Kontrola
Napsal: 16 bře 2021 17:31
Dobrý den, poslední týden mi dělá PC čurbes, možná sem něco špatného stáhl, v deffenderu mi skákaly hrozby, koukne se mi na to někdo prosím? 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-03-2021
Ran by micha (administrator) on RTX2060 (ATComputers ALZA) (16-03-2021 17:26:18)
Running from C:\Users\micha\Downloads
Loaded Profiles: micha
Platform: Windows 10 Home Version 2004 19041.867 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(Atheros) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.CpuIdRemote64.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.DisplayAdapter.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft) C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <29>
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe <2>
(Qualcomm Atheros -> ) [File not signed] C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [353400 2021-01-22] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [CORSAIR iCUE Software] => C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe [405544 2020-01-29] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM-x32\...\RunOnce: [PreRun] => C:\Program Files (x86)\GIGABYTE\AppCenter\PreRun.exe [14632 2016-02-26] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [134784 2014-02-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3412696 2021-02-13] (Valve -> Valve Corporation)
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Run: [Spotify] => C:\Users\micha\AppData\Roaming\Spotify\Spotify.exe [23854664 2021-03-05] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Run: [Discord] => C:\Users\micha\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Run: [MicrosoftEdgeAutoLaunch_ED02E366447D09E4F124EF89B233D989] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Policies\Explorer\DisallowRun: [1] irsetup.exe
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\MountPoints2: {d27f7121-3c6f-11eb-a1ef-b42e99c6c37c} - "F:\setup.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.82\Installer\chrmstp.exe [2021-03-11] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2021-02-15] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-02-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-02-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0736D8B2-961F-4653-AD71-E90A2ACA691E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-02-11] (Google LLC -> Google LLC)
Task: {29C56395-0749-42CD-87F1-CED9CC40F2BD} - System32\Tasks\GraphicsCardEngine => C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngineStarter.exe [232880 2019-05-07] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {40CC0D87-E421-4AA2-8BE3-45B07F7C7A05} - System32\Tasks\LiquidSensord => C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\LiquidSensord.exe [251824 2019-05-07] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {52CDF26B-3BCD-47DC-A9A7-FF7136D1FAA7} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5D9EB282-DD68-4794-9D17-2656F98AF1B1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5E62244E-2A01-45BE-A610-DE756BBE6F1D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-02-11] (Google LLC -> Google LLC)
Task: {70A8B671-EB36-4B6A-8E92-5EC3C539BFE7} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {71A2AD67-AC42-4934-8DFE-A7E38B82A244} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {83FB7C9B-D4A0-4943-A6D1-5783087D4A6D} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {96C2090F-771D-4623-9284-E03E767281E5} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9D61378D-0CDB-4527-B670-5378AFF14ADB} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A83860E8-2900-458D-8E45-DA3B568CFF4F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AE0345F5-9A4A-473A-B6FC-AB629FB1CC64} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {B6B5D448-1C02-4A69-9A97-371A9A05637D} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C078F9BF-D642-41F7-935E-6B55755EE7CE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D1C050C5-907E-4651-9CB2-856F187600AF} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {D1E4DFB4-556A-4027-B88E-0D4240F4F70D} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D2D124EC-8C02-44F7-A312-311B4A81B943} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D69C986C-9D24-4292-838D-BAFFE5EB4B11} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E27CBF41-3AE9-4477-B56C-CC9A67A95D73} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F79C472C-270E-4068-8F1E-A402825E30E1} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{2ae49ddd-672d-467c-8fc1-c5cf1da5de86}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{8f4b2b77-8370-49c5-a246-7eb7ec4ff163}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{fe23a2bd-762c-41ef-ad20-8c3821244af3}: [DhcpNameServer] 172.20.10.1
Edge:
=======
Edge Profile: C:\Users\micha\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-16]
FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-03-06] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default [2021-03-16]
CHR Notifications: Default -> hxxps://bar812.ru; hxxps://lustygrandmas.21sextreme.com; hxxps://www.divokekmeny.cz; hxxps://www.instagram.com; hxxps://www.netflix.com; hxxps://www.xvideos.red
CHR HomePage: Default -> hxxp://seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR NewTab: Default -> Not-active:"chrome-extension://ehhkfhegcenpfoanmgfpfhnmdmflkbgk/index.html"
CHR DefaultSearchURL: Default -> hxxp://www.google.com/search?q={searchTerms}
CHR DefaultSearchKeyword: Default -> dasdasdasdas
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-02-11]
CHR Extension: (Old Layout for Facebook) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\abmkkackbbimmdbfjdilpnfaegaeagge [2020-11-26]
CHR Extension: (Dokumenty) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-02-11]
CHR Extension: (Disk Google) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (ColorZilla) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2020-02-11]
CHR Extension: (YouTube) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-02-11]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-01-28]
CHR Extension: (Home - New Tab Page) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehhkfhegcenpfoanmgfpfhnmdmflkbgk [2020-02-11]
CHR Extension: (Tabulky) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-02-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-10]
CHR Extension: (Classic) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkacjpbfdknhflllbcmjibkdeoafencn [2020-11-07]
CHR Extension: (Screen Recorder) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniebljpgcogalllopnjokppmgbhaden [2021-03-16]
CHR Extension: (FormApps Extension) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2020-12-14]
CHR Extension: (Video Recorder) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\janpabomenbggihohponfklipffjhlfb [2020-02-11]
CHR Extension: (Chrono správce stahování) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\mciiogijehkdemklbdcbfkefimifhecn [2021-02-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-11]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AAErrorPort; C:\Users\micha\AppData\Local\Temp\ActiveAnticheat\aaerrport.exe [228656 2021-01-24] (Private Enterprise LST -> Active Anticheat) <==== ATTENTION
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-02-25] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8646752 2020-07-01] (BattlEye Innovations e.K. -> )
R2 CorsairLLAService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe [384040 2020-01-29] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [55336 2020-01-29] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [805488 2020-11-22] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 EasyTuneEngineService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe [142768 2019-05-22] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA)
R2 gadjservice; C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe [17920 2015-06-25] () [File not signed]
R2 Gservice; C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe [19888 2016-12-02] (GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft)
S2 OcButtonService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\OcButtonService.exe [125872 2019-05-09] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2522424 2020-11-20] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3476800 2020-11-20] (Electronic Arts, Inc. -> Electronic Arts)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1631360 2020-12-02] (Rockstar Games, Inc. -> Rockstar Games)
S3 SmrtService; C:\ProgramData\SmartGuard\lineage2\smrt3d\release\Data\f11b5976e4d9ebaa5523bc62125665980cdb0deb\smrtsvc64.exe [12773624 2021-02-23] (Eikonect Software SL -> )
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10091440 2021-01-22] (Riot Games, Inc. -> Riot Games, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe [2483616 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe [128376 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-02-25] (Atheros) [File not signed]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R2 CorsairLLAccess3B84E98236B28D4E075D5737DF9F567A1FB76E8A; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys [21728 2020-01-15] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45984 2020-07-06] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21920 2020-07-06] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 cpuz149; C:\WINDOWS\temp\cpuz149\cpuz149_x64.sys [44320 2021-03-16] (CPUID S.A.R.L.U. -> CPUID)
R1 EneTechIo; C:\Windows\system32\drivers\ene.sys [19968 2019-10-17] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 gdrv2; C:\Windows\gdrv2.sys [32600 2020-02-04] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 GVCIDrv; C:\Program Files (x86)\GIGABYTE\RGBFusion\GVCIDrv64.sys [18432 2019-12-08] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 MpKsl95381e4c; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{29061F77-BBA2-4644-AFDB-40A79A1882A3}\MpKslDrv.sys [90360 2021-03-16] (Microsoft Windows -> Microsoft Corporation)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
S3 PRProt; C:\Users\micha\AppData\Local\Temp\ActiveAnticheat\1223540\active64.sys [5387312 2021-01-24] (Microsoft Windows Hardware Compatibility Publisher -> ) <==== ATTENTION
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2019-12-07] (Microsoft Windows -> Realtek Semiconductor Corporation)
S3 smrtkrnl64; C:\WINDOWS\System32\Drivers\smrtkrnl64.sys [5305104 2021-02-23] (Eikonect Software SL -> )
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [5782360 2021-01-22] (Riot Games, Inc. -> Riot Games, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-03-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [420072 2021-03-15] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-15] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-03-16 17:26 - 2021-03-16 17:26 - 000025034 _____ C:\Users\micha\Downloads\FRST.txt
2021-03-16 17:26 - 2021-03-16 17:26 - 000000000 ____D C:\FRST
2021-03-16 17:25 - 2021-03-16 17:25 - 002300928 _____ (Farbar) C:\Users\micha\Downloads\FRST64.exe
2021-03-16 17:01 - 2021-03-16 17:04 - 075607864 _____ (obsproject.com) C:\Users\micha\Downloads\OBS-Studio-26.1.1-Full-Installer-x64.exe
2021-03-16 16:55 - 2021-03-16 16:55 - 009763490 _____ C:\Users\micha\Downloads\screen-capture (1).webm
2021-03-16 16:54 - 2021-03-16 16:54 - 002319648 _____ C:\Users\micha\Downloads\screen-capture.webm
2021-03-16 16:49 - 2021-03-16 16:49 - 000000279 _____ C:\Users\micha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Koš.lnk
2021-03-16 16:48 - 2021-03-16 16:48 - 000000013 _____ C:\ProgramData\krosqm.txt
2021-03-16 16:41 - 2021-03-16 16:41 - 000001068 _____ C:\ProgramData\Plocha\Bandicam.lnk
2021-03-16 16:41 - 2021-03-16 16:41 - 000000000 ____D C:\Users\micha\OneDrive\Dokumenty\Bandicam
2021-03-16 16:41 - 2021-03-16 16:41 - 000000000 ____D C:\Users\micha\AppData\Roaming\Bandicam Company
2021-03-16 16:41 - 2021-03-16 16:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam
2021-03-16 16:41 - 2021-03-16 16:41 - 000000000 ____D C:\Program Files (x86)\BandiMPEG1
2021-03-16 16:41 - 2021-03-16 16:41 - 000000000 ____D C:\Program Files (x86)\Bandicam
2021-03-16 16:40 - 2021-03-16 16:41 - 022306112 _____ (Bandicam Company) C:\Users\micha\Downloads\bdcamsetup.exe
2021-03-16 16:35 - 2021-03-16 16:36 - 001575184 _____ (NCH Software) C:\Users\micha\Downloads\Debut-Video-Capture-2-03-Beta (1).exe
2021-03-16 16:31 - 2021-03-16 16:31 - 001575184 _____ (NCH Software) C:\Users\micha\Downloads\Debut-Video-Capture-2-03-Beta.exe
2021-03-16 14:37 - 2021-03-16 14:37 - 000849958 _____ C:\Users\micha\Downloads\Cut_Assistant_0.9.12.2.zip
2021-03-16 14:34 - 2021-03-16 14:34 - 000000000 ____D C:\Users\micha\AppData\Roaming\GPAC
2021-03-16 14:33 - 2021-03-16 14:33 - 045210266 _____ C:\Users\micha\Downloads\gpac-1.0.1-rev0-gd8538e8a-master-x64.exe
2021-03-16 14:29 - 2021-03-16 14:29 - 000000000 ____D C:\Users\micha\AppData\Roaming\fltk.org
2021-03-16 14:29 - 2021-03-16 14:29 - 000000000 ____D C:\ProgramData\fltk.org
2021-03-16 14:28 - 2021-03-16 14:28 - 011656099 _____ (FameRing) C:\Users\micha\Downloads\SmartCutter.exe
2021-03-16 14:28 - 2021-03-16 14:28 - 000000000 ____D C:\Users\micha\AppData\Roaming\FameRing
2021-03-16 14:24 - 2021-03-16 14:24 - 000000000 ____D C:\Users\micha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avidemux 2.7 VC++ 64bits
2021-03-16 14:24 - 2021-03-16 14:24 - 000000000 ____D C:\Program Files\Avidemux 2.7 VC++ 64bits
2021-03-16 01:40 - 2021-03-16 01:41 - 039125896 _____ C:\Users\micha\Downloads\Avidemux_2.7.8VC++64bits (1).exe
2021-03-16 01:07 - 2021-03-16 14:15 - 000000000 ____D C:\Users\micha\AppData\Roaming\HandBrake
2021-03-16 01:07 - 2021-03-16 01:07 - 013534240 _____ C:\Users\micha\Downloads\HandBrake-1.3.3-x86_64-Win_GUI.exe
2021-03-15 20:44 - 2021-03-15 20:45 - 000000000 ____D C:\Users\micha\AppData\Local\Windows Live
2021-03-15 20:44 - 2021-03-15 20:44 - 000001454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2021-03-15 20:44 - 2021-03-15 20:44 - 000001385 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2021-03-15 20:44 - 2021-03-15 20:44 - 000000000 ____D C:\WINDOWS\PCHEALTH
2021-03-15 20:44 - 2021-03-15 20:44 - 000000000 ____D C:\WINDOWS\cs
2021-03-15 20:44 - 2021-03-15 20:44 - 000000000 ____D C:\Program Files (x86)\Windows Live
2021-03-15 20:44 - 2021-03-15 20:44 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2021-03-15 20:41 - 2021-03-15 20:43 - 140274864 _____ (společnost Microsoft Corporation) C:\Users\micha\Downloads\wlsetup-all-cs-winaero.exe
2021-03-15 20:23 - 2021-03-16 16:34 - 000000000 ____D C:\Users\micha\AppData\Roaming\avidemux
2021-03-15 20:23 - 2021-03-16 14:23 - 000000000 ____D C:\Users\micha\AppData\Local\avidemux
2021-03-15 20:22 - 2021-03-15 20:23 - 039125896 _____ C:\Users\micha\Downloads\Avidemux_2.7.8VC++64bits.exe
2021-03-15 19:15 - 2021-03-16 16:38 - 000000000 ____D C:\Users\micha\AppData\Roaming\NCH Software
2021-03-15 19:15 - 2021-03-16 16:38 - 000000000 ____D C:\Program Files (x86)\NCH Software
2021-03-15 19:15 - 2021-03-16 16:37 - 000000000 ____D C:\WINDOWS\system32\Tasks\NCH Software
2021-03-15 19:15 - 2021-03-15 19:15 - 003098120 _____ (NCH Software) C:\Users\micha\Downloads\DebutVideoCaptureSoftware.exe
2021-03-15 19:15 - 2021-03-15 19:15 - 000002084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Suite.lnk
2021-03-15 19:15 - 2021-03-15 19:15 - 000000000 ____D C:\Users\micha\NCH Software Suite
2021-03-15 19:15 - 2021-03-15 19:15 - 000000000 ____D C:\ProgramData\NCH Software
2021-03-13 13:36 - 2021-03-13 13:36 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-13 13:36 - 2021-03-13 13:36 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-13 13:36 - 2021-03-13 13:36 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-03-13 13:36 - 2021-03-13 13:36 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-13 13:36 - 2021-03-13 13:36 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-13 13:36 - 2021-03-13 13:36 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-13 13:36 - 2021-03-13 13:36 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-03-13 13:36 - 2021-03-13 13:36 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-03-13 13:36 - 2021-03-13 13:36 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-03-13 13:36 - 2021-03-13 13:36 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-03-13 13:36 - 2021-03-13 13:36 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-03-13 12:47 - 2021-03-13 12:49 - 093542528 _____ C:\Users\micha\Downloads\100kaIF1.zip
2021-03-11 11:33 - 2021-03-11 11:57 - 000000000 ____D C:\Users\micha\AppData\LocalLow\Mozilla
2021-03-11 11:31 - 2021-03-11 11:32 - 072623808 _____ C:\Users\micha\Downloads\torbrowser-install-win64-10.0.12_en-US.exe
2021-03-01 13:08 - 2021-03-01 13:08 - 000017011 _____ C:\Users\micha\Downloads\yung.lean.in.my.head.(2020).eng.1cd.(8515144) (1).zip
2021-03-01 13:06 - 2021-03-01 13:06 - 000017008 _____ C:\Users\micha\Downloads\yung.lean.in.my.head.(2020).eng.1cd.(8515144).zip
2021-02-27 20:37 - 2021-02-27 20:37 - 001012768 _____ (Mixbyte Inc. ) C:\Users\micha\Downloads\FreemakeVideoDownloaderSetup_c98165e4-bf7b-61c8-089c-427f0d084910.exe
2021-02-23 14:41 - 2021-02-23 14:41 - 000083288 _____ (Zoom Video Communications, Inc.) C:\Users\micha\Downloads\Zoom_cm_f3nvuxZ9vvrZo4_m3bZ0BdPnF5bLl-TfGYAbRUK+NiKfVqoCuT8@EotJi5zrAqsWjCjK_k0856937e1757abed_.exe
2021-02-23 13:39 - 2021-02-23 13:39 - 985646286 _____ C:\Users\micha\Downloads\L2Etina Patch.7z
2021-02-19 19:01 - 2021-02-19 19:01 - 000000000 ____D C:\Users\micha\OneDrive\Dokumenty\Mount&Blade Warband Savegames
2021-02-19 18:59 - 2021-02-21 14:45 - 000000000 ____D C:\Users\micha\AppData\Roaming\Mount&Blade Warband
2021-02-19 18:59 - 2021-02-19 19:03 - 000000000 ____D C:\Users\micha\OneDrive\Dokumenty\Mount&Blade Warband
2021-02-18 17:56 - 2021-02-18 17:56 - 127203936 _____ (NVIDIA Corporation New) C:\Users\micha\Downloads\GeForce_Experience_v3.21.0.36.exe
2021-02-16 15:45 - 2021-02-16 15:45 - 001939824 _____ (Plarium) C:\Users\micha\Downloads\RaidSetup (1).exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-03-16 17:23 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-16 17:17 - 2020-02-23 23:31 - 000000000 ____D C:\Users\micha\AppData\Roaming\vlc
2021-03-16 17:15 - 2020-11-16 11:23 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-03-16 17:15 - 2019-12-07 15:41 - 000716764 _____ C:\WINDOWS\system32\perfh005.dat
2021-03-16 17:15 - 2019-12-07 15:41 - 000144942 _____ C:\WINDOWS\system32\perfc005.dat
2021-03-16 17:15 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-03-16 17:11 - 2020-05-13 15:07 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2021-03-16 17:10 - 2020-02-04 09:10 - 000000000 ____D C:\ProgramData\NVIDIA
2021-03-16 17:09 - 2020-10-30 17:17 - 000000000 ____D C:\Users\micha\AppData\Local\Spotify
2021-03-16 17:09 - 2020-10-30 17:16 - 000000000 ____D C:\Users\micha\AppData\Roaming\Spotify
2021-03-16 17:09 - 2020-04-01 15:15 - 000000000 ____D C:\Users\micha\AppData\Roaming\discord
2021-03-16 17:09 - 2020-02-11 19:11 - 000000000 ____D C:\Program Files (x86)\Steam
2021-03-16 17:08 - 2020-12-12 12:46 - 000000000 ____D C:\ProgramData\Disc-Soft
2021-03-16 17:08 - 2020-11-16 01:17 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-16 17:08 - 2020-11-16 01:12 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-16 17:08 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-03-16 16:49 - 2020-02-14 16:40 - 000000000 ____D C:\Users\micha\AppData\Local\CrashDumps
2021-03-16 16:49 - 2020-02-14 16:30 - 000000000 ____D C:\Users\micha\AppData\Roaming\uTorrent
2021-03-16 14:55 - 2020-12-12 12:47 - 000000000 ____D C:\Users\micha\AppData\Roaming\Disc-Soft
2021-03-16 14:55 - 2020-12-11 18:30 - 000000000 ____D C:\Program Files (x86)\FastShare
2021-03-16 14:20 - 2020-02-23 22:47 - 000000000 ____D C:\ProgramData\AVAST Software
2021-03-15 20:44 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-03-15 19:15 - 2020-11-16 01:13 - 000000000 ____D C:\Users\micha
2021-03-15 19:14 - 2020-02-11 15:33 - 000000000 ____D C:\Users\micha\AppData\Local\ElevatedDiagnostics
2021-03-15 17:51 - 2020-02-11 14:41 - 000000000 ____D C:\Users\micha\AppData\Local\Packages
2021-03-15 16:32 - 2020-11-16 01:12 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-15 16:02 - 2020-11-16 01:17 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2039187500-3861812081-2781867699-1001
2021-03-15 16:02 - 2020-11-16 01:13 - 000002372 _____ C:\Users\micha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-03-15 16:02 - 2020-02-11 14:43 - 000000000 ___RD C:\Users\micha\OneDrive
2021-03-15 13:19 - 2020-02-11 14:57 - 000000000 ____D C:\ProgramData\Riot Games
2021-03-15 12:47 - 2020-02-04 09:05 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-03-14 14:33 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-14 14:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-14 14:10 - 2020-06-08 21:17 - 000002426 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-03-13 14:32 - 2020-11-16 01:12 - 000294080 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-13 14:31 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-13 14:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-13 14:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-13 14:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-13 14:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-13 14:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-13 14:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-13 14:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-13 14:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-13 14:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-13 14:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-13 14:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-13 14:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-13 13:38 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-12 11:47 - 2020-02-04 09:08 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-03-11 01:55 - 2020-02-11 14:49 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-03-10 16:55 - 2020-02-11 14:59 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-03-10 16:54 - 2020-02-11 14:59 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-03-08 13:10 - 2020-02-22 00:16 - 000000000 ____D C:\Users\micha\AppData\Roaming\AIMP
2021-03-04 22:03 - 2020-11-30 12:07 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6bbadbfba2087
2021-03-04 22:03 - 2020-11-16 01:17 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-04 14:27 - 2020-02-22 00:16 - 000000000 ____D C:\Program Files (x86)\AIMP
2021-02-23 13:43 - 2020-03-11 22:15 - 000000000 ____D C:\Users\micha\AppData\Roaming\Awesomium
2021-02-23 13:40 - 2020-09-30 01:49 - 005305104 ____N C:\WINDOWS\system32\Drivers\smrtkrnl64.sys
2021-02-20 12:18 - 2020-08-20 23:24 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-19 18:59 - 2020-02-11 16:11 - 000000000 ____D C:\Users\micha\AppData\Local\D3DSCache
2021-02-18 17:54 - 2020-02-11 14:50 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-02-18 17:44 - 2020-11-16 01:17 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-02-18 17:44 - 2020-11-16 01:17 - 000003400 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-18 17:44 - 2020-11-16 01:17 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-18 17:44 - 2020-11-16 01:17 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-18 17:44 - 2020-11-16 01:17 - 000003220 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification
2021-02-18 17:44 - 2020-11-16 01:17 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-18 17:44 - 2020-11-16 01:17 - 000003176 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-18 17:44 - 2020-11-16 01:17 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-18 17:44 - 2020-11-16 01:17 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-18 17:44 - 2020-11-16 01:17 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-18 17:44 - 2020-11-16 01:17 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-18 17:44 - 2020-11-16 01:17 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-18 17:44 - 2020-11-16 01:17 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-18 17:44 - 2020-11-16 01:17 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-18 17:44 - 2020-11-16 01:17 - 000002856 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2039187500-3861812081-2781867699-500
2021-02-18 17:44 - 2020-11-16 01:17 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-18 17:44 - 2020-11-16 01:17 - 000002610 _____ C:\WINDOWS\system32\Tasks\GraphicsCardEngine
2021-02-18 17:44 - 2020-11-16 01:17 - 000002574 _____ C:\WINDOWS\system32\Tasks\LiquidSensord
2021-02-18 16:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-02-16 11:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-03-2021
Ran by micha (administrator) on RTX2060 (ATComputers ALZA) (16-03-2021 17:26:18)
Running from C:\Users\micha\Downloads
Loaded Profiles: micha
Platform: Windows 10 Home Version 2004 19041.867 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(Atheros) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.CpuIdRemote64.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.DisplayAdapter.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft) C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <29>
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe <2>
(Qualcomm Atheros -> ) [File not signed] C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [353400 2021-01-22] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [CORSAIR iCUE Software] => C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe [405544 2020-01-29] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM-x32\...\RunOnce: [PreRun] => C:\Program Files (x86)\GIGABYTE\AppCenter\PreRun.exe [14632 2016-02-26] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [134784 2014-02-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3412696 2021-02-13] (Valve -> Valve Corporation)
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Run: [Spotify] => C:\Users\micha\AppData\Roaming\Spotify\Spotify.exe [23854664 2021-03-05] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Run: [Discord] => C:\Users\micha\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Run: [MicrosoftEdgeAutoLaunch_ED02E366447D09E4F124EF89B233D989] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Policies\Explorer\DisallowRun: [1] irsetup.exe
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\MountPoints2: {d27f7121-3c6f-11eb-a1ef-b42e99c6c37c} - "F:\setup.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.82\Installer\chrmstp.exe [2021-03-11] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2021-02-15] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-02-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-02-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0736D8B2-961F-4653-AD71-E90A2ACA691E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-02-11] (Google LLC -> Google LLC)
Task: {29C56395-0749-42CD-87F1-CED9CC40F2BD} - System32\Tasks\GraphicsCardEngine => C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngineStarter.exe [232880 2019-05-07] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {40CC0D87-E421-4AA2-8BE3-45B07F7C7A05} - System32\Tasks\LiquidSensord => C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\LiquidSensord.exe [251824 2019-05-07] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {52CDF26B-3BCD-47DC-A9A7-FF7136D1FAA7} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5D9EB282-DD68-4794-9D17-2656F98AF1B1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5E62244E-2A01-45BE-A610-DE756BBE6F1D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-02-11] (Google LLC -> Google LLC)
Task: {70A8B671-EB36-4B6A-8E92-5EC3C539BFE7} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {71A2AD67-AC42-4934-8DFE-A7E38B82A244} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {83FB7C9B-D4A0-4943-A6D1-5783087D4A6D} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {96C2090F-771D-4623-9284-E03E767281E5} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9D61378D-0CDB-4527-B670-5378AFF14ADB} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A83860E8-2900-458D-8E45-DA3B568CFF4F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AE0345F5-9A4A-473A-B6FC-AB629FB1CC64} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {B6B5D448-1C02-4A69-9A97-371A9A05637D} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C078F9BF-D642-41F7-935E-6B55755EE7CE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D1C050C5-907E-4651-9CB2-856F187600AF} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {D1E4DFB4-556A-4027-B88E-0D4240F4F70D} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D2D124EC-8C02-44F7-A312-311B4A81B943} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D69C986C-9D24-4292-838D-BAFFE5EB4B11} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E27CBF41-3AE9-4477-B56C-CC9A67A95D73} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F79C472C-270E-4068-8F1E-A402825E30E1} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{2ae49ddd-672d-467c-8fc1-c5cf1da5de86}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{8f4b2b77-8370-49c5-a246-7eb7ec4ff163}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{fe23a2bd-762c-41ef-ad20-8c3821244af3}: [DhcpNameServer] 172.20.10.1
Edge:
=======
Edge Profile: C:\Users\micha\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-16]
FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-03-06] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default [2021-03-16]
CHR Notifications: Default -> hxxps://bar812.ru; hxxps://lustygrandmas.21sextreme.com; hxxps://www.divokekmeny.cz; hxxps://www.instagram.com; hxxps://www.netflix.com; hxxps://www.xvideos.red
CHR HomePage: Default -> hxxp://seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR NewTab: Default -> Not-active:"chrome-extension://ehhkfhegcenpfoanmgfpfhnmdmflkbgk/index.html"
CHR DefaultSearchURL: Default -> hxxp://www.google.com/search?q={searchTerms}
CHR DefaultSearchKeyword: Default -> dasdasdasdas
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-02-11]
CHR Extension: (Old Layout for Facebook) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\abmkkackbbimmdbfjdilpnfaegaeagge [2020-11-26]
CHR Extension: (Dokumenty) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-02-11]
CHR Extension: (Disk Google) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (ColorZilla) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2020-02-11]
CHR Extension: (YouTube) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-02-11]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-01-28]
CHR Extension: (Home - New Tab Page) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehhkfhegcenpfoanmgfpfhnmdmflkbgk [2020-02-11]
CHR Extension: (Tabulky) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-02-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-10]
CHR Extension: (Classic) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkacjpbfdknhflllbcmjibkdeoafencn [2020-11-07]
CHR Extension: (Screen Recorder) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniebljpgcogalllopnjokppmgbhaden [2021-03-16]
CHR Extension: (FormApps Extension) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2020-12-14]
CHR Extension: (Video Recorder) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\janpabomenbggihohponfklipffjhlfb [2020-02-11]
CHR Extension: (Chrono správce stahování) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\mciiogijehkdemklbdcbfkefimifhecn [2021-02-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-11]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AAErrorPort; C:\Users\micha\AppData\Local\Temp\ActiveAnticheat\aaerrport.exe [228656 2021-01-24] (Private Enterprise LST -> Active Anticheat) <==== ATTENTION
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-02-25] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8646752 2020-07-01] (BattlEye Innovations e.K. -> )
R2 CorsairLLAService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe [384040 2020-01-29] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [55336 2020-01-29] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [805488 2020-11-22] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 EasyTuneEngineService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe [142768 2019-05-22] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA)
R2 gadjservice; C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe [17920 2015-06-25] () [File not signed]
R2 Gservice; C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe [19888 2016-12-02] (GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft)
S2 OcButtonService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\OcButtonService.exe [125872 2019-05-09] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2522424 2020-11-20] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3476800 2020-11-20] (Electronic Arts, Inc. -> Electronic Arts)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1631360 2020-12-02] (Rockstar Games, Inc. -> Rockstar Games)
S3 SmrtService; C:\ProgramData\SmartGuard\lineage2\smrt3d\release\Data\f11b5976e4d9ebaa5523bc62125665980cdb0deb\smrtsvc64.exe [12773624 2021-02-23] (Eikonect Software SL -> )
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10091440 2021-01-22] (Riot Games, Inc. -> Riot Games, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe [2483616 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe [128376 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-02-25] (Atheros) [File not signed]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R2 CorsairLLAccess3B84E98236B28D4E075D5737DF9F567A1FB76E8A; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys [21728 2020-01-15] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45984 2020-07-06] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21920 2020-07-06] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 cpuz149; C:\WINDOWS\temp\cpuz149\cpuz149_x64.sys [44320 2021-03-16] (CPUID S.A.R.L.U. -> CPUID)
R1 EneTechIo; C:\Windows\system32\drivers\ene.sys [19968 2019-10-17] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 gdrv2; C:\Windows\gdrv2.sys [32600 2020-02-04] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 GVCIDrv; C:\Program Files (x86)\GIGABYTE\RGBFusion\GVCIDrv64.sys [18432 2019-12-08] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 MpKsl95381e4c; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{29061F77-BBA2-4644-AFDB-40A79A1882A3}\MpKslDrv.sys [90360 2021-03-16] (Microsoft Windows -> Microsoft Corporation)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
S3 PRProt; C:\Users\micha\AppData\Local\Temp\ActiveAnticheat\1223540\active64.sys [5387312 2021-01-24] (Microsoft Windows Hardware Compatibility Publisher -> ) <==== ATTENTION
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2019-12-07] (Microsoft Windows -> Realtek Semiconductor Corporation)
S3 smrtkrnl64; C:\WINDOWS\System32\Drivers\smrtkrnl64.sys [5305104 2021-02-23] (Eikonect Software SL -> )
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [5782360 2021-01-22] (Riot Games, Inc. -> Riot Games, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-03-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [420072 2021-03-15] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-15] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-03-16 17:26 - 2021-03-16 17:26 - 000025034 _____ C:\Users\micha\Downloads\FRST.txt
2021-03-16 17:26 - 2021-03-16 17:26 - 000000000 ____D C:\FRST
2021-03-16 17:25 - 2021-03-16 17:25 - 002300928 _____ (Farbar) C:\Users\micha\Downloads\FRST64.exe
2021-03-16 17:01 - 2021-03-16 17:04 - 075607864 _____ (obsproject.com) C:\Users\micha\Downloads\OBS-Studio-26.1.1-Full-Installer-x64.exe
2021-03-16 16:55 - 2021-03-16 16:55 - 009763490 _____ C:\Users\micha\Downloads\screen-capture (1).webm
2021-03-16 16:54 - 2021-03-16 16:54 - 002319648 _____ C:\Users\micha\Downloads\screen-capture.webm
2021-03-16 16:49 - 2021-03-16 16:49 - 000000279 _____ C:\Users\micha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Koš.lnk
2021-03-16 16:48 - 2021-03-16 16:48 - 000000013 _____ C:\ProgramData\krosqm.txt
2021-03-16 16:41 - 2021-03-16 16:41 - 000001068 _____ C:\ProgramData\Plocha\Bandicam.lnk
2021-03-16 16:41 - 2021-03-16 16:41 - 000000000 ____D C:\Users\micha\OneDrive\Dokumenty\Bandicam
2021-03-16 16:41 - 2021-03-16 16:41 - 000000000 ____D C:\Users\micha\AppData\Roaming\Bandicam Company
2021-03-16 16:41 - 2021-03-16 16:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam
2021-03-16 16:41 - 2021-03-16 16:41 - 000000000 ____D C:\Program Files (x86)\BandiMPEG1
2021-03-16 16:41 - 2021-03-16 16:41 - 000000000 ____D C:\Program Files (x86)\Bandicam
2021-03-16 16:40 - 2021-03-16 16:41 - 022306112 _____ (Bandicam Company) C:\Users\micha\Downloads\bdcamsetup.exe
2021-03-16 16:35 - 2021-03-16 16:36 - 001575184 _____ (NCH Software) C:\Users\micha\Downloads\Debut-Video-Capture-2-03-Beta (1).exe
2021-03-16 16:31 - 2021-03-16 16:31 - 001575184 _____ (NCH Software) C:\Users\micha\Downloads\Debut-Video-Capture-2-03-Beta.exe
2021-03-16 14:37 - 2021-03-16 14:37 - 000849958 _____ C:\Users\micha\Downloads\Cut_Assistant_0.9.12.2.zip
2021-03-16 14:34 - 2021-03-16 14:34 - 000000000 ____D C:\Users\micha\AppData\Roaming\GPAC
2021-03-16 14:33 - 2021-03-16 14:33 - 045210266 _____ C:\Users\micha\Downloads\gpac-1.0.1-rev0-gd8538e8a-master-x64.exe
2021-03-16 14:29 - 2021-03-16 14:29 - 000000000 ____D C:\Users\micha\AppData\Roaming\fltk.org
2021-03-16 14:29 - 2021-03-16 14:29 - 000000000 ____D C:\ProgramData\fltk.org
2021-03-16 14:28 - 2021-03-16 14:28 - 011656099 _____ (FameRing) C:\Users\micha\Downloads\SmartCutter.exe
2021-03-16 14:28 - 2021-03-16 14:28 - 000000000 ____D C:\Users\micha\AppData\Roaming\FameRing
2021-03-16 14:24 - 2021-03-16 14:24 - 000000000 ____D C:\Users\micha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avidemux 2.7 VC++ 64bits
2021-03-16 14:24 - 2021-03-16 14:24 - 000000000 ____D C:\Program Files\Avidemux 2.7 VC++ 64bits
2021-03-16 01:40 - 2021-03-16 01:41 - 039125896 _____ C:\Users\micha\Downloads\Avidemux_2.7.8VC++64bits (1).exe
2021-03-16 01:07 - 2021-03-16 14:15 - 000000000 ____D C:\Users\micha\AppData\Roaming\HandBrake
2021-03-16 01:07 - 2021-03-16 01:07 - 013534240 _____ C:\Users\micha\Downloads\HandBrake-1.3.3-x86_64-Win_GUI.exe
2021-03-15 20:44 - 2021-03-15 20:45 - 000000000 ____D C:\Users\micha\AppData\Local\Windows Live
2021-03-15 20:44 - 2021-03-15 20:44 - 000001454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2021-03-15 20:44 - 2021-03-15 20:44 - 000001385 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2021-03-15 20:44 - 2021-03-15 20:44 - 000000000 ____D C:\WINDOWS\PCHEALTH
2021-03-15 20:44 - 2021-03-15 20:44 - 000000000 ____D C:\WINDOWS\cs
2021-03-15 20:44 - 2021-03-15 20:44 - 000000000 ____D C:\Program Files (x86)\Windows Live
2021-03-15 20:44 - 2021-03-15 20:44 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2021-03-15 20:41 - 2021-03-15 20:43 - 140274864 _____ (společnost Microsoft Corporation) C:\Users\micha\Downloads\wlsetup-all-cs-winaero.exe
2021-03-15 20:23 - 2021-03-16 16:34 - 000000000 ____D C:\Users\micha\AppData\Roaming\avidemux
2021-03-15 20:23 - 2021-03-16 14:23 - 000000000 ____D C:\Users\micha\AppData\Local\avidemux
2021-03-15 20:22 - 2021-03-15 20:23 - 039125896 _____ C:\Users\micha\Downloads\Avidemux_2.7.8VC++64bits.exe
2021-03-15 19:15 - 2021-03-16 16:38 - 000000000 ____D C:\Users\micha\AppData\Roaming\NCH Software
2021-03-15 19:15 - 2021-03-16 16:38 - 000000000 ____D C:\Program Files (x86)\NCH Software
2021-03-15 19:15 - 2021-03-16 16:37 - 000000000 ____D C:\WINDOWS\system32\Tasks\NCH Software
2021-03-15 19:15 - 2021-03-15 19:15 - 003098120 _____ (NCH Software) C:\Users\micha\Downloads\DebutVideoCaptureSoftware.exe
2021-03-15 19:15 - 2021-03-15 19:15 - 000002084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Suite.lnk
2021-03-15 19:15 - 2021-03-15 19:15 - 000000000 ____D C:\Users\micha\NCH Software Suite
2021-03-15 19:15 - 2021-03-15 19:15 - 000000000 ____D C:\ProgramData\NCH Software
2021-03-13 13:36 - 2021-03-13 13:36 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-13 13:36 - 2021-03-13 13:36 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-13 13:36 - 2021-03-13 13:36 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-03-13 13:36 - 2021-03-13 13:36 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-13 13:36 - 2021-03-13 13:36 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-13 13:36 - 2021-03-13 13:36 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-13 13:36 - 2021-03-13 13:36 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-03-13 13:36 - 2021-03-13 13:36 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-03-13 13:36 - 2021-03-13 13:36 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-03-13 13:36 - 2021-03-13 13:36 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-03-13 13:36 - 2021-03-13 13:36 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-03-13 12:47 - 2021-03-13 12:49 - 093542528 _____ C:\Users\micha\Downloads\100kaIF1.zip
2021-03-11 11:33 - 2021-03-11 11:57 - 000000000 ____D C:\Users\micha\AppData\LocalLow\Mozilla
2021-03-11 11:31 - 2021-03-11 11:32 - 072623808 _____ C:\Users\micha\Downloads\torbrowser-install-win64-10.0.12_en-US.exe
2021-03-01 13:08 - 2021-03-01 13:08 - 000017011 _____ C:\Users\micha\Downloads\yung.lean.in.my.head.(2020).eng.1cd.(8515144) (1).zip
2021-03-01 13:06 - 2021-03-01 13:06 - 000017008 _____ C:\Users\micha\Downloads\yung.lean.in.my.head.(2020).eng.1cd.(8515144).zip
2021-02-27 20:37 - 2021-02-27 20:37 - 001012768 _____ (Mixbyte Inc. ) C:\Users\micha\Downloads\FreemakeVideoDownloaderSetup_c98165e4-bf7b-61c8-089c-427f0d084910.exe
2021-02-23 14:41 - 2021-02-23 14:41 - 000083288 _____ (Zoom Video Communications, Inc.) C:\Users\micha\Downloads\Zoom_cm_f3nvuxZ9vvrZo4_m3bZ0BdPnF5bLl-TfGYAbRUK+NiKfVqoCuT8@EotJi5zrAqsWjCjK_k0856937e1757abed_.exe
2021-02-23 13:39 - 2021-02-23 13:39 - 985646286 _____ C:\Users\micha\Downloads\L2Etina Patch.7z
2021-02-19 19:01 - 2021-02-19 19:01 - 000000000 ____D C:\Users\micha\OneDrive\Dokumenty\Mount&Blade Warband Savegames
2021-02-19 18:59 - 2021-02-21 14:45 - 000000000 ____D C:\Users\micha\AppData\Roaming\Mount&Blade Warband
2021-02-19 18:59 - 2021-02-19 19:03 - 000000000 ____D C:\Users\micha\OneDrive\Dokumenty\Mount&Blade Warband
2021-02-18 17:56 - 2021-02-18 17:56 - 127203936 _____ (NVIDIA Corporation New) C:\Users\micha\Downloads\GeForce_Experience_v3.21.0.36.exe
2021-02-16 15:45 - 2021-02-16 15:45 - 001939824 _____ (Plarium) C:\Users\micha\Downloads\RaidSetup (1).exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-03-16 17:23 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-16 17:17 - 2020-02-23 23:31 - 000000000 ____D C:\Users\micha\AppData\Roaming\vlc
2021-03-16 17:15 - 2020-11-16 11:23 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-03-16 17:15 - 2019-12-07 15:41 - 000716764 _____ C:\WINDOWS\system32\perfh005.dat
2021-03-16 17:15 - 2019-12-07 15:41 - 000144942 _____ C:\WINDOWS\system32\perfc005.dat
2021-03-16 17:15 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-03-16 17:11 - 2020-05-13 15:07 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2021-03-16 17:10 - 2020-02-04 09:10 - 000000000 ____D C:\ProgramData\NVIDIA
2021-03-16 17:09 - 2020-10-30 17:17 - 000000000 ____D C:\Users\micha\AppData\Local\Spotify
2021-03-16 17:09 - 2020-10-30 17:16 - 000000000 ____D C:\Users\micha\AppData\Roaming\Spotify
2021-03-16 17:09 - 2020-04-01 15:15 - 000000000 ____D C:\Users\micha\AppData\Roaming\discord
2021-03-16 17:09 - 2020-02-11 19:11 - 000000000 ____D C:\Program Files (x86)\Steam
2021-03-16 17:08 - 2020-12-12 12:46 - 000000000 ____D C:\ProgramData\Disc-Soft
2021-03-16 17:08 - 2020-11-16 01:17 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-16 17:08 - 2020-11-16 01:12 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-16 17:08 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-03-16 16:49 - 2020-02-14 16:40 - 000000000 ____D C:\Users\micha\AppData\Local\CrashDumps
2021-03-16 16:49 - 2020-02-14 16:30 - 000000000 ____D C:\Users\micha\AppData\Roaming\uTorrent
2021-03-16 14:55 - 2020-12-12 12:47 - 000000000 ____D C:\Users\micha\AppData\Roaming\Disc-Soft
2021-03-16 14:55 - 2020-12-11 18:30 - 000000000 ____D C:\Program Files (x86)\FastShare
2021-03-16 14:20 - 2020-02-23 22:47 - 000000000 ____D C:\ProgramData\AVAST Software
2021-03-15 20:44 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-03-15 19:15 - 2020-11-16 01:13 - 000000000 ____D C:\Users\micha
2021-03-15 19:14 - 2020-02-11 15:33 - 000000000 ____D C:\Users\micha\AppData\Local\ElevatedDiagnostics
2021-03-15 17:51 - 2020-02-11 14:41 - 000000000 ____D C:\Users\micha\AppData\Local\Packages
2021-03-15 16:32 - 2020-11-16 01:12 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-15 16:02 - 2020-11-16 01:17 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2039187500-3861812081-2781867699-1001
2021-03-15 16:02 - 2020-11-16 01:13 - 000002372 _____ C:\Users\micha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-03-15 16:02 - 2020-02-11 14:43 - 000000000 ___RD C:\Users\micha\OneDrive
2021-03-15 13:19 - 2020-02-11 14:57 - 000000000 ____D C:\ProgramData\Riot Games
2021-03-15 12:47 - 2020-02-04 09:05 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-03-14 14:33 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-14 14:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-14 14:10 - 2020-06-08 21:17 - 000002426 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-03-13 14:32 - 2020-11-16 01:12 - 000294080 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-13 14:31 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-13 14:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-13 14:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-13 14:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-13 14:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-13 14:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-13 14:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-13 14:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-13 14:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-13 14:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-13 14:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-13 14:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-13 14:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-13 13:38 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-12 11:47 - 2020-02-04 09:08 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-03-11 01:55 - 2020-02-11 14:49 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-03-10 16:55 - 2020-02-11 14:59 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-03-10 16:54 - 2020-02-11 14:59 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-03-08 13:10 - 2020-02-22 00:16 - 000000000 ____D C:\Users\micha\AppData\Roaming\AIMP
2021-03-04 22:03 - 2020-11-30 12:07 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6bbadbfba2087
2021-03-04 22:03 - 2020-11-16 01:17 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-04 14:27 - 2020-02-22 00:16 - 000000000 ____D C:\Program Files (x86)\AIMP
2021-02-23 13:43 - 2020-03-11 22:15 - 000000000 ____D C:\Users\micha\AppData\Roaming\Awesomium
2021-02-23 13:40 - 2020-09-30 01:49 - 005305104 ____N C:\WINDOWS\system32\Drivers\smrtkrnl64.sys
2021-02-20 12:18 - 2020-08-20 23:24 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-19 18:59 - 2020-02-11 16:11 - 000000000 ____D C:\Users\micha\AppData\Local\D3DSCache
2021-02-18 17:54 - 2020-02-11 14:50 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-02-18 17:44 - 2020-11-16 01:17 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-02-18 17:44 - 2020-11-16 01:17 - 000003400 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-18 17:44 - 2020-11-16 01:17 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-18 17:44 - 2020-11-16 01:17 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-18 17:44 - 2020-11-16 01:17 - 000003220 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification
2021-02-18 17:44 - 2020-11-16 01:17 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-18 17:44 - 2020-11-16 01:17 - 000003176 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-18 17:44 - 2020-11-16 01:17 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-18 17:44 - 2020-11-16 01:17 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-18 17:44 - 2020-11-16 01:17 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-18 17:44 - 2020-11-16 01:17 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-18 17:44 - 2020-11-16 01:17 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-18 17:44 - 2020-11-16 01:17 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-18 17:44 - 2020-11-16 01:17 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-18 17:44 - 2020-11-16 01:17 - 000002856 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2039187500-3861812081-2781867699-500
2021-02-18 17:44 - 2020-11-16 01:17 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-18 17:44 - 2020-11-16 01:17 - 000002610 _____ C:\WINDOWS\system32\Tasks\GraphicsCardEngine
2021-02-18 17:44 - 2020-11-16 01:17 - 000002574 _____ C:\WINDOWS\system32\Tasks\LiquidSensord
2021-02-18 16:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-02-16 11:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
