\AppData\Local\Programs\Opera GX\opera.exe <37> (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 21.3\avp.exe (services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe (services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Windows\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_d70af0bfe61df9f0\logi_lamparray_service.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3> (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_268e85175aa9e991\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Realtek Semiconductor Corp. -> ) C:\Windows\runSW.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RTUWPSrvcMain.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2> (services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe (sihost.exe ->) (04797BBC-C7BB-462F-9B66-331C81E27C0E -> TranslucentTB Open Source Developers) C:\Program Files\WindowsApps\28017CharlesMilette.TranslucentTB_2024.1.0.0_x64__v826wp6bftszj\TranslucentTB.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.450.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [750680 2023-12-19] (Oracle America, Inc. -> Oracle Corporation) HKU\S-1-5-21-3294184972-935576208-774461254-1001\...\Run: [Opera GX Stable] => C:\Users\miete\AppData\Local\Programs\Opera GX\launcher.exe [2304416 2024-04-02] (Opera Norway AS -> Opera Software) HKU\S-1-5-21-3294184972-935576208-774461254-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\miete\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software) HKU\S-1-5-21-3294184972-935576208-774461254-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4384104 2024-03-06] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-3294184972-935576208-774461254-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [2735208 2024-04-03] (Electronic Arts, Inc. -> Electronic Arts) HKU\S-1-5-21-3294184972-935576208-774461254-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1789960 2024-03-27] (Overwolf Ltd -> Overwolf Ltd.) HKU\S-1-5-21-3294184972-935576208-774461254-1001\...\Run: [Medal] => C:\Users\miete\AppData\Local\Medal\update.exe [2049384 2024-02-18] (Ferox Games B.V. -> ) HKU\S-1-5-21-3294184972-935576208-774461254-1001\...\Run: [CanvaAutoLaunchAvailabilityCheckAgent] => C:\Users\miete\AppData\Local\Programs\Canva\Canva.exe [166402704 2024-02-19] (Canva -> Canva Pty Ltd) HKU\S-1-5-21-3294184972-935576208-774461254-1001\...\Run: [com.messenger] => C:\Users\miete\AppData\Local\Programs\Messenger\Messenger.exe messenger://openAtLogin (No File) HKU\S-1-5-21-3294184972-935576208-774461254-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe [46056704 2024-03-08] (Logitech Inc -> Logitech, Inc.) HKU\S-1-5-21-3294184972-935576208-774461254-1001\...\Run: [RiotClient] => C:\Riot Games\Riot Client\RiotClientServices.exe --launch-background-mode (No File) HKU\S-1-5-21-3294184972-935576208-774461254-1001\...\Run: [Discord] => C:\Users\miete\AppData\Local\Discord\Update.exe [1525024 2024-03-18] (Discord Inc. -> GitHub) HKU\S-1-5-21-3294184972-935576208-774461254-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37426152 2024-04-06] (Epic Games Inc. -> Epic Games, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoCleanUp.bat [2022-10-04] () [File not signed] ==================== Scheduled Tasks (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {CEBBB8CA-DAF4-44CF-ADEB-DF74E7592DA2} - System32\Tasks\Meta\Messenger-SL-Helper-S-1-5-21-3294184972-935576208-774461254-1001 => C:\Users\miete\AppData\Local\Programs\Messenger\MessengerHelper.exe [2169592 2024-02-27] (Facebook, Inc. -> Meta Platforms, Inc.) Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File) Task: {37B7495B-F790-457C-9D97-BBBFC49A14BA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {6E5F3908-CDC3-4837-8490-88356211B7A5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {81E9536F-B84A-49FE-9CA4-2CF3116A00AE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {E339DDF3-E4E6-4029-9A70-044698A6AEA0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {FEA0DBC0-ADE8-4E46-A868-E6DBC0B0EBB6} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {8F9E2EE7-D388-4283-B582-3F3C56B857A8} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {0885ADA6-3AC2-416E-8820-0A2AA04C1E3F} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler Task: {563E6BC2-96B5-4466-9D28-4A035657B6EA} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {A28CBC4B-7A0D-4457-8C77-71E4039E2A37} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {01E4ADC2-290D-4C09-80C3-0DAAA521667C} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {C4FB243C-828F-46DE-956C-B57A0E94CEDD} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {43494459-BA0B-4C6C-AD06-A3B19E69B7AA} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {863465D9-748C-457E-B7ED-0C554991AE0B} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {653A3774-F187-49BA-942C-573A070096EA} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1707519929 => C:\Users\miete\AppData\Local\Programs\Opera GX\launcher.exe [2304416 2024-04-02] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\miete\AppData\Local\Programs\Opera GX\assistant" $(Arg0) Task: {BF8AEFF7-2ED3-42C1-B63F-907B87D207B4} - System32\Tasks\Opera GX scheduled Autoupdate 1707519803 => C:\Users\miete\AppData\Local\Programs\Opera GX\launcher.exe [2304416 2024-04-02] (Opera Norway AS -> Opera Software) Task: {9C823FFE-723E-470C-B64B-486691197AFD} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2644488 2024-03-27] (Overwolf Ltd -> Overwolf LTD) -> C:\Program Files (x86)\Overwolf\/RunningFrom Schedule (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.100.1 Tcpip\..\Interfaces\{137f0ab5-9bf4-43da-88ec-ec8a15e0a793}: [DhcpNameServer] 192.168.100.1 Tcpip\..\Interfaces\{137f0ab5-9bf4-43da-88ec-ec8a15e0a793}\960586F6E6560282D496564756B692: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{137f0ab5-9bf4-43da-88ec-ec8a15e0a793}\E4544594143505F445D223E2437484A7D253854365: [DhcpNameServer] 192.168.100.1 Tcpip\..\Interfaces\{757f978b-4615-4515-ac12-8259db08f822}: [NameServer] 198.51.100.1,198.51.100.2 Edge: ======= Edge Profile: C:\Users\miete\AppData\Local\Microsoft\Edge\User Data\Default [2024-04-03] Edge Extension: (Dokumenty Google offline) - C:\Users\miete\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-29] Edge Extension: (Edge relevant text changes) - C:\Users\miete\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-10] Edge HKU\S-1-5-21-3294184972-935576208-774461254-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] Edge HKU\S-1-5-21-3294184972-935576208-774461254-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [kagpabjoboikccfdghpdlaaopmgpgfdc] FireFox: ======== FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 21.3\FFExt\light_plugin_firefox\addon.xpi => not found FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 21.3\FFExt\light_plugin_firefox\addon.xpi => not found FF Plugin: @java.com/DTPlugin,version=11.401.2 -> C:\Program Files\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-12-19] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.401.2 -> C:\Program Files\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-12-19] (Oracle America, Inc. -> Oracle Corporation) Chrome: ======= CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm CHR HKU\S-1-5-21-3294184972-935576208-774461254-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ljglajjnnkapghbckkcmodicjhacbfhk] CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm Opera: ======= StartMenuInternet: (HKU\S-1-5-21-3294184972-935576208-774461254-1001) Opera GXStable - "C:\Users\miete\AppData\Local\Programs\Opera GX\Launcher.exe" ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 21.3\avp.exe [184768 2022-08-02] (Kaspersky Lab JSC -> AO Kaspersky Lab) S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [12200040 2024-04-03] (Electronic Arts, Inc. -> Electronic Arts) S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [935344 2024-04-06] (EasyAntiCheat Oy -> Epic Games, Inc.) S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2022-03-03] (Epic Games Inc. -> Epic Games, Inc.) S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) S2 KSDE5.16; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.16\ksde.exe [32008 2024-01-12] (Kaspersky Lab JSC -> AO Kaspersky Lab) R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10994432 2024-03-08] (Logitech Inc -> Logitech, Inc.) R2 logi_lamparray_service; C:\WINDOWS\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_d70af0bfe61df9f0\logi_lamparray_service.exe [9887832 2024-03-08] (Logitech Inc -> Logitech, Inc.) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8884840 2024-04-06] (Malwarebytes Inc. -> Malwarebytes) S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-04-01] (Malwarebytes Inc. -> Malwarebytes) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_268e85175aa9e991\Display.NvContainer\NVDisplay.Container.exe [1275424 2024-04-03] (NVIDIA Corporation -> NVIDIA Corporation) S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2644488 2024-03-27] (Overwolf Ltd -> Overwolf LTD) R2 RTUsbSwSrvc; C:\WINDOWS\RTUWPSrvcMain.exe [933376 2024-02-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) R2 RunSwUSB; C:\Windows\runSW.exe [59232 2019-08-19] (Realtek Semiconductor Corp. -> ) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\NisSrv.exe [3191272 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe [133688 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WirelessKB850NotificationService; C:\WINDOWS\System32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation) S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X] S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X] ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AmdTools64; C:\WINDOWS\System32\drivers\AmdTools64.sys [63392 2020-06-16] (Microsoft Windows Hardware Compatibility Publisher -> ) S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [188416 2023-12-04] (Microsoft Corporation) [File not signed] S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed] R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [237288 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2024-04-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R1 klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [105280 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [206600 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [119568 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab) R1 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [533040 2024-04-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [824528 2024-01-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [1999568 2024-01-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [245144 2024-04-04] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1051184 2024-04-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [90896 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [104728 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [107328 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [78088 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [88328 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 kltun; C:\WINDOWS\system32\DRIVERS\kltun.sys [90032 2024-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [384656 2024-03-30] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [354640 2024-03-30] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [183120 2024-03-30] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [262712 2024-03-30] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [150280 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [325400 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [294680 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) S3 logi_generic_hid_filter; C:\WINDOWS\system32\drivers\logi_generic_hid_filter.sys [62288 2023-06-17] (Logitech Inc -> Logitech) R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2023-06-17] (Logitech Inc -> Logitech) S3 logi_joy_hid_filter; C:\WINDOWS\system32\drivers\logi_joy_hid_filter.sys [63824 2023-06-17] (Logitech Inc -> Logitech) S3 logi_joy_hid_lo; C:\WINDOWS\system32\drivers\logi_joy_hid_lo.sys [51536 2023-06-17] (Logitech Inc -> Logitech) R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2022-09-23] (Logitech Inc -> Logitech) R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2023-06-17] (Logitech Inc -> Logitech) R3 logi_lamparray; C:\WINDOWS\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_d70af0bfe61df9f0\logi_lamparray.sys [89176 2024-03-08] (Logitech Inc -> Logitech, Inc.) R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223296 2024-04-06] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-04-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt11.sys [234312 2024-04-06] (Malwarebytes Inc. -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [78400 2024-04-06] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-04-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [188784 2024-04-06] (Malwarebytes Inc. -> Malwarebytes) R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation) R3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [12128768 2024-02-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation) S3 VoiceAIDriver; C:\WINDOWS\System32\DriverStore\FileRepository\voiceaidriver.inf_amd64_214d6aacf9c41414\voiceaidriver.sys [73640 2022-12-29] (Voice AI LLC -> Windows (R) Win 7 DDK provider) S3 VOICEMOD_Driver; C:\WINDOWS\system32\drivers\mvvad.sys [48144 2022-07-26] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider) R0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20928 2024-03-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [603416 2024-03-13] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105752 2024-03-13] (Microsoft Windows -> Microsoft Corporation) S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2024-04-06 20:10 - 2024-04-06 20:23 - 000027020 _____ C:\Users\miete\Desktop\FRST.txt 2024-04-06 20:05 - 2024-04-06 20:05 - 000000223 _____ C:\Users\miete\Desktop\Buckshot Roulette.url 2024-04-06 19:54 - 2024-04-06 19:54 - 000786502 _____ C:\WINDOWS\system32\perfh015.dat 2024-04-06 19:54 - 2024-04-06 19:54 - 000154452 _____ C:\WINDOWS\system32\perfc015.dat 2024-04-06 19:53 - 2024-04-06 20:23 - 000000000 ____D C:\FRST 2024-04-06 19:53 - 2024-04-06 19:53 - 000000000 ____D C:\Users\miete\Desktop\FRST-OlderVersion 2024-04-06 19:49 - 2024-04-06 19:49 - 000234312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt11.sys 2024-04-06 19:49 - 2024-04-06 19:49 - 000188784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2024-04-06 19:49 - 2024-04-06 19:49 - 000000000 ____D C:\Users\miete\AppData\LocalLow\IGDump 2024-04-06 16:50 - 2024-04-06 16:50 - 002373676 _____ C:\Users\miete\Downloads\lb8mntc9.jar 2024-04-06 13:52 - 2024-04-06 13:52 - 000000000 ____D C:\Users\miete\AppData\Local\MidnightGhostHunt 2024-04-06 13:51 - 2024-04-06 13:52 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat_EOS 2024-04-06 13:51 - 2024-04-06 13:51 - 000000000 ____D C:\Users\miete\AppData\Roaming\EasyAntiCheat 2024-04-06 13:34 - 2024-04-06 19:53 - 002393600 _____ (Farbar) C:\Users\miete\Desktop\FRSTEnglish.exe 2024-04-06 13:34 - 2024-04-06 13:34 - 000000000 ____D C:\WINDOWS\ERUNT 2024-04-06 13:33 - 2024-04-06 13:33 - 014209528 _____ C:\Users\miete\Desktop\mb-support-1.9.10.1005.exe 2024-04-06 13:30 - 2024-04-06 13:30 - 008790880 _____ (Malwarebytes) C:\Users\miete\Desktop\adwcleaner.exe 2024-04-06 13:06 - 2024-04-06 13:06 - 000000393 _____ C:\Users\miete\Desktop\Midnight Ghost Hunt.url 2024-04-06 12:45 - 2024-04-06 12:45 - 000000000 ____D C:\Program Files\Epic Games 2024-04-06 12:41 - 2024-04-06 12:41 - 000000000 ____D C:\Users\miete\AppData\Local\UnrealEngineLauncher 2024-04-06 12:41 - 2024-04-06 12:41 - 000000000 ____D C:\Users\miete\AppData\Local\EpicGamesLauncher 2024-04-06 12:40 - 2024-04-06 13:52 - 000000000 ____D C:\Users\miete\AppData\Local\Epic Games 2024-04-06 12:39 - 2024-04-06 13:52 - 000000000 ____D C:\ProgramData\Epic 2024-04-06 12:39 - 2024-04-06 12:40 - 000000000 ____D C:\Program Files (x86)\Epic Games 2024-04-06 12:39 - 2024-04-06 12:39 - 000001290 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk 2024-04-06 12:39 - 2024-04-06 12:39 - 000001278 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk 2024-04-06 10:47 - 2024-04-06 10:48 - 000000000 ____D C:\Users\miete\Downloads\Polar 2024-04-06 10:47 - 2024-04-06 10:47 - 000021944 _____ C:\Users\miete\Downloads\Nowy folder (3).rar 2024-04-06 09:35 - 2024-04-06 09:35 - 000447546 _____ (Fabric Team) C:\Users\miete\Desktop\fabric-installer-1.0.0.exe 2024-04-06 08:57 - 2024-04-06 08:57 - 000000000 ____D C:\Users\miete\Desktop\cf liquid 2024-04-05 23:36 - 2024-04-05 23:36 - 000000000 _____ C:\Users\miete\Downloads\Nowy Dokument tekstowy.txt 2024-04-05 22:55 - 2024-04-05 23:10 - 000000000 ____D C:\Users\miete\AppData\Roaming\.tlauncher 2024-04-05 22:55 - 2024-04-05 22:55 - 000000000 ____D C:\Users\miete\AppData\Roaming\java 2024-04-05 22:18 - 2024-04-05 22:18 - 007777656 _____ (ESET) C:\Users\miete\Desktop\sysinspector_nt64.exe 2024-04-05 19:19 - 2024-04-05 20:02 - 000000000 ____D C:\baritone 2024-04-05 19:19 - 2024-04-05 19:19 - 000000000 ____D C:\shaderpacks 2024-04-05 19:19 - 2024-04-05 19:19 - 000000000 ____D C:\resourcepacks 2024-04-05 17:40 - 2024-04-05 17:40 - 000000000 ____D C:\Users\miete\Desktop\lequid 2024-04-05 17:40 - 2024-01-17 22:30 - 000013269 _____ C:\Users\miete\Downloads\PlayerHealthIndicators-1.1.0-1.20.1.jar 2024-04-05 15:59 - 2024-04-05 15:59 - 000447546 _____ (Fabric Team) C:\Users\miete\Downloads\fabric-installer-1.0.0.exe 2024-04-05 14:55 - 2023-02-25 14:58 - 000000000 ____D C:\Users\miete\Downloads\SuperPaczek 2024-04-04 23:05 - 2024-04-04 23:05 - 000001076 _____ C:\Users\Public\Desktop\liquidlauncher.lnk 2024-04-04 23:05 - 2024-04-04 23:05 - 000000000 ____D C:\Users\miete\AppData\Roaming\CCBlueX 2024-04-04 23:05 - 2024-04-04 23:05 - 000000000 ____D C:\Users\miete\AppData\Local\net.ccbluex.liquidlauncher 2024-04-04 23:05 - 2024-04-04 23:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\liquidlauncher 2024-04-04 23:05 - 2024-04-04 23:05 - 000000000 ____D C:\Program Files\liquidlauncher 2024-04-04 20:58 - 2024-04-04 20:58 - 000106579 _____ C:\Users\miete\Downloads\walksy-shield-fixes-1.20x.jar 2024-04-04 16:19 - 2024-04-04 16:19 - 000000000 ____D C:\WINDOWS\LastGood.Tmp 2024-04-04 16:16 - 2024-04-03 15:53 - 002031464 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2024-04-04 16:16 - 2024-04-03 15:53 - 002031464 _____ C:\WINDOWS\system32\vulkaninfo.exe 2024-04-04 16:16 - 2024-04-03 15:53 - 001578752 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2024-04-04 16:16 - 2024-04-03 15:53 - 001578752 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2024-04-04 16:16 - 2024-04-03 15:53 - 001487904 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2024-04-04 16:16 - 2024-04-03 15:53 - 001445224 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2024-04-04 16:16 - 2024-04-03 15:53 - 001445224 _____ C:\WINDOWS\system32\vulkan-1.dll 2024-04-04 16:16 - 2024-04-03 15:53 - 001295104 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2024-04-04 16:16 - 2024-04-03 15:53 - 001295104 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2024-04-04 16:16 - 2024-04-03 15:53 - 001226864 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2024-04-04 16:16 - 2024-04-03 15:50 - 001543712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2024-04-04 16:16 - 2024-04-03 15:50 - 001199624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2024-04-04 16:16 - 2024-04-03 15:50 - 001046040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll 2024-04-04 16:16 - 2024-04-03 15:50 - 000841736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe 2024-04-04 16:16 - 2024-04-03 15:50 - 000670240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll 2024-04-04 16:16 - 2024-04-03 15:50 - 000505352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll 2024-04-04 16:16 - 2024-04-03 15:49 - 012929568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2024-04-04 16:16 - 2024-04-03 15:49 - 002174496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2024-04-04 16:16 - 2024-04-03 15:49 - 001626120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2024-04-04 16:16 - 2024-04-03 15:49 - 001024544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2024-04-04 16:16 - 2024-04-03 15:49 - 000787464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2024-04-04 16:16 - 2024-04-03 15:49 - 000459272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe 2024-04-04 16:16 - 2024-04-03 15:48 - 016034848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2024-04-04 16:16 - 2024-04-03 15:48 - 006780960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2024-04-04 16:16 - 2024-04-03 15:48 - 005913200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2024-04-04 16:16 - 2024-04-03 15:48 - 005773344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll 2024-04-04 16:16 - 2024-04-03 15:48 - 003721224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2024-04-04 16:16 - 2024-04-03 15:48 - 000853008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe 2024-04-04 16:16 - 2024-04-03 15:47 - 006034736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2024-04-04 16:16 - 2024-04-03 03:54 - 000119466 _____ C:\WINDOWS\system32\nvinfo.pb 2024-04-01 09:09 - 2024-04-06 20:20 - 000000000 ____D C:\Users\miete\AppData\Local\Malwarebytes 2024-04-01 09:09 - 2024-04-06 13:29 - 000002093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2024-04-01 09:09 - 2024-04-06 13:29 - 000002081 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2024-04-01 09:09 - 2024-04-06 13:28 - 000000000 ____D C:\ProgramData\Malwarebytes 2024-04-01 09:09 - 2024-04-06 13:28 - 000000000 ____D C:\Program Files\Malwarebytes 2024-03-31 19:29 - 2024-03-31 19:29 - 010339840 _____ (Vencord) C:\Users\miete\Downloads\VencordInstaller.exe 2024-03-31 19:04 - 2024-04-06 19:50 - 000000000 ____D C:\Users\miete\AppData\Local\Discord 2024-03-31 19:03 - 2024-03-31 19:03 - 096202472 _____ (Discord Inc.) C:\Users\miete\Downloads\DiscordSetup.exe 2024-03-30 23:23 - 2024-04-03 20:15 - 000000000 ____D C:\Users\miete\Documents\LATWITY 2024-03-30 22:30 - 2024-03-30 22:31 - 000000000 ____D C:\WINDOWS\Minidump 2024-03-30 22:30 - 2024-03-30 22:30 - 1391739083 _____ C:\WINDOWS\MEMORY.DMP 2024-03-30 22:30 - 2024-03-30 22:30 - 003600132 _____ C:\WINDOWS\Minidump\033024-11937-01.dmp 2024-03-30 21:23 - 2024-03-30 21:22 - 000002238 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Free.lnk 2024-03-30 21:23 - 2024-03-30 21:22 - 000002106 _____ C:\Users\Public\Desktop\Kaspersky Free.lnk 2024-03-30 21:22 - 2021-02-19 22:09 - 000110176 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\klfphc.dll 2024-03-30 08:50 - 2024-03-30 08:50 - 000000000 ____D C:\ProgramData\Unknown Worlds 2024-03-30 08:49 - 2024-03-30 08:49 - 000000000 ____D C:\Users\miete\AppData\LocalLow\Unknown Worlds 2024-03-29 19:37 - 2024-03-29 19:37 - 000000000 ____D C:\WINDOWS\SysWOW64\DDFs 2024-03-29 12:49 - 2024-03-29 12:49 - 000024320 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json 2024-03-29 12:48 - 2024-03-29 12:48 - 000024320 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json 2024-03-29 11:34 - 2024-03-30 22:32 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat 2024-03-28 21:57 - 2024-04-06 08:48 - 000000000 ____D C:\Riot Games 2024-03-28 21:57 - 2024-04-06 08:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games 2024-03-28 21:57 - 2024-03-28 21:57 - 000000000 ____D C:\Users\miete\AppData\Roaming\riot-client-ux 2024-03-28 21:57 - 2024-03-28 21:57 - 000000000 ____D C:\Users\miete\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Riot Games 2024-03-28 21:57 - 2024-03-28 21:57 - 000000000 ____D C:\Users\miete\AppData\Local\Riot Games 2024-03-28 21:57 - 2024-03-28 21:57 - 000000000 ____D C:\ProgramData\Riot Games 2024-03-28 09:11 - 2024-04-05 16:03 - 000000000 ____D C:\Users\miete\Desktop\mody L 2024-03-27 22:04 - 2024-03-30 00:57 - 000000140 _____ C:\Users\miete\Downloads\tinytask.ini 2024-03-27 21:52 - 2024-03-28 21:43 - 475844317 _____ C:\Users\miete\Documents\ciwdupe.json 2024-03-27 21:11 - 2024-03-27 21:11 - 000036352 _____ () C:\Users\miete\Downloads\tinytask.exe 2024-03-23 09:49 - 2024-03-23 09:49 - 000000000 ____D C:\Users\miete\AppData\Roaming\Electronic Arts 2024-03-23 09:48 - 2024-03-23 10:06 - 000000000 ____D C:\Users\miete\Documents\Need For Speed(TM) Unbound 2024-03-23 09:48 - 2024-03-23 09:48 - 000000000 ____D C:\ProgramData\Frostbite 2024-03-22 15:51 - 2019-07-05 09:17 - 002232320 _____ (fabi.me) C:\Users\miete\Downloads\SpeedAutoClicker.exe 2024-03-19 16:56 - 2024-04-05 22:45 - 000000000 ____D C:\Users\miete\AppData\Roaming\gdlauncher_carbon 2024-03-19 16:56 - 2024-03-19 16:56 - 000000000 ____D C:\Users\miete\AppData\Local\@gddesktop-updater 2024-03-19 16:26 - 2024-03-19 16:26 - 000000000 ____D C:\Users\miete\AppData\Local\TeamSpeak 3 2024-03-19 16:25 - 2024-03-23 21:56 - 000000000 ____D C:\Users\miete\AppData\Roaming\TS3Client 2024-03-19 16:25 - 2024-03-19 16:25 - 000000970 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk 2024-03-19 16:25 - 2024-03-19 16:25 - 000000000 ____D C:\Program Files\TeamSpeak 3 Client 2024-03-18 22:19 - 2024-03-29 23:54 - 000000000 ____D C:\Users\30pingu 2024-03-18 22:19 - 2024-03-18 22:28 - 000000000 ____D C:\Program Files\SmoothWizard 2024-03-18 22:19 - 2024-03-18 22:19 - 000000000 ____D C:\Users\30pingu\AppData\Local\SmoothWizard 2024-03-18 19:02 - 2024-03-18 19:02 - 000002240 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky VPN.lnk 2024-03-18 19:02 - 2024-03-18 19:02 - 000002102 _____ C:\Users\Public\Desktop\Kaspersky VPN.lnk 2024-03-15 19:55 - 2024-03-15 19:55 - 000001986 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Feather Launcher.lnk 2024-03-14 21:45 - 2024-03-19 16:56 - 000000000 ____D C:\Users\miete\AppData\Roaming\ow-electron 2024-03-14 21:45 - 2024-03-14 21:46 - 000000000 ____D C:\Users\miete\AppData\Roaming\CurseForge 2024-03-14 21:45 - 2024-03-14 21:45 - 000000000 ____D C:\Users\miete\curseforge 2024-03-14 21:45 - 2024-03-14 21:45 - 000000000 ____D C:\Users\miete\AppData\Local\curseforge-updater 2024-03-10 20:09 - 2024-03-29 18:19 - 000000000 ____D C:\Users\miete\AppData\Roaming\obs-studio 2024-03-10 20:09 - 2024-03-10 20:09 - 000001052 _____ C:\Users\Public\Desktop\OBS Studio.lnk 2024-03-10 20:09 - 2024-03-10 20:09 - 000000000 ____D C:\ProgramData\obs-studio-hook 2024-03-10 20:09 - 2024-03-10 20:09 - 000000000 ____D C:\ProgramData\obs-studio 2024-03-10 20:09 - 2024-03-10 20:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio 2024-03-10 20:09 - 2024-03-10 20:09 - 000000000 ____D C:\Program Files\obs-studio 2024-03-09 10:23 - 2024-03-09 10:23 - 000000000 ____D C:\Users\miete\AppData\Local\CD Projekt Red 2024-03-09 00:23 - 2024-03-16 17:50 - 000000000 ____D C:\Users\miete\AppData\Roaming\Vortex 2024-03-09 00:23 - 2024-03-11 20:15 - 000000000 ____D C:\Users\miete\AppData\Local\vortex-updater 2024-03-09 00:23 - 2024-03-09 00:23 - 000000000 ____D C:\Program Files\dotnet 2024-03-09 00:22 - 2024-03-09 00:22 - 000000000 ____D C:\Program Files\Black Tree Gaming Ltd 2024-03-08 16:59 - 2024-03-08 16:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi 2024-03-08 16:59 - 2024-03-08 16:59 - 000000000 ____D C:\Program Files\LGHUB ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2024-04-06 20:11 - 2024-02-10 01:09 - 000000000 ____D C:\Program Files (x86)\Steam 2024-04-06 20:05 - 2024-02-10 01:13 - 000000000 ____D C:\Users\miete\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2024-04-06 20:00 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemTemp 2024-04-06 19:54 - 2024-02-13 19:37 - 001797580 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2024-04-06 19:54 - 2022-05-07 07:22 - 000000000 ____D C:\WINDOWS\INF 2024-04-06 19:50 - 2024-02-10 15:52 - 000000000 ____D C:\Users\miete\AppData\Local\LGHUB 2024-04-06 19:50 - 2024-02-10 01:06 - 000000000 ____D C:\Users\miete\AppData\Roaming\discord 2024-04-06 19:50 - 2024-02-10 00:31 - 000000000 ____D C:\ProgramData\NVIDIA 2024-04-06 19:49 - 2024-02-13 19:34 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2024-04-06 19:49 - 2024-02-10 00:31 - 000012288 ___SH C:\DumpStack.log.tmp 2024-04-06 19:49 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-04-06 19:21 - 2024-02-13 19:28 - 000000000 ____D C:\Users\miete 2024-04-06 19:21 - 2024-02-10 13:42 - 000000000 ____D C:\WINDOWS\RTUWPSrvcMain 2024-04-06 19:21 - 2022-05-07 07:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2024-04-06 17:38 - 2024-02-10 01:10 - 000000000 ____D C:\Users\miete\AppData\Roaming\.minecraft 2024-04-06 17:00 - 2024-02-10 14:04 - 000000000 ____D C:\ProgramData\EA Desktop 2024-04-06 16:15 - 2024-02-13 19:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2024-04-06 13:52 - 2024-02-18 11:40 - 000000000 ____D C:\Users\miete\AppData\Local\log 2024-04-06 13:25 - 2024-02-10 00:44 - 000000000 ____D C:\WINDOWS\system32\MRT 2024-04-06 12:43 - 2024-02-10 01:09 - 000000000 ____D C:\ProgramData\Package Cache 2024-04-06 12:41 - 2024-02-23 19:37 - 000000000 ____D C:\Users\miete\AppData\Local\UnrealEngine 2024-04-06 11:51 - 2024-02-10 00:42 - 000000000 ____D C:\Users\miete\AppData\Local\D3DSCache 2024-04-06 09:52 - 2024-02-10 01:02 - 000000000 ____D C:\Users\miete\AppData\Local\CrashDumps 2024-04-05 23:38 - 2024-02-11 12:58 - 000001898 _____ C:\Users\miete\Desktop\Crystal Launcher.lnk 2024-04-05 18:01 - 2024-02-10 14:50 - 000000000 ____D C:\Users\miete\AppData\Local\Overwolf 2024-04-04 23:02 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\NDF 2024-04-04 16:20 - 2024-02-10 13:10 - 000000000 ____D C:\Users\miete\AppData\Local\NVIDIA 2024-04-04 16:19 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\AppReadiness 2024-04-04 16:01 - 2024-02-13 19:34 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2024-04-04 16:01 - 2024-02-13 19:34 - 000003442 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2024-04-03 20:15 - 2024-02-10 01:10 - 000000000 ____D C:\Users\miete\AppData\Roaming\Feather Launcher 2024-04-03 16:12 - 2024-02-10 00:55 - 000000000 ____D C:\Program Files (x86)\Google 2024-04-03 16:09 - 2024-02-13 19:34 - 000004212 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1707519803 2024-04-03 16:09 - 2024-02-10 01:03 - 000001434 _____ C:\Users\miete\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrzeglÄ…darka Opera GX.lnk 2024-04-03 15:47 - 2024-01-24 19:15 - 006948672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2024-04-02 14:56 - 2024-02-10 01:10 - 000000000 ____D C:\Users\miete\AppData\Roaming\.feather 2024-04-02 14:04 - 2024-02-18 11:37 - 000000000 ____D C:\Users\miete\AppData\Roaming\Medal 2024-04-02 13:27 - 2024-02-18 11:39 - 000000000 ____D C:\Users\miete\Documents\Medal 2024-04-02 13:27 - 2024-02-18 11:39 - 000000000 ____D C:\Medal 2024-04-02 13:27 - 2024-02-18 11:38 - 000001271 _____ C:\Users\miete\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Medal.lnk 2024-04-02 13:27 - 2024-02-18 11:37 - 000001263 _____ C:\Users\miete\Desktop\Medal.lnk 2024-04-01 10:54 - 2024-02-10 16:31 - 000000000 ____D C:\Program Files (x86)\Overwolf 2024-04-01 09:09 - 2022-05-07 07:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2024-03-31 19:04 - 2024-02-10 01:06 - 000000000 ____D C:\Users\miete\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc 2024-03-31 19:04 - 2024-02-10 01:06 - 000000000 ____D C:\Users\miete\AppData\Local\SquirrelTemp 2024-03-30 21:23 - 2024-02-29 21:24 - 000000000 ____D C:\Program Files\Common Files\AV 2024-03-30 21:22 - 2024-02-29 21:23 - 000000000 ____D C:\ProgramData\Kaspersky Lab 2024-03-30 21:22 - 2024-02-29 21:23 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab 2024-03-30 21:22 - 2024-02-29 21:09 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files 2024-03-30 21:22 - 2022-05-07 07:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2024-03-30 21:19 - 2024-02-13 19:34 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3294184972-935576208-774461254-1001 2024-03-30 21:19 - 2024-02-13 19:34 - 000003360 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3294184972-935576208-774461254-1001 2024-03-30 21:19 - 2024-02-10 00:40 - 000002423 _____ C:\Users\miete\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2024-03-30 09:21 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps 2024-03-29 23:52 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\AppLocker 2024-03-29 19:38 - 2024-02-13 19:33 - 000296160 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2024-03-29 19:37 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2024-03-29 19:37 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2024-03-29 19:37 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemResources 2024-03-29 19:37 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2024-03-29 19:37 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2024-03-29 19:37 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm 2024-03-29 19:37 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\oobe 2024-03-29 19:37 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient 2024-03-29 19:37 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\DDFs 2024-03-29 19:37 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellComponents 2024-03-29 19:37 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\Provisioning 2024-03-29 19:37 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\bcastdvr 2024-03-29 12:52 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\CbsTemp 2024-03-29 12:49 - 2024-02-13 19:35 - 003213824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2024-03-29 11:50 - 2024-02-18 11:40 - 000000000 ____D C:\Users\miete\AppData\Local\Ferox_Games_B.V 2024-03-29 11:50 - 2024-02-18 11:37 - 000000000 ____D C:\Users\miete\AppData\Local\Medal 2024-03-29 05:42 - 2024-02-10 00:39 - 000000000 ____D C:\Users\miete\AppData\Local\Packages 2024-03-29 00:06 - 2024-02-10 15:52 - 000000000 ____D C:\Users\miete\AppData\Roaming\G HUB 2024-03-28 09:18 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth 2024-03-22 21:05 - 2024-02-10 01:11 - 000000000 ____D C:\Users\miete\AppData\Local\Steam 2024-03-21 20:12 - 2024-02-10 00:34 - 000000000 ____D C:\ProgramData\Packages 2024-03-19 16:56 - 2024-02-14 18:50 - 000000000 ____D C:\Users\miete\AppData\Roaming\gdlauncher 2024-03-18 22:56 - 2024-02-14 18:03 - 000000000 ____D C:\XboxGames 2024-03-17 19:26 - 2024-02-13 16:09 - 000000000 ____D C:\Users\miete\AppData\Local\ElevatedDiagnostics 2024-03-15 19:55 - 2024-02-10 01:09 - 000000000 ____D C:\Program Files\Feather Launcher 2024-03-15 18:54 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\USOPrivate 2024-03-15 18:39 - 2023-12-04 08:27 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView 2024-03-15 18:39 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2024-03-15 18:39 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\servicing 2024-03-15 17:28 - 2024-02-10 00:43 - 190470136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2024-03-15 16:42 - 2024-02-16 16:44 - 000263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_4.dll 2024-03-15 16:42 - 2024-02-14 18:03 - 002709096 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll 2024-03-15 16:42 - 2024-02-14 18:03 - 000706152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll 2024-03-15 16:42 - 2024-02-14 18:03 - 000218728 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll 2024-03-15 16:42 - 2024-02-14 18:03 - 000206440 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll 2024-03-15 16:42 - 2024-02-14 18:03 - 000145000 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll 2024-03-15 16:42 - 2024-02-14 18:03 - 000108136 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe 2024-03-15 16:42 - 2024-02-14 18:03 - 000075368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe 2024-03-14 21:50 - 2024-02-22 20:39 - 000000000 ____D C:\Users\miete\AppData\Roaming\CodeBlocks 2024-03-13 17:10 - 2024-02-10 00:31 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2024-03-09 10:22 - 2024-02-10 00:31 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2024-03-09 09:24 - 2024-02-10 14:05 - 000000000 ____D C:\Users\miete\AppData\Local\cache 2024-03-09 00:19 - 2024-02-10 15:52 - 000000000 ____D C:\Users\miete\AppData\Roaming\lghub 2024-03-08 16:59 - 2024-02-10 15:52 - 000000000 ____D C:\Program Files\LGHUB.b82a89ab-6558-485a-9142-95adab93dd5e ==================== Files in the root of some directories ======== 2024-02-11 12:58 - 2024-02-11 12:58 - 000000047 _____ () C:\Users\miete\AppData\Roaming\.crystalinst 2024-02-10 13:37 - 2024-02-10 13:37 - 000007621 _____ () C:\Users\miete\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================