Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-04-2023
Ran by Vladislav (administrator) on DESKTOP-KINRMEC (Gigabyte Technology Co., Ltd. Z370M D3H) (24-04-2023 19:47:06)
Running from C:\Users\Vladislav\Downloads\FRST64.exe
Loaded Profiles: Vladislav
Platform: Microsoft Windows 10 Home Version 21H2 19044.2846 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Autodesk, Inc. -> Autodesk) C:\Program Files\Autodesk\Genuine Service\x64\GenuineService.exe
(Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.8209\Agent.exe
(C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe ->) (Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe <2>
(C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe
(C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe ->) (Electronic Arts, Inc. -> The Qt Company Ltd.) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtWebEngineProcess.exe <2>
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe ->) (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.) C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyWow64.exe
(C:\ProgramData\Wargaming.net\GameCenter\wgc.exe ->) (Wargaming Group Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\dlls\wgc_renderer_host.exe <3>
(C:\ProgramData\Wargaming.net\GameCenter\wgc.exe ->) (Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\WargamingErrorMonitor.exe
(C:\Users\Vladislav\AppData\Local\Medal\app-4.1690.0\Medal.exe ->) (Ferox Games B.V. -> ) C:\Users\Vladislav\AppData\Local\Medal\app-4.1690.0\resources\app\Medal.exe
(C:\Users\Vladislav\AppData\Local\Medal\app-4.1690.0\resources\app\Medal.exe ->) (Ferox Games B.V. -> Ferox Games B.V.) C:\Users\Vladislav\AppData\Local\Medal\recorder-3.648.0\MedalEncoder.exe
(C:\Users\Vladislav\AppData\Local\Medal\recorder-3.648.0\MedalEncoder.exe ->) () [File not signed] C:\Users\Vladislav\AppData\Local\Medal\recorder-3.648.0\DLLs\crashpad_handler.exe
(Discord Inc. -> Discord Inc.) C:\Users\Vladislav\AppData\Local\Discord\app-1.0.9012\Discord.exe <6>
(E:\Epic Games Launcher\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) E:\Epic Games Launcher\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe
(explorer.exe ->) (Blizzard Entertainment, Inc. -> Blizzard Entertainment) H:\DiabloII\Battle.net\Battle.net.exe <3>
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) E:\Epic Games Launcher\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <22>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(explorer.exe ->) (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.) C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(explorer.exe ->) (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe <6>
(explorer.exe ->) (Valve Corp. -> Valve Corporation) H:\Civ6\steam.exe
(explorer.exe ->) (Wargaming Group Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe
(Ferox Games B.V. -> Medal B.V.) C:\Users\Vladislav\AppData\Local\Medal\app-4.1690.0\Medal.exe <7>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.202\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.202\GoogleCrashHandler64.exe
(H:\Civ6\steam.exe ->) (Valve Corp. -> Valve Corporation) H:\Civ6\bin\cef\cef.win7x64\steamwebhelper.exe <6>
(H:\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.221.109.14\OverwolfHelper.exe
(H:\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.221.109.14\OverwolfHelper64.exe
(H:\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Users\Vladislav\AppData\Local\Overwolf\ProcessCache\0.221.109.14\cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj\curseforge.exe
(H:\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) H:\Overwolf\0.221.109.14\OverwolfBrowser.exe <4>
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Overwolf Ltd -> Overwolf LTD) H:\Overwolf\Overwolf.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\12.1.0.7121\AdskLicensingService\AdskLicensingService.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessServiceHost.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel(R) INTELND1617S2 -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.) C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe
(services.exe ->) (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.) C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_ee20464bb4ac57f4\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(services.exe ->) (Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) H:\Teamviewer\TeamViewer_Service.exe
(services.exe ->) (Tencent Technology(Shenzhen) Company Limited -> Tencent) H:\program files\txgameassistant\appmarket\QMEmulatorService.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23022.140.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321096 2017-08-25] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [194704 2023-01-16] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3088752 2023-03-10] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM-x32\...\Run: [OV3_Monitor] => C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\FirstStart.exe [40400 2018-06-18] (OLYMPUS CORPORATION -> Olympus Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5109624 2023-01-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [590464 2022-04-22] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [Autodesk Genuine Service ] => C:\Program Files\Autodesk\Genuine Service\x64\GenuineService.exe [3741704 2022-09-27] (Autodesk, Inc. -> Autodesk)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3138497243-3098166965-4183931286-1001\...\Run: [EpicGamesLauncher] => E:\Epic Games Launcher\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37103568 2023-04-19] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3138497243-3098166965-4183931286-1001\...\Run: [OV3_Monitor] => C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\OV3Monitor.exe [415696 2018-06-18] (OLYMPUS CORPORATION -> Olympus Corporation)
HKU\S-1-5-21-3138497243-3098166965-4183931286-1001\...\Run: [Steam] => H:\Civ6\steam.exe [4362600 2023-03-24] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3138497243-3098166965-4183931286-1001\...\Run: [Medal] => C:\Users\Vladislav\AppData\Local\Medal\update.exe [1974192 2022-07-09] (Ferox Games B.V. -> )
HKU\S-1-5-21-3138497243-3098166965-4183931286-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [123262352 2023-04-18] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-3138497243-3098166965-4183931286-1001\...\Run: [Spotify] => C:\Users\Vladislav\AppData\Roaming\Spotify\Spotify.exe [20475256 2023-04-13] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3138497243-3098166965-4183931286-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2181912 2023-04-20] (Wargaming Group Limited -> Wargaming.net)
HKU\S-1-5-21-3138497243-3098166965-4183931286-1001\...\Run: [Battle.net] => H:\DiabloII\Battle.net\Battle.net.exe [1090168 2023-03-29] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-3138497243-3098166965-4183931286-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Vladislav\AppData\Local\Microsoft\Teams\Update.exe [2587368 2023-04-09] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3138497243-3098166965-4183931286-1001\...\Run: [Overwolf] => H:\Overwolf\OverwolfLauncher.exe [1785864 2023-04-23] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-3138497243-3098166965-4183931286-1001\...\Run: [MicrosoftEdgeAutoLaunch_C48501CF59DA509B45C964DA62F87702] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4139968 2023-04-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3138497243-3098166965-4183931286-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [2582632 2023-04-20] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-3138497243-3098166965-4183931286-1001\...\Run: [SpyEmergency] => C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe [3292872 2019-11-16] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
HKU\S-1-5-21-3138497243-3098166965-4183931286-1001\...\Run: [Discord] => C:\Users\Vladislav\AppData\Local\Discord\Update.exe [1525016 2023-03-22] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3138497243-3098166965-4183931286-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Vladislav\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3138497243-3098166965-4183931286-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Vladislav\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3138497243-3098166965-4183931286-1001\...\RunOnce: [Uninstall 23.071.0402.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Vladislav\AppData\Local\Microsoft\OneDrive\23.071.0402.0001" (No File)
HKU\S-1-5-21-3138497243-3098166965-4183931286-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3138497243-3098166965-4183931286-1001\...\Policies\Explorer: [] 
HKU\S-1-5-21-3138497243-3098166965-4183931286-1001\...\MountPoints2: {647ad6d2-44f5-11eb-a17f-e0d55e821f00} - "I:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3138497243-3098166965-4183931286-1001\...\MountPoints2: {647ad752-44f5-11eb-a17f-e0d55e821f00} - "I:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3138497243-3098166965-4183931286-1001\...\MountPoints2: {8ec56ae5-7bcc-11e8-a10d-806e6f6e6963} - "G:\AlterEgo+1.exe" 
HKLM\Software\Microsoft\Active Setup\Installed Components: [{28B89EEF-6107-0000-7102-CF3F3A09B77D}] -> msiexec /fus {28B89EEF-6107-0000-7102-CF3F3A09B77D}
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\112.0.5615.138\Installer\chrmstp.exe [2023-04-21] (Google LLC -> Google LLC)
Startup: C:\Users\Vladislav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Updater.exe [2023-04-18] (GitHub, Inc.) [File not signed]
BootExecute: autocheck autochk * sdnclean64.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {077C2510-9578-4743-85A8-52DA1B54C0C1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [857024 2018-06-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {15A7B629-28E3-4E34-9FEB-65BC003ACD51} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [5659512 2023-02-14] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {16174A2F-2409-47E3-B8D3-92F7BCCE73F8} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [654784 2018-06-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1BDDCB0B-5024-452A-8D5E-86A30AA2E4E3} - System32\Tasks\Mozilla\Firefox Default Browser Agent BD98F1778D21A581 => E:\Program Files\Mozilla Firefox\default-browser-agent.exe [668064 2023-04-18] (Mozilla Corporation -> Mozilla Foundation)
Task: {25B1E43F-AA4D-4BEA-A6DC-7ACAF518ABED} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [857024 2018-06-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {30F06FF2-690E-4166-BD71-7A0BA5BCC8DB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-22] (Google Inc -> Google LLC)
Task: {47FF0070-8270-44AF-82CF-331E192E8E53} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [5839224 2023-02-14] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {581E7705-13E0-47E5-8245-0BE29CA27563} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {6B65136B-6FBF-4FD0-A0F1-6CC4EA1A0612} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [73184 2022-11-16] (Microsoft Corporation -> Microsoft)
Task: {6C1B76EE-2252-4EF4-9E8E-B3E4E462FFCE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-22] (Google Inc -> Google LLC)
Task: {75868840-059C-4E10-8B29-3BEEA5050C19} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [934848 2018-06-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8EE49059-5078-4A11-88C3-F0F5A6215D27} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [934848 2018-06-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9C48426C-DEAB-4482-87F1-E64674E82663} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2638856 2023-04-23] (Overwolf Ltd -> Overwolf LTD)
Task: {B15C8D1F-1732-4B68-8894-EC318A15C6A3} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [668464 2017-02-24] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {D1535C1E-EA65-4592-A19E-1E7B15218777} - System32\Tasks\WiseCleaner\WRCSkipUAC => C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe [11194104 2022-12-09] (Lespeed Technology Co., Ltd -> WiseCleaner.com)
Task: {D75C2DDE-F354-4079-8203-3C00F3574A5B} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [934848 2018-06-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DD109FC4-9DAC-4E1E-A070-0EDE04E4A88C} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [754472 2021-04-05] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {E994616C-6A13-451F-8271-64D0318521CF} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [934848 2018-06-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F7BF228E-E53F-493E-8A14-1581C79FCA13} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [5339512 2023-02-14] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {F910ABAA-D5B0-45A8-81D1-160590A3441C} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-3138497243-3098166965-4183931286-1001 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\WINDOWS\System32\wpninprc.dll [24064 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {F93CEBB4-DBC2-418A-9CE4-326BD3DBA3A6} - System32\Tasks\Mozilla\Firefox Background Update BD98F1778D21A581 => E:\Program Files\Mozilla Firefox\firefox.exe [603040 2023-04-18] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\BD98F1778D21A581\backgroundupdate.moz_log --backgroundtask backgroundupdate

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 0.0.0.0
Tcpip\..\Interfaces\{d968b9d2-deaa-40ce-ae0d-e6af1a4195bc}: [DhcpNameServer] 8.8.8.8 0.0.0.0

Edge: 
=======
DownloadDir: C:\Users\Vladislav\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Vladislav\AppData\Local\Microsoft\Edge\User Data\Default [2023-04-24]
Edge DownloadDir: Default -> C:\Users\Vladislav\Downloads
Edge Extension: (Edge relevant text changes) - C:\Users\Vladislav\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-04-24]

FireFox:
========
FF DefaultProfile: tgrmx320.default-1568688424689
FF ProfilePath: C:\Users\Vladislav\AppData\Roaming\Mozilla\Firefox\Profiles\tgrmx320.default-1568688424689 [2023-04-24]
FF Plugin-x32: Adobe Reader -> F:\Adobe\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
StartMenuInternet: Firefox-BD98F1778D21A581 - E:\Program Files\Mozilla Firefox\firefox.exe

Chrome: 
=======
CHR DefaultProfile: Profile 5
CHR Profile: C:\Users\Vladislav\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-04-18]
CHR Profile: C:\Users\Vladislav\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-04-18]
CHR Notifications: Profile 1 -> hxxps://mail.google.com; hxxps://www.facebook.com
CHR Extension: (Dokumenty Google offline) - C:\Users\Vladislav\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Vladislav\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Profile: C:\Users\Vladislav\AppData\Local\Google\Chrome\User Data\Profile 2 [2023-04-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\Vladislav\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-09-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Vladislav\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-23]
CHR Profile: C:\Users\Vladislav\AppData\Local\Google\Chrome\User Data\Profile 3 [2023-04-18]
CHR Extension: (Dokumenty Google offline) - C:\Users\Vladislav\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-12-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Vladislav\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-12-03]
CHR Profile: C:\Users\Vladislav\AppData\Local\Google\Chrome\User Data\Profile 4 [2023-04-18]
CHR Extension: (Prezentace) - C:\Users\Vladislav\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-03-15]
CHR Extension: (Dokumenty) - C:\Users\Vladislav\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2022-03-15]
CHR Extension: (Disk Google) - C:\Users\Vladislav\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-03-15]
CHR Extension: (YouTube) - C:\Users\Vladislav\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-03-15]
CHR Extension: (Tabulky) - C:\Users\Vladislav\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-03-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\Vladislav\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-03-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Vladislav\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-15]
CHR Extension: (Gmail) - C:\Users\Vladislav\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-03-15]
CHR Profile: C:\Users\Vladislav\AppData\Local\Google\Chrome\User Data\Profile 5 [2023-04-24]
CHR Notifications: Profile 5 -> hxxps://www.facebook.com
CHR Extension: (Dokumenty Google offline) - C:\Users\Vladislav\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Vladislav\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-05-14]
CHR Profile: C:\Users\Vladislav\AppData\Local\Google\Chrome\User Data\Profile 7 [2023-04-18]
CHR Extension: (Dokumenty Google offline) - C:\Users\Vladislav\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-06-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Vladislav\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-06-01]
CHR Profile: C:\Users\Vladislav\AppData\Local\Google\Chrome\User Data\System Profile [2023-04-18]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1134720 2022-04-22] (Autodesk, Inc. -> Autodesk Inc.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [13915208 2022-03-24] (Autodesk, Inc. -> Autodesk)
R2 Autodesk Access Service Host; C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessServiceHost.exe [8895776 2023-03-08] (Autodesk, Inc. -> Autodesk, Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [15044872 2023-03-10] (BattlEye Innovations e.K. -> )
R3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [11069032 2023-04-20] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1135648 2023-03-29] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [584680 2022-05-16] (EasyAntiCheat Oy -> Epic Games, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3549872 2023-01-16] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3549872 2023-01-16] (ESET, spol. s r.o. -> ESET)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [439880 2021-01-05] (Epic Games Inc. -> Epic Games, Inc.)
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2638856 2023-04-23] (Overwolf Ltd -> Overwolf LTD)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2022-01-28] (Even Balance, Inc. -> )
R2 QMEmulatorService; H:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe [148840 2019-09-30] (Tencent Technology(Shenzhen) Company Limited -> Tencent)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2737016 2023-02-14] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4588408 2023-02-14] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SpyEmrgHealth; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe [378568 2019-11-16] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
R2 SpyEmrgSrv; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe [3315400 2019-11-16] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
R2 TeamViewer; H:\Teamviewer\TeamViewer_Service.exe [12871464 2021-04-29] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [11060856 2023-03-10] (Riot Games, Inc. -> Riot Games, Inc.)
S3 VSStandardCollectorService150; H:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [142304 2022-06-01] (Microsoft Corporation -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\NisSrv.exe [3285864 2020-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\MsMpEng.exe [103168 2020-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_ee20464bb4ac57f4\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_ee20464bb4ac57f4\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aow_drv; H:\Program Files\TxGameAssistant\UI\2.0.12832.123\aow_drv_x64_ev.sys [863616 2019-09-27] (Tencent Technology (Shenzhen) Company Limited -> Tencent)
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-10-05] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [198416 2023-01-16] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [119904 2023-01-16] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [16336 2022-08-23] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [237208 2023-01-16] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [55392 2023-01-16] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [81696 2023-01-16] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [122504 2023-01-16] (ESET, spol. s r.o. -> ESET)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 gdrv; C:\Windows\gdrv.sys [26192 2018-06-29] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 SpyEmrg; C:\WINDOWS\System32\Drivers\spyemrg.sys [17608 2019-11-16] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
S3 SpyEmrgAccess; C:\WINDOWS\System32\Drivers\spyemrg_access.sys [24776 2019-11-16] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
R3 SpyEmrgGuard; C:\WINDOWS\System32\Drivers\spyemrg_guard.sys [19656 2019-11-16] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
S3 tesrsdt; C:\WINDOWS\system32\drivers\tesrsdt.sys [442128 2019-10-16] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 TesSafe; C:\WINDOWS\system32\TesSafe.sys [555064 2019-11-30] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [22292248 2023-03-10] (Riot Games, Inc. -> Riot Games, Inc.)
S3 VOICEMOD_Driver; C:\WINDOWS\system32\drivers\vmdrv.sys [49976 2020-09-08] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-03-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [376544 2020-03-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2020-03-15] (Microsoft Windows -> Microsoft Corporation)
U1 aswbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-04-24 19:47 - 2023-04-24 19:47 - 000034446 _____ C:\Users\Vladislav\Downloads\FRST.txt
2023-04-24 19:46 - 2023-04-24 19:47 - 000000000 ____D C:\FRST
2023-04-24 19:44 - 2023-04-24 19:45 - 002381824 _____ (Farbar) C:\Users\Vladislav\Downloads\FRST64.exe
2023-04-22 19:48 - 2023-04-24 19:19 - 000000000 ____D C:\Users\Vladislav\AppData\Local\Discord
2023-04-22 19:47 - 2023-04-22 19:48 - 096280344 _____ (Discord Inc.) C:\Users\Vladislav\Downloads\DiscordSetup.exe
2023-04-22 16:31 - 2023-04-23 06:15 - 000000000 ____D C:\Users\Vladislav\AppData\Roaming\Spy Emergency
2023-04-22 16:31 - 2023-04-22 16:31 - 000001034 _____ C:\Users\Public\Desktop\Spy Emergency.lnk
2023-04-22 16:31 - 2023-04-22 16:31 - 000000000 ____D C:\ProgramData\NETGATE
2023-04-22 16:31 - 2023-04-22 16:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spy Emergency
2023-04-22 16:31 - 2023-04-22 16:31 - 000000000 ____D C:\Program Files\NETGATE
2023-04-22 16:31 - 2019-11-16 12:12 - 000024776 _____ (NETGATE Technologies s.r.o.) C:\WINDOWS\system32\Drivers\spyemrg_access.sys
2023-04-22 16:31 - 2019-11-16 12:12 - 000019656 _____ (NETGATE Technologies s.r.o.) C:\WINDOWS\system32\Drivers\spyemrg_guard.sys
2023-04-22 16:31 - 2019-11-16 12:12 - 000017608 _____ (NETGATE Technologies s.r.o.) C:\WINDOWS\system32\Drivers\spyemrg.sys
2023-04-22 16:29 - 2023-04-22 16:30 - 032639792 _____ (NETGATE Technologies s.r.o. ) C:\Users\Vladislav\Downloads\se-setup.exe
2023-04-22 16:29 - 2023-04-22 16:29 - 000000000 ____D C:\Program Files\7-Zip
2023-04-22 15:59 - 2023-04-22 15:59 - 000888600 _____ (Google LLC) C:\Users\Public\Documents\gcapi.dll
2023-04-22 15:58 - 2023-04-23 05:12 - 000000000 ____D C:\ProgramData\Avast Software
2023-04-22 15:58 - 2023-04-22 15:58 - 000263520 _____ (AVAST Software) C:\Users\Vladislav\Downloads\avast_free_antivirus_setup_online.exe
2023-04-22 13:09 - 2023-04-22 19:48 - 000000000 ____D C:\Users\Vladislav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2023-04-21 16:20 - 2023-04-21 16:20 - 068857249 _____ C:\Users\Vladislav\Downloads\Basemental-Drugs-7.17.161-PUBLIC.zip
2023-04-19 19:19 - 2023-04-19 19:19 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2023-04-19 07:20 - 2023-04-19 07:20 - 000016041 _____ C:\Users\Vladislav\Downloads\vyžužlal studio.txt
2023-04-18 11:14 - 2023-04-18 11:14 - 000000000 ____D C:\Users\Vladislav\AppData\Roaming\index
2023-04-15 05:06 - 2023-04-15 05:06 - 006163264 _____ (WiseCleaner.com ) C:\Users\Vladislav\Downloads\WRCFree_10.9.2.709.exe
2023-04-14 09:51 - 2023-04-14 09:51 - 001274712 _____ C:\Users\Vladislav\Downloads\Uloha_IV_-_betabariera (1).pdf
2023-04-14 09:50 - 2023-04-14 09:51 - 001274712 _____ C:\Users\Vladislav\Downloads\Uloha_IV_-_betabariera.pdf
2023-04-14 06:28 - 2023-04-14 06:28 - 000000000 ___HD C:\$WinREAgent
2023-04-13 12:14 - 2023-04-13 12:14 - 000009510 _____ C:\Users\Vladislav\Downloads\TeamComps.xlsx
2023-04-13 12:14 - 2023-04-13 12:14 - 000009510 _____ C:\Users\Vladislav\Downloads\TeamComps (1).xlsx
2023-04-07 22:36 - 2023-04-07 22:36 - 001175452 _____ C:\WINDOWS\Minidump\040723-60359-01.dmp
2023-04-07 22:36 - 2023-04-07 22:36 - 000000000 ____D C:\WINDOWS\Minidump
2023-03-27 22:21 - 2023-03-27 22:21 - 000000202 _____ C:\Users\Vladislav\Desktop\Apex Legends.url
2023-03-25 07:09 - 2023-03-25 07:09 - 000000000 ____D C:\Users\Vladislav\AppData\Local\Firaxis Games

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-04-24 19:44 - 2021-09-25 07:30 - 000000000 ____D C:\Users\Vladislav\AppData\Local\Battle.net
2023-04-24 19:41 - 2021-09-03 18:43 - 000000000 ____D C:\Users\Vladislav\AppData\Roaming\Spotify
2023-04-24 19:38 - 2021-02-03 11:03 - 000000000 ____D C:\Users\Vladislav\AppData\Roaming\Medal
2023-04-24 19:28 - 2019-04-22 09:38 - 000000000 ____D C:\Program Files (x86)\Google
2023-04-24 19:24 - 2022-05-11 12:41 - 000722428 _____ C:\WINDOWS\system32\perfh005.dat
2023-04-24 19:24 - 2022-05-11 12:41 - 000148922 _____ C:\WINDOWS\system32\perfc005.dat
2023-04-24 19:24 - 2020-08-09 18:38 - 001713084 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-04-24 19:24 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-04-24 19:23 - 2022-09-10 19:08 - 000000000 ____D C:\Medal
2023-04-24 19:22 - 2021-10-22 08:58 - 000000000 ____D C:\Users\Vladislav\AppData\Roaming\Microsoft\Teams
2023-04-24 19:20 - 2022-02-15 16:40 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2023-04-24 19:20 - 2021-09-03 18:44 - 000000000 ____D C:\Users\Vladislav\AppData\Local\Spotify
2023-04-24 19:19 - 2023-03-15 18:16 - 000001279 _____ C:\Users\Vladislav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Medal.lnk
2023-04-24 19:19 - 2022-12-11 18:06 - 000001873 _____ C:\Users\Vladislav\Desktop\TeamSpeak Overlay.lnk
2023-04-24 19:19 - 2022-06-24 14:26 - 000001873 _____ C:\Users\Vladislav\Desktop\CurseForge.lnk
2023-04-24 19:19 - 2022-06-24 14:24 - 000000000 ____D C:\Users\Vladislav\AppData\Local\Overwolf
2023-04-24 19:19 - 2021-12-11 16:02 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3138497243-3098166965-4183931286-1001
2023-04-24 19:19 - 2021-05-22 10:26 - 000000000 ____D C:\Users\Vladislav\AppData\Roaming\Microsoft\Skype for Desktop
2023-04-24 19:19 - 2021-03-30 11:07 - 000001271 _____ C:\Users\Vladislav\Desktop\Medal.lnk
2023-04-24 19:19 - 2021-02-03 11:04 - 000000000 ____D C:\Users\Vladislav\Documents\Medal
2023-04-24 19:19 - 2020-08-09 18:40 - 000003388 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3138497243-3098166965-4183931286-1001
2023-04-24 19:19 - 2020-08-09 18:34 - 000002393 _____ C:\Users\Vladislav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-04-24 19:19 - 2019-12-11 13:05 - 000000000 ____D C:\Users\Vladislav\AppData\Roaming\Discord
2023-04-24 19:18 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-04-24 19:17 - 2020-08-09 18:40 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-04-24 19:17 - 2018-06-29 20:32 - 000000000 ____D C:\ProgramData\NVIDIA
2023-04-24 07:46 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-04-24 06:20 - 2018-07-07 09:04 - 000000000 ____D C:\Users\Vladislav\AppData\Local\D3DSCache
2023-04-23 21:11 - 2022-06-26 05:12 - 000000000 ____D C:\Users\Vladislav\AppData\Local\CrashDumps
2023-04-23 20:58 - 2022-02-09 16:22 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-04-23 20:18 - 2020-08-09 18:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-04-23 18:00 - 2021-09-24 19:09 - 000000000 ____D C:\Users\Vladislav\AppData\Roaming\.minecraft
2023-04-23 09:54 - 2018-07-17 07:24 - 000001252 _____ C:\Users\Vladislav\Desktop\Roblox Studio.lnk
2023-04-23 09:54 - 2018-07-17 07:24 - 000000000 ____D C:\Users\Vladislav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2023-04-23 07:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-04-23 06:14 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-04-23 05:47 - 2020-06-03 14:51 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-04-23 05:47 - 2020-06-03 14:51 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-04-22 19:48 - 2019-12-11 13:05 - 000002253 _____ C:\Users\Vladislav\Desktop\Discord.lnk
2023-04-22 19:48 - 2019-12-11 13:05 - 000000000 ____D C:\Users\Vladislav\AppData\Local\SquirrelTemp
2023-04-22 16:29 - 2018-12-02 08:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2023-04-22 16:01 - 2021-05-20 14:31 - 000000000 ____D C:\Users\Vladislav\AppData\Local\log
2023-04-22 16:00 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-04-22 15:17 - 2022-11-21 20:47 - 000000992 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2022.lnk
2023-04-22 15:17 - 2022-08-24 08:35 - 000000016 _____ C:\ProgramData\mntemp
2023-04-22 15:17 - 2022-02-15 17:58 - 000000000 _____ C:\Users\Public\Documents\DevFabric.config
2023-04-22 15:17 - 2021-04-14 11:10 - 000002085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks Multi-Instance Manager.lnk
2023-04-22 15:17 - 2021-04-14 11:10 - 000001924 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks.lnk
2023-04-22 15:17 - 2019-04-22 09:38 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-04-22 15:17 - 2019-03-03 15:39 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2023-04-22 15:17 - 2018-06-29 20:42 - 000000000 _____ C:\ProgramData\DP45977C.lfl
2023-04-22 15:16 - 2022-02-14 20:33 - 000000000 ____D C:\ProgramData\Riot Games
2023-04-21 15:57 - 2021-05-22 10:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2023-04-21 08:02 - 2021-11-03 16:47 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2023-04-21 06:30 - 2019-04-22 09:38 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-04-21 05:59 - 2021-07-19 22:08 - 000000000 ____D C:\Users\Vladislav\AppData\Roaming\SCP Secret Laboratory
2023-04-20 22:07 - 2020-08-09 18:34 - 000000000 ____D C:\Users\Vladislav
2023-04-20 17:15 - 2020-04-05 07:37 - 000000961 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2019.lnk
2023-04-20 17:15 - 2018-07-07 20:20 - 000000951 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2023-04-19 06:55 - 2020-04-05 07:41 - 000000000 ____D C:\Users\Vladislav\AppData\Local\.IdentityService
2023-04-19 06:26 - 2018-07-07 04:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-04-15 05:42 - 2020-03-25 17:40 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2023-04-15 05:11 - 2020-03-25 17:40 - 000001464 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2023-04-15 05:11 - 2020-03-25 17:40 - 000001452 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2023-04-15 05:11 - 2020-03-25 17:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2023-04-15 05:11 - 2018-08-04 15:44 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2023-04-15 00:30 - 2018-06-29 20:32 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2023-04-14 21:05 - 2022-05-03 05:15 - 000640512 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-04-14 21:04 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-04-14 21:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-04-14 21:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-04-14 21:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-04-14 21:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-04-14 21:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-04-14 21:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-04-14 21:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-04-14 21:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-04-14 21:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-04-14 21:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-04-14 06:36 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-04-14 06:33 - 2020-08-09 18:35 - 003015680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-04-14 06:28 - 2018-06-30 20:02 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-04-14 06:25 - 2018-06-30 20:02 - 156112424 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-04-11 18:26 - 2018-06-29 21:09 - 000000000 ____D C:\Users\Vladislav\AppData\LocalLow\Mozilla
2023-04-11 16:23 - 2020-08-09 18:40 - 000003768 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-04-11 16:23 - 2020-08-09 18:40 - 000003644 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-04-10 19:07 - 2020-08-09 18:40 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-04-09 09:59 - 2021-10-22 08:58 - 000002388 _____ C:\Users\Vladislav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2023-04-09 09:59 - 2021-10-22 08:58 - 000002380 _____ C:\Users\Vladislav\Desktop\Microsoft Teams.lnk
2023-04-06 12:25 - 2021-03-30 11:07 - 000000000 ____D C:\Users\Vladislav\AppData\Local\Medal
2023-04-06 12:25 - 2021-02-03 11:04 - 000000000 ____D C:\Users\Vladislav\AppData\Local\Ferox_Games_B.V
2023-04-06 06:40 - 2020-08-09 18:40 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-04-06 06:40 - 2020-08-09 18:40 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-04-05 05:00 - 2022-11-23 21:16 - 000000000 ____D C:\ProgramData\EA Desktop
2023-03-29 06:05 - 2018-07-08 06:31 - 000000000 ____D C:\Users\Vladislav\AppData\Roaming\EasyAntiCheat
2023-03-27 22:21 - 2018-10-07 11:24 - 000000000 ____D C:\Users\Vladislav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2023-03-25 07:07 - 2021-09-09 16:26 - 000000000 ____D C:\Users\Vladislav\AppData\Roaming\T2GP Launcher
2023-03-25 07:07 - 2021-09-09 16:26 - 000000000 ____D C:\Users\Vladislav\AppData\Local\T2GP Launcher

==================== Files in the root of some directories ========

2021-01-19 19:22 - 2021-01-19 19:22 - 000004608 _____ () C:\Users\Vladislav\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-09-10 04:33 - 2018-09-10 04:33 - 000000097 _____ () C:\Users\Vladislav\AppData\Local\fusioncache.dat
2019-12-04 19:45 - 2019-12-04 19:45 - 000000017 _____ () C:\Users\Vladislav\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================