Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-03-2021
Ran by Vendy (administrator) on DESKTOP-NGBC4UD (Gigabyte Technology Co., Ltd. X470 AORUS ULTRA GAMING) (28-03-2021 18:28:11)
Running from C:\Users\Vendy\Downloads
Loaded Profiles: Vendy
Platform: Windows 10 Pro Version 2004 19041.867 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\BrownyInd\Brother\BrIndicator.exe
(Electronic Arts, Inc. -> ) C:\Program Files (x86)\Origin\QtWebEngineProcess.exe <2>
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginClientService.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <63>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2102.8653.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(OpenVPN Technologies, Inc. -> ) C:\Program Files\OpenVPN\bin\openvpn-gui.exe
(OpenVPN Technologies, Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe <5>
(Spotify AB -> Spotify Ltd) C:\Users\Vendy\AppData\Roaming\Spotify\Spotify.exe <5>
(TEFINCOM S.A. -> TEFINCOM S.A.) C:\Program Files\NordVPN\NordVPN.exe
(TEFINCOM S.A. -> TEFINCOM S.A.) C:\Program Files\NordVPN\nordvpn-service.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4509184 2012-12-27] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsInd00] => C:\Program Files (x86)\BrownyInd\Brother\BrIndicator.exe [1885184 2012-12-18] (Brother Industries, Ltd.) [File not signed]
HKU\S-1-5-21-2587213121-589619277-2796699291-1001\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [672384 2018-04-26] (OpenVPN Technologies, Inc. -> )
HKU\S-1-5-21-2587213121-589619277-2796699291-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4087528 2021-03-23] (Valve -> Valve Corporation)
HKU\S-1-5-21-2587213121-589619277-2796699291-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3144760 2021-03-25] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-2587213121-589619277-2796699291-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [109945728 2021-02-12] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2587213121-589619277-2796699291-1001\...\Run: [NordVPN] => C:\Program Files\NordVPN\NordVPN.exe [274176 2020-10-16] (TEFINCOM S.A. -> TEFINCOM S.A.)
HKU\S-1-5-21-2587213121-589619277-2796699291-1001\...\Run: [Spotify] => C:\Users\Vendy\AppData\Roaming\Spotify\Spotify.exe [23929928 2021-03-27] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2587213121-589619277-2796699291-1001\...\Run: [GoogleChromeAutoLaunch_A3454211C5015F06745CE3B4748BF488] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-2587213121-589619277-2796699291-1001\...\MountPoints2: {43264571-88a9-11ea-953d-e0d55ea10e12} - "J:\Setup.exe" 
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.90\Installer\chrmstp.exe [2021-03-18] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1557BAC0-2DB6-40EA-8EFA-CF8C387CD125} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-04] (Google Inc -> Google Inc.)
Task: {1687E5FC-A391-4797-84CC-2CA62F913C9D} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [757184 2018-05-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2C18FFBF-8DB1-40D0-81C4-9A21A4D93ACD} - System32\Tasks\ProtonVPN Update => C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [61760 2020-10-23] (ProtonVPN AG -> )
Task: {328E599F-018D-487D-8371-DC68011B7A9A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {33E25E19-026E-4E24-B9FF-1CC18139A5DE} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-05-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4560D322-9B0E-419F-9C91-506001E55943} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2069952 2018-05-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5FD7A655-4332-4815-9661-574A50E2046D} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-05-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6A6966C0-9123-4F73-815A-AD79B9BD314A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [976832 2018-05-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {90D4E7CF-750D-4219-8097-68B6A817BD17} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-05-07] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {B1288D88-A223-4912-94BF-9BC9CB6C2CA5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B5C21CF0-E7F8-4A20-BC84-F5020D42E037} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-04] (Google Inc -> Google Inc.)
Task: {D5A065F7-523E-47C1-B8CC-6FF9FE0CC45A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D7B7409E-1D3F-4636-B206-6ECF81181859} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [510912 2018-05-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F2901796-9737-45DA-A6AB-E4FEB29850AE} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952 2018-05-07] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files (x86)\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {FDCC5C7B-7554-4B8A-90BD-A8094FCB2425} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1d09c4b1-0833-4b80-9544-560e1373fedd}: [DhcpNameServer] 192.168.1.1

Edge: 
=======
DownloadDir: C:\Users\Vendy\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\Vendy\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-21]
Edge DownloadDir: C:\Users\Vendy\Downloads

FireFox:
========
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-02-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-02-07] (Oracle America, Inc. -> Oracle Corporation)

Chrome: 
=======
CHR Profile: C:\Users\Vendy\AppData\Local\Google\Chrome\User Data\Default [2021-03-28]
CHR Notifications: Default -> hxxps://lidl.rewardgateway.co.uk; hxxps://meet.google.com; hxxps://track.dpdlocal.co.uk; hxxps://www.instagram.com
CHR HomePage: Default -> hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
CHR StartupUrls: Default -> "hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\Vendy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-04]
CHR Extension: (Dokumenty) - C:\Users\Vendy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-04]
CHR Extension: (Disk Google) - C:\Users\Vendy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-25]
CHR Extension: (YouTube) - C:\Users\Vendy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-06-04]
CHR Extension: (Honey) - C:\Users\Vendy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2021-03-22]
CHR Extension: (Tabulky) - C:\Users\Vendy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-06-04]
CHR Extension: (Dokumenty Google offline) - C:\Users\Vendy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-18]
CHR Extension: (Hangouts Google) - C:\Users\Vendy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2020-08-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Vendy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Netflix Party is now Teleparty) - C:\Users\Vendy\AppData\Local\Google\Chrome\User Data\Default\Extensions\oocalimimngaihdkbihfgmpkcpnmlaoa [2021-03-09]
CHR Extension: (Gmail) - C:\Users\Vendy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\Vendy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-03]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [File not signed]
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2020-10-07] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2018-04-10] (FUTUREMARK INC -> Futuremark)
R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [275200 2020-10-16] (TEFINCOM S.A. -> TEFINCOM S.A.)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [24192 2018-03-06] (OpenVPN Technologies, Inc. -> )
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [75392 2018-04-26] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [75392 2018-04-26] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2535000 2021-03-25] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3479640 2021-03-25] (Electronic Arts, Inc. -> Electronic Arts)
S3 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [99136 2020-10-23] (ProtonVPN AG -> )
S3 ProtonVPN Update Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [61760 2020-10-23] (ProtonVPN AG -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5352528 2021-03-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe [2483616 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe [128376 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R2 NDivert; C:\WINDOWS\System32\drivers\NDivert.sys [105184 2021-02-01] (TEFINCOM S.A. -> )
R3 nlwt; C:\WINDOWS\system32\DRIVERS\nlwt.sys [39360 2020-11-07] (TEFINCOM S.A. -> WireGuard LLC)
R1 nordlwf; C:\WINDOWS\system32\DRIVERS\nordlwf.sys [38608 2020-10-14] (TEFINCOM S.A. -> TEFINCOM S.A.)
S3 ProtonVPNSplitTunnel; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win10\ProtonVPN.SplitTunnelDriver.sys [31584 2020-08-19] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
R3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49008 2020-08-19] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-03-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [420072 2021-03-16] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-16] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-28 18:28 - 2021-03-28 18:28 - 000018004 _____ C:\Users\Vendy\Downloads\FRST.txt
2021-03-28 18:28 - 2021-03-28 18:28 - 000000000 ____D C:\FRST
2021-03-28 18:04 - 2021-03-28 18:04 - 002298368 _____ (Farbar) C:\Users\Vendy\Downloads\FRST64.exe
2021-03-27 20:05 - 2021-03-27 20:05 - 001364996 _____ C:\WINDOWS\Minidump\032721-7953-01.dmp
2021-03-20 12:26 - 2021-03-20 12:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2021-03-18 12:31 - 2021-03-18 12:31 - 002891420 _____ C:\WINDOWS\Minidump\031821-9546-01.dmp
2021-03-11 19:44 - 2021-03-27 20:05 - 952731258 _____ C:\WINDOWS\MEMORY.DMP
2021-03-11 19:44 - 2021-03-11 19:44 - 001318940 _____ C:\WINDOWS\Minidump\031121-8156-01.dmp
2021-03-10 23:29 - 2021-03-10 23:29 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-10 23:29 - 2021-03-10 23:29 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-10 23:29 - 2021-03-10 23:29 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-03-10 23:29 - 2021-03-10 23:29 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-10 23:29 - 2021-03-10 23:29 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-10 23:29 - 2021-03-10 23:29 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-10 23:29 - 2021-03-10 23:29 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-03-10 23:29 - 2021-03-10 23:29 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-03-10 23:29 - 2021-03-10 23:29 - 000480256 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-03-10 23:29 - 2021-03-10 23:29 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-03-10 23:29 - 2021-03-10 23:29 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-03-10 23:29 - 2021-03-10 23:29 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-28 18:03 - 2021-01-05 12:49 - 000000000 ____D C:\Users\Vendy\AppData\Roaming\Spotify
2021-03-28 18:03 - 2019-01-01 16:10 - 000000000 ____D C:\Users\Vendy\AppData\Roaming\Origin
2021-03-28 18:03 - 2019-01-01 16:10 - 000000000 ____D C:\Program Files (x86)\Origin Games
2021-03-28 18:03 - 2019-01-01 16:07 - 000000000 ____D C:\ProgramData\Origin
2021-03-28 18:03 - 2018-07-23 12:06 - 000000000 ____D C:\Program Files (x86)\Steam
2021-03-28 18:02 - 2019-01-01 16:10 - 000000000 ____D C:\Users\Vendy\AppData\Local\Origin
2021-03-28 18:02 - 2018-05-23 13:01 - 000000000 ____D C:\ProgramData\NVIDIA
2021-03-28 16:38 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-28 01:10 - 2020-09-07 02:06 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-28 01:10 - 2020-09-07 01:15 - 000000000 ____D C:\Users\Vendy
2021-03-27 20:12 - 2020-09-07 18:47 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-03-27 20:12 - 2019-12-07 15:43 - 000716770 _____ C:\WINDOWS\system32\perfh005.dat
2021-03-27 20:12 - 2019-12-07 15:43 - 000144948 _____ C:\WINDOWS\system32\perfc005.dat
2021-03-27 20:12 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-03-27 20:05 - 2020-10-17 15:34 - 000000000 ____D C:\WINDOWS\Minidump
2021-03-27 20:05 - 2020-09-07 02:11 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-27 20:05 - 2020-09-07 02:06 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-27 11:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-27 11:07 - 2021-01-05 12:50 - 000000000 ____D C:\Users\Vendy\AppData\Local\Spotify
2021-03-25 23:54 - 2020-06-20 12:25 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-03-25 23:54 - 2020-06-20 12:25 - 000002257 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-03-25 23:54 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-25 13:55 - 2019-01-01 16:07 - 000000000 ____D C:\Program Files (x86)\Origin
2021-03-22 21:26 - 2018-07-30 16:46 - 000000000 ____D C:\Users\Vendy\AppData\Roaming\vlc
2021-03-18 11:26 - 2018-06-04 16:52 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-03-18 11:26 - 2018-06-04 16:52 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-03-16 17:06 - 2018-05-23 19:56 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-03-15 17:01 - 2020-09-07 02:11 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2587213121-589619277-2796699291-1001
2021-03-15 17:01 - 2020-09-07 01:15 - 000002361 _____ C:\Users\Vendy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-03-15 17:01 - 2018-05-23 13:03 - 000000000 ___RD C:\Users\Vendy\OneDrive
2021-03-11 01:29 - 2020-09-07 02:06 - 000351504 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-11 01:28 - 2019-12-07 15:47 - 000000000 ___SD C:\WINDOWS\system32\AppV
2021-03-11 01:28 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-03-11 01:28 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-11 01:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-11 01:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-11 01:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-11 01:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-11 01:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-11 01:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-11 01:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-11 01:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-11 01:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-11 01:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-11 01:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-11 01:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-11 01:28 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-03-10 23:31 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-10 23:23 - 2018-06-04 09:44 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-03-10 23:22 - 2018-06-04 09:44 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-03-04 21:48 - 2020-09-07 02:11 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-04 21:48 - 2020-09-07 02:11 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

==================== Files in the root of some directories ========

2019-07-28 16:19 - 2019-07-28 16:21 - 002691584 _____ () C:\Users\Vendy\hashWalker.exe
2018-06-04 09:48 - 2018-06-04 09:52 - 001065984 _____ () C:\Users\Vendy\AppData\Local\file__0.localstorage

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================