Prosím o kontrolu logu je pomalej internet
Napsal: 18 črc 2022 16:22
Zdravím, celej týden se mi seká PC a je extremně pomalej internet, když sem volal providerovi tak dle něj je vše v pořádku, jenže já měřím pod 1mbps.
Nevím si rady, je možné že je to virus?
Děkuji moc
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-07-2022
Ran by micha (administrator) on RTX2060 (ATComputers ALZA) (15-07-2022 19:13:17)
Running from C:\Users\micha\OneDrive\Plocha
Loaded Profiles: micha
Platform: Microsoft Windows 11 Home Version 21H2 22000.795 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe ->) (Qualcomm Atheros -> ) [File not signed] C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.545.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\103.0.1264.49\msedgewebview2.exe <6>
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCopyAccelerator.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe
(explorer.exe ->) (Global Delight Technologies Private Limited -> Global-Delight) C:\Program Files\Global Delight\Boom 3D\Boom3D.exe
(explorer.exe ->) (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(explorer.exe ->) (Spotify AB -> Spotify Ltd) C:\Users\micha\AppData\Roaming\Spotify\Spotify.exe <6>
(explorer.exe ->) (Swift Media Entertainment, Inc. -> Blitz, Inc.) C:\Users\micha\AppData\Local\Programs\Blitz\Blitz.exe <5>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <20>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Atheros) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe
(services.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft) C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_19c79fb6254e3b11\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(sihost.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.545.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
(svchost.exe ->) (Unpacker) [File not signed] C:\Users\micha\AppData\Roaming\Unpacker\Unpacker.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [CORSAIR iCUE Software] => C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe [405544 2020-01-29] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [707768 2022-03-10] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\RunOnce: [PreRun] => C:\Program Files (x86)\Gigabyte\AppCenter\PreRun.exe [14632 2016-02-26] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [134784 2014-02-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4282328 2022-06-07] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Run: [Discord] => C:\Users\micha\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Run: [Boom 3D] => C:\Program Files\Global Delight\Boom 3D\Boom3D.exe [465568 2022-07-11] (Global Delight Technologies Private Limited -> Global-Delight)
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Run: [Gaijin.Net Updater] => C:\Users\micha\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2793016 2022-06-02] (Gaijin Network LTD -> Gaijin)
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Run: [Spotify] => C:\Users\micha\AppData\Roaming\Spotify\Spotify.exe [19970464 2022-07-12] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Run: [com.blitz.app] => C:\Users\micha\AppData\Local\Programs\Blitz\Blitz.exe [121830648 2022-07-14] (Swift Media Entertainment, Inc. -> Blitz, Inc.)
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Run: [MobalyticsHQ.DesktopApp] => "C:\Users\micha\AppData\Local\Programs\mobalytics-desktop\Mobalytics Desktop.exe" (No File)
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Run: [electron.app.Mobalytics Desktop] => "C:\Users\micha\AppData\Local\Programs\mobalytics-desktop\Mobalytics Desktop.exe" (No File)
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Policies\Explorer\DisallowRun: [1] irsetup.exe
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\MountPoints2: {939d61fc-a614-11ec-a318-b42e99c6c37c} - "D:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\103.0.5060.114\Installer\chrmstp.exe [2022-07-05] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2022-03-02] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-02-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-02-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1B1B36BF-F648-4111-B747-6C54AB0BB67F} - System32\Tasks\PC HelpSoft Driver Updater notifications => C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\HDMSchedule.exe (No File) <==== ATTENTION
Task: {203D70EF-CE60-467A-B0D0-90795E48A2E3} - System32\Tasks\PC HelpSoft Driver Updater automatic scan and new device notifications => C:\Program Files (x86)\PC HelpSoft Driver Updater\HDMTray.exe (No File) <==== ATTENTION
Task: {29C56395-0749-42CD-87F1-CED9CC40F2BD} - System32\Tasks\GraphicsCardEngine => C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngineStarter.exe [232880 2019-05-07] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {2FCD907D-15B2-4A17-AF82-3732F88BD69A} - System32\Tasks\Purple => PurpleLauncher.exe --auto-run (No File)
Task: {32E76096-4A52-4A3C-AB6B-FACFEF01C50F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {394E68F9-193D-4D1D-98BA-8638B386407D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-09-14] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {4078AA30-D1F6-4D30-8826-D66117C379F4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {40CC0D87-E421-4AA2-8BE3-45B07F7C7A05} - System32\Tasks\LiquidSensord => C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\LiquidSensord.exe [251824 2019-05-07] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {5E5A1146-2B35-483D-AA9D-4C6A88295B1D} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-09-14] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {70A8B671-EB36-4B6A-8E92-5EC3C539BFE7} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {79AF2B12-6C66-44D0-BA80-DBB6955419B0} - System32\Tasks\SoundBass => C:\Users\micha\AppData\Roaming\Unpacker\Unpacker.exe [290332672 2021-07-30] (Unpacker) [File not signed] <==== ATTENTION
Task: {7F3423EE-DC45-4804-9C2E-804A7312571D} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-09-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {90134345-7BCC-4A3A-8AA9-8CF016A61DA1} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-09-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {94712085-3B7E-426B-83CE-00C46C4130F7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9BDB4F00-FCC4-401B-B78D-BF93F78A0472} - System32\Tasks\GoogleUpdateTaskMachineUA{17E2BA56-AF40-46F5-BEEF-987FED1153C8} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [168632 2022-06-25] (Google LLC -> Google LLC)
Task: {9E378670-5126-49C7-8D05-4878654A5557} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-09-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9F87E424-A387-438F-AC8C-C27BF4904C0F} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-09-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A7F9C378-3788-4111-A625-1BDADCEDC685} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A85588C4-0925-4657-8006-E880A2CF5277} - System32\Tasks\GoogleUpdateTaskMachineCore{50A76D15-CD66-4606-BFFA-2A6409EB6FE3} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [168632 2022-06-25] (Google LLC -> Google LLC)
Task: {BC9D1134-744B-4CE5-9B6B-11F4EFD82D72} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {D49F7FF4-0219-4623-AF82-9B462465CC1B} - System32\Tasks\Boom 3D App Updater => C:\Program Files\Global Delight\AppUpdater\Updater.exe [6144 2021-11-12] () [File not signed]
Task: {D5A429CE-B979-4891-9FAE-1410E43CF08D} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-09-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D5AD09EC-7CD6-45FC-9C6D-71968C560EB2} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-09-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DD1532A0-ED8B-4666-9CA2-303730464DED} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-09-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {ECF1B220-A533-4FE7-BAC8-369B920E1EBD} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-09-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F3220573-E110-4433-9786-AF63E53C9346} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {FDBBD1FC-7DF0-4649-87F3-1B4E28BEBB4A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{1c9091e5-cbed-403f-8952-5c8cbff6cdd1}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{2ae49ddd-672d-467c-8fc1-c5cf1da5de86}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{8f4b2b77-8370-49c5-a246-7eb7ec4ff163}: [DhcpNameServer] 192.168.2.1
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\micha\AppData\Local\Microsoft\Edge\User Data\Default [2022-06-16]
Edge Notifications: Default -> hxxps://www.ifortuna.cz
Edge HomePage: Default -> hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: 00lakxte.default
FF ProfilePath: C:\Users\micha\AppData\Roaming\Mozilla\Firefox\Profiles\00lakxte.default [2022-01-11]
FF ProfilePath: C:\Users\micha\AppData\Roaming\Mozilla\Firefox\Profiles\y0a19v2a.default-release [2022-07-15]
FF Homepage: Mozilla\Firefox\Profiles\y0a19v2a.default-release -> seznam.cz
FF Notifications: Mozilla\Firefox\Profiles\y0a19v2a.default-release -> hxxps://eune.op.gg
FF Extension: (ColorZilla) - C:\Users\micha\AppData\Roaming\Mozilla\Firefox\Profiles\y0a19v2a.default-release\Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}.xpi [2022-06-19]
FF Extension: (No Name) - C:\Users\micha\AppData\Roaming\Mozilla\Firefox\Profiles\y0a19v2a.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2022-07-05]
FF Plugin: @java.com/DTPlugin,version=11.331.2 -> C:\Program Files\Java\jre1.8.0_331\bin\dtplugin\npDeployJava1.dll [2022-04-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.331.2 -> C:\Program Files\Java\jre1.8.0_331\bin\plugin2\npjp2.dll [2022-04-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-07-05] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default [2022-07-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-06-25]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-07-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-06-25]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-02-25] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8901960 2022-01-14] (BattlEye Innovations e.K. -> )
R2 CorsairLLAService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe [384040 2020-01-29] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [55336 2020-01-29] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2022-02-12] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [584680 2022-06-04] (EasyAntiCheat Oy -> Epic Games, Inc.)
R2 EasyTuneEngineService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe [142768 2019-05-22] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 Gservice; C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe [19888 2016-12-02] (GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft)
R2 MyService1; C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe [18944 2021-04-08] () [File not signed]
S2 OcButtonService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\OcButtonService.exe [125872 2019-05-09] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2575624 2022-05-27] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3494672 2022-05-27] (Electronic Arts, Inc. -> Electronic Arts)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2017072 2022-01-27] (Rockstar Games, Inc. -> Rockstar Games)
S3 SmrtService; C:\ProgramData\SmartGuard\lineage2\smrt3d\release\Data\21a69c6aa89ec79ee3c698946173561aee8e0f72\smrtsvc64.exe [13143752 2021-12-23] (Eikonect Software SL -> )
S3 ucldr_battlegrounds_gl; C:\Program Files\Common Files\UNCHEATER\ucldr_battlegrounds_gl.exe [7152880 2022-01-29] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe [3120992 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe [133544 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WMIRegistrationService; C:\WINDOWS\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe [538736 2021-07-25] (Intel Corporation -> Intel Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-02-25] (Atheros) [File not signed]
S3 zksvc; C:\Program Files\Common Files\PUBG\zksvc.exe [8737992 2022-01-29] (PUBG CORPORATION -> PUBG Corporation)
S3 AAErrorPort; C:\Users\micha\AppData\Local\Temp\ActiveAnticheat\aaerrport.exe [X] <==== ATTENTION
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_19c79fb6254e3b11\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_19c79fb6254e3b11\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [507904 2021-09-13] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [180224 2021-06-05] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [98304 2021-06-05] (Microsoft Corporation) [File not signed]
R2 CorsairLLAccess3B84E98236B28D4E075D5737DF9F567A1FB76E8A; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys [21728 2020-01-15] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45984 2020-07-06] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21920 2020-07-06] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-12-12] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-12-12] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 EneTechIo; C:\Windows\system32\drivers\ene.sys [19968 2019-10-17] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 GDPL_BOOM; C:\WINDOWS\system32\drivers\boomvad.sys [51016 2021-06-17] (WDKTestCert Adarsh,131897759775447238 -> Windows (R) Win 7 DDK provider)
R3 gdrv2; C:\Windows\gdrv2.sys [32600 2020-02-04] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R3 gdrv3; C:\WINDOWS\System32\drivers\gdrv3.sys [41480 2022-03-12] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 GVCIDrv; C:\Program Files (x86)\GIGABYTE\RGBFusion\GVCIDrv64.sys [18432 2019-12-08] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 MpKslba7df588; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{29761927-5EA5-4232-9FB1-0DA79148BCFD}\MpKslDrv.sys [141576 2022-07-15] (Microsoft Windows -> Microsoft Corporation)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2021-06-01] (Microsoft Windows -> Realtek Semiconductor Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-06-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [452856 2022-06-22] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [91384 2022-06-22] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [2522256 2022-02-05] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 cpuz149; \??\C:\WINDOWS\temp\cpuz149\cpuz149_x64.sys [X]
S3 PRProt; \??\C:\Users\micha\AppData\Local\Temp\ActiveAnticheat\1223536\active64.sys [X] <==== ATTENTION
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-07-13 17:37 - 2022-07-13 17:37 - 000530944 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-07-13 17:37 - 2022-07-13 17:37 - 000470528 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-07-13 17:37 - 2022-07-13 17:37 - 000335872 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-07-13 17:37 - 2022-07-13 17:37 - 000015040 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-07-13 17:35 - 2022-07-13 17:35 - 000000000 ___HD C:\$WinREAgent
2022-07-10 12:40 - 2022-07-15 19:07 - 000000000 ____D C:\Users\micha\AppData\Roaming\Blitz
2022-07-10 12:40 - 2022-07-13 17:24 - 000000000 ____D C:\Users\micha\AppData\Local\blitz-updater
2022-07-10 12:40 - 2022-07-10 12:40 - 000002224 _____ C:\Users\micha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blitz.lnk
2022-07-10 12:38 - 2022-07-10 12:40 - 076190232 _____ (Blitz, Inc.) C:\Users\micha\Downloads\Blitz-1.17.5.exe
2022-07-10 12:37 - 2022-07-10 12:37 - 000006942 _____ C:\Users\micha\Downloads\moba-debug-logs-sun-10-jul-2022-10-37-19-gmt.json
2022-07-02 01:11 - 2022-07-02 01:11 - 000000000 ____D C:\Users\micha\.ms-ad
2022-06-26 14:16 - 2022-06-26 14:16 - 000000513 _____ C:\Users\micha\Downloads\L2Heyday.com - ZECmichalcz12.txt
2022-06-26 13:41 - 2022-06-26 14:09 - 267201548 _____ C:\Users\micha\Downloads\l2heyday_v1a.7z
2022-06-25 13:47 - 2022-07-05 22:30 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-06-25 13:47 - 2022-06-25 13:47 - 000000000 ____D C:\Program Files\Google
2022-06-25 13:46 - 2022-06-25 13:46 - 000003550 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{17E2BA56-AF40-46F5-BEEF-987FED1153C8}
2022-06-25 13:46 - 2022-06-25 13:46 - 000003426 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{50A76D15-CD66-4606-BFFA-2A6409EB6FE3}
2022-06-24 22:45 - 2022-06-24 22:47 - 393593277 _____ C:\Users\micha\Downloads\xvideos.com_5055f5a63afab7147a17ce63a959a9f2-1.mp4
2022-06-22 18:39 - 2022-07-15 19:13 - 000000000 ____D C:\FRST
2022-06-21 17:53 - 2022-06-21 17:53 - 003976017 _____ C:\Users\micha\Downloads\iCloud Photos.zip
2022-06-16 17:24 - 2022-06-16 17:24 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2022-06-16 17:24 - 2022-06-16 17:24 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2022-06-16 17:24 - 2022-06-16 17:24 - 000299008 _____ C:\WINDOWS\system32\EsclScan.dll
2022-06-16 17:24 - 2022-06-16 17:24 - 000180224 _____ C:\WINDOWS\system32\EsclProtocol.dll
2022-06-16 17:23 - 2022-06-16 17:23 - 000614400 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-07-15 19:13 - 2021-06-05 14:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-07-15 19:13 - 2021-06-05 14:09 - 000000000 ____D C:\WINDOWS\INF
2022-07-15 19:13 - 2020-02-04 10:10 - 000000000 ____D C:\ProgramData\NVIDIA
2022-07-15 19:12 - 2021-10-10 21:09 - 001714894 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-07-15 19:12 - 2021-06-05 19:20 - 000724600 _____ C:\WINDOWS\system32\perfh005.dat
2022-07-15 19:12 - 2021-06-05 19:20 - 000150562 _____ C:\WINDOWS\system32\perfc005.dat
2022-07-15 19:12 - 2021-03-19 20:01 - 000000000 ____D C:\Users\micha\Downloads\FRST-OlderVersion
2022-07-15 19:09 - 2021-09-12 09:55 - 000000000 ____D C:\Users\micha\AppData\Roaming\Spotify
2022-07-15 19:07 - 2022-02-12 11:58 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-07-15 19:07 - 2021-09-12 09:55 - 000000000 ____D C:\Users\micha\AppData\Local\Spotify
2022-07-15 19:07 - 2020-02-11 15:47 - 000000000 ____D C:\Program Files (x86)\Google
2022-07-15 19:06 - 2022-01-28 13:36 - 000000032 _____ C:\Users\micha\AppData\Roaming\.machineId
2022-07-15 19:06 - 2021-06-05 14:10 - 000000000 ___HD C:\Program Files\WindowsApps
2022-07-15 19:06 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-07-15 19:06 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-07-15 19:06 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-07-15 19:06 - 2021-03-11 12:33 - 000000000 ____D C:\Users\micha\AppData\LocalLow\Mozilla
2022-07-15 19:06 - 2020-11-20 21:16 - 000000000 ____D C:\Users\micha\AppData\Local\Discord
2022-07-15 19:06 - 2020-04-01 16:15 - 000000000 ____D C:\Users\micha\AppData\Roaming\discord
2022-07-15 19:06 - 2020-02-11 20:11 - 000000000 ____D C:\Program Files (x86)\Steam
2022-07-15 19:05 - 2021-10-10 21:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-07-15 19:05 - 2021-10-10 21:02 - 000328960 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-07-15 19:05 - 2021-10-10 21:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-07-15 19:05 - 2021-06-05 14:01 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-07-15 19:05 - 2020-11-16 02:12 - 000012288 ___SH C:\DumpStack.log.tmp
2022-07-15 19:04 - 2021-06-05 14:10 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-07-15 19:04 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2022-07-15 19:04 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-07-15 19:04 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SystemResources
2022-07-15 19:04 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\setup
2022-07-15 19:04 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-07-15 19:04 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2022-07-15 19:04 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-07-15 19:04 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-07-15 19:04 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-07-15 19:04 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\Provisioning
2022-07-15 19:04 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-07-15 19:04 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-07-15 18:38 - 2020-02-11 15:57 - 000000000 ____D C:\ProgramData\Riot Games
2022-07-15 17:33 - 2021-04-18 12:55 - 000000000 ____D C:\Users\micha\AppData\Local\Enlisted
2022-07-14 21:24 - 2021-12-18 11:22 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2039187500-3861812081-2781867699-1001
2022-07-14 21:24 - 2021-10-10 21:05 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2039187500-3861812081-2781867699-1001
2022-07-14 21:24 - 2020-11-16 02:13 - 000002388 _____ C:\Users\micha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-07-14 21:20 - 2020-02-04 10:08 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2022-07-14 18:57 - 2020-02-11 17:11 - 000000000 ____D C:\Users\micha\AppData\Local\D3DSCache
2022-07-14 17:45 - 2021-03-27 17:36 - 000000000 ____D C:\Users\micha\AppData\Local\Boom 3D
2022-07-14 17:35 - 2021-08-28 09:43 - 000003027 _____ C:\Users\micha\AppData\Roaming\Microsoft\Windows\Start Menu\Boom 3D.lnk
2022-07-13 19:23 - 2020-02-11 15:59 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-07-13 19:21 - 2020-02-11 15:59 - 146546848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-07-13 17:41 - 2021-06-05 14:01 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-07-13 17:37 - 2021-10-10 21:05 - 003101696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-07-10 18:55 - 2020-02-24 00:31 - 000000000 ____D C:\Users\micha\AppData\Roaming\vlc
2022-07-10 18:42 - 2020-02-14 17:40 - 000000000 ____D C:\Users\micha\AppData\Local\CrashDumps
2022-07-10 12:38 - 2022-04-22 17:28 - 000000000 ____D C:\Users\micha\AppData\Roaming\mobalytics-desktop
2022-07-08 16:37 - 2020-06-08 22:17 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-07-07 22:47 - 2021-10-10 20:42 - 000000000 ____D C:\Users\micha
2022-07-07 18:29 - 2022-01-11 18:52 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-07-07 18:29 - 2022-01-11 18:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-07-07 18:27 - 2022-01-11 18:52 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-07-07 18:27 - 2022-01-11 18:52 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-07-03 16:33 - 2020-02-23 23:58 - 000000000 ___RD C:\pergl
2022-07-02 16:44 - 2020-04-17 11:49 - 000000193 _____ C:\Users\micha\OneDrive\Dokumenty\fio Fuck4funn & riot.txt
2022-06-29 17:30 - 2020-02-11 16:33 - 000000000 ____D C:\Users\micha\AppData\Local\ElevatedDiagnostics
2022-06-28 19:53 - 2020-02-11 23:50 - 000000000 ____D C:\Users\micha\AppData\Roaming\Origin
2022-06-28 19:53 - 2020-02-11 23:50 - 000000000 ____D C:\ProgramData\Origin
2022-06-28 19:45 - 2020-02-11 23:50 - 000000000 ____D C:\Users\micha\AppData\Local\Origin
2022-06-28 19:15 - 2021-07-30 16:00 - 000000000 ____D C:\Program Files (x86)\Origin Games
2022-06-26 17:19 - 2020-02-11 23:57 - 000000000 ____D C:\Program Files (x86)\Origin
2022-06-25 13:47 - 2020-02-11 15:45 - 000000000 ____D C:\Users\micha\AppData\Local\Google
2022-06-22 18:43 - 2021-03-16 18:28 - 000125255 _____ C:\Users\micha\Downloads\Addition.txt
2022-06-22 18:43 - 2021-03-16 18:26 - 000040614 _____ C:\Users\micha\Downloads\FRST.txt
2022-06-22 17:22 - 2020-02-04 10:05 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-06-21 21:48 - 2020-02-22 01:16 - 000000000 ____D C:\Users\micha\AppData\Roaming\AIMP
2022-06-16 22:20 - 2021-06-05 19:28 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2022-06-16 22:20 - 2021-06-05 19:28 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-06-16 22:20 - 2021-06-05 14:10 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2022-06-16 22:20 - 2021-06-05 14:10 - 000000000 ___SD C:\WINDOWS\system32\F12
2022-06-16 22:20 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2022-06-16 22:20 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2022-06-16 22:20 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-06-16 22:20 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-06-16 22:20 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2022-06-16 22:20 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2022-06-16 22:20 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-06-16 22:20 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-06-16 22:20 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2022-06-16 22:20 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2022-06-16 22:20 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-06-16 22:20 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-06-16 22:20 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\id-ID
2022-06-16 22:20 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2022-06-16 22:20 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-06-16 22:20 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-06-16 22:20 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-06-16 22:20 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2022-06-16 22:20 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-06-16 17:17 - 2021-11-19 15:40 - 000003546 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d7be0989d97c5f
2022-06-16 17:17 - 2021-10-10 21:05 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-06-15 13:10 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
==================== Files in the root of some directories ========
2022-01-28 13:36 - 2022-07-15 19:06 - 000000032 _____ () C:\Users\micha\AppData\Roaming\.machineId
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Nevím si rady, je možné že je to virus?
Děkuji moc
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-07-2022
Ran by micha (administrator) on RTX2060 (ATComputers ALZA) (15-07-2022 19:13:17)
Running from C:\Users\micha\OneDrive\Plocha
Loaded Profiles: micha
Platform: Microsoft Windows 11 Home Version 21H2 22000.795 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe ->) (Qualcomm Atheros -> ) [File not signed] C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.545.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\103.0.1264.49\msedgewebview2.exe <6>
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCopyAccelerator.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe
(explorer.exe ->) (Global Delight Technologies Private Limited -> Global-Delight) C:\Program Files\Global Delight\Boom 3D\Boom3D.exe
(explorer.exe ->) (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(explorer.exe ->) (Spotify AB -> Spotify Ltd) C:\Users\micha\AppData\Roaming\Spotify\Spotify.exe <6>
(explorer.exe ->) (Swift Media Entertainment, Inc. -> Blitz, Inc.) C:\Users\micha\AppData\Local\Programs\Blitz\Blitz.exe <5>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <20>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Atheros) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe
(services.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft) C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_19c79fb6254e3b11\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(sihost.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.545.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
(svchost.exe ->) (Unpacker) [File not signed] C:\Users\micha\AppData\Roaming\Unpacker\Unpacker.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [CORSAIR iCUE Software] => C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe [405544 2020-01-29] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [707768 2022-03-10] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\RunOnce: [PreRun] => C:\Program Files (x86)\Gigabyte\AppCenter\PreRun.exe [14632 2016-02-26] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [134784 2014-02-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4282328 2022-06-07] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Run: [Discord] => C:\Users\micha\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Run: [Boom 3D] => C:\Program Files\Global Delight\Boom 3D\Boom3D.exe [465568 2022-07-11] (Global Delight Technologies Private Limited -> Global-Delight)
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Run: [Gaijin.Net Updater] => C:\Users\micha\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2793016 2022-06-02] (Gaijin Network LTD -> Gaijin)
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Run: [Spotify] => C:\Users\micha\AppData\Roaming\Spotify\Spotify.exe [19970464 2022-07-12] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Run: [com.blitz.app] => C:\Users\micha\AppData\Local\Programs\Blitz\Blitz.exe [121830648 2022-07-14] (Swift Media Entertainment, Inc. -> Blitz, Inc.)
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Run: [MobalyticsHQ.DesktopApp] => "C:\Users\micha\AppData\Local\Programs\mobalytics-desktop\Mobalytics Desktop.exe" (No File)
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Run: [electron.app.Mobalytics Desktop] => "C:\Users\micha\AppData\Local\Programs\mobalytics-desktop\Mobalytics Desktop.exe" (No File)
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Policies\Explorer\DisallowRun: [1] irsetup.exe
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\MountPoints2: {939d61fc-a614-11ec-a318-b42e99c6c37c} - "D:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\103.0.5060.114\Installer\chrmstp.exe [2022-07-05] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2022-03-02] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-02-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-02-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1B1B36BF-F648-4111-B747-6C54AB0BB67F} - System32\Tasks\PC HelpSoft Driver Updater notifications => C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\HDMSchedule.exe (No File) <==== ATTENTION
Task: {203D70EF-CE60-467A-B0D0-90795E48A2E3} - System32\Tasks\PC HelpSoft Driver Updater automatic scan and new device notifications => C:\Program Files (x86)\PC HelpSoft Driver Updater\HDMTray.exe (No File) <==== ATTENTION
Task: {29C56395-0749-42CD-87F1-CED9CC40F2BD} - System32\Tasks\GraphicsCardEngine => C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngineStarter.exe [232880 2019-05-07] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {2FCD907D-15B2-4A17-AF82-3732F88BD69A} - System32\Tasks\Purple => PurpleLauncher.exe --auto-run (No File)
Task: {32E76096-4A52-4A3C-AB6B-FACFEF01C50F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {394E68F9-193D-4D1D-98BA-8638B386407D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-09-14] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {4078AA30-D1F6-4D30-8826-D66117C379F4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {40CC0D87-E421-4AA2-8BE3-45B07F7C7A05} - System32\Tasks\LiquidSensord => C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\LiquidSensord.exe [251824 2019-05-07] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {5E5A1146-2B35-483D-AA9D-4C6A88295B1D} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-09-14] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {70A8B671-EB36-4B6A-8E92-5EC3C539BFE7} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {79AF2B12-6C66-44D0-BA80-DBB6955419B0} - System32\Tasks\SoundBass => C:\Users\micha\AppData\Roaming\Unpacker\Unpacker.exe [290332672 2021-07-30] (Unpacker) [File not signed] <==== ATTENTION
Task: {7F3423EE-DC45-4804-9C2E-804A7312571D} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-09-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {90134345-7BCC-4A3A-8AA9-8CF016A61DA1} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-09-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {94712085-3B7E-426B-83CE-00C46C4130F7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9BDB4F00-FCC4-401B-B78D-BF93F78A0472} - System32\Tasks\GoogleUpdateTaskMachineUA{17E2BA56-AF40-46F5-BEEF-987FED1153C8} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [168632 2022-06-25] (Google LLC -> Google LLC)
Task: {9E378670-5126-49C7-8D05-4878654A5557} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-09-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9F87E424-A387-438F-AC8C-C27BF4904C0F} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-09-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A7F9C378-3788-4111-A625-1BDADCEDC685} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A85588C4-0925-4657-8006-E880A2CF5277} - System32\Tasks\GoogleUpdateTaskMachineCore{50A76D15-CD66-4606-BFFA-2A6409EB6FE3} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [168632 2022-06-25] (Google LLC -> Google LLC)
Task: {BC9D1134-744B-4CE5-9B6B-11F4EFD82D72} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {D49F7FF4-0219-4623-AF82-9B462465CC1B} - System32\Tasks\Boom 3D App Updater => C:\Program Files\Global Delight\AppUpdater\Updater.exe [6144 2021-11-12] () [File not signed]
Task: {D5A429CE-B979-4891-9FAE-1410E43CF08D} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-09-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D5AD09EC-7CD6-45FC-9C6D-71968C560EB2} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-09-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DD1532A0-ED8B-4666-9CA2-303730464DED} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-09-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {ECF1B220-A533-4FE7-BAC8-369B920E1EBD} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-09-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F3220573-E110-4433-9786-AF63E53C9346} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {FDBBD1FC-7DF0-4649-87F3-1B4E28BEBB4A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{1c9091e5-cbed-403f-8952-5c8cbff6cdd1}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{2ae49ddd-672d-467c-8fc1-c5cf1da5de86}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{8f4b2b77-8370-49c5-a246-7eb7ec4ff163}: [DhcpNameServer] 192.168.2.1
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\micha\AppData\Local\Microsoft\Edge\User Data\Default [2022-06-16]
Edge Notifications: Default -> hxxps://www.ifortuna.cz
Edge HomePage: Default -> hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: 00lakxte.default
FF ProfilePath: C:\Users\micha\AppData\Roaming\Mozilla\Firefox\Profiles\00lakxte.default [2022-01-11]
FF ProfilePath: C:\Users\micha\AppData\Roaming\Mozilla\Firefox\Profiles\y0a19v2a.default-release [2022-07-15]
FF Homepage: Mozilla\Firefox\Profiles\y0a19v2a.default-release -> seznam.cz
FF Notifications: Mozilla\Firefox\Profiles\y0a19v2a.default-release -> hxxps://eune.op.gg
FF Extension: (ColorZilla) - C:\Users\micha\AppData\Roaming\Mozilla\Firefox\Profiles\y0a19v2a.default-release\Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}.xpi [2022-06-19]
FF Extension: (No Name) - C:\Users\micha\AppData\Roaming\Mozilla\Firefox\Profiles\y0a19v2a.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2022-07-05]
FF Plugin: @java.com/DTPlugin,version=11.331.2 -> C:\Program Files\Java\jre1.8.0_331\bin\dtplugin\npDeployJava1.dll [2022-04-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.331.2 -> C:\Program Files\Java\jre1.8.0_331\bin\plugin2\npjp2.dll [2022-04-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-07-05] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default [2022-07-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-06-25]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-07-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-06-25]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-02-25] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8901960 2022-01-14] (BattlEye Innovations e.K. -> )
R2 CorsairLLAService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe [384040 2020-01-29] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [55336 2020-01-29] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2022-02-12] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [584680 2022-06-04] (EasyAntiCheat Oy -> Epic Games, Inc.)
R2 EasyTuneEngineService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe [142768 2019-05-22] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 Gservice; C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe [19888 2016-12-02] (GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft)
R2 MyService1; C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe [18944 2021-04-08] () [File not signed]
S2 OcButtonService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\OcButtonService.exe [125872 2019-05-09] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2575624 2022-05-27] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3494672 2022-05-27] (Electronic Arts, Inc. -> Electronic Arts)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2017072 2022-01-27] (Rockstar Games, Inc. -> Rockstar Games)
S3 SmrtService; C:\ProgramData\SmartGuard\lineage2\smrt3d\release\Data\21a69c6aa89ec79ee3c698946173561aee8e0f72\smrtsvc64.exe [13143752 2021-12-23] (Eikonect Software SL -> )
S3 ucldr_battlegrounds_gl; C:\Program Files\Common Files\UNCHEATER\ucldr_battlegrounds_gl.exe [7152880 2022-01-29] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe [3120992 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe [133544 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WMIRegistrationService; C:\WINDOWS\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe [538736 2021-07-25] (Intel Corporation -> Intel Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-02-25] (Atheros) [File not signed]
S3 zksvc; C:\Program Files\Common Files\PUBG\zksvc.exe [8737992 2022-01-29] (PUBG CORPORATION -> PUBG Corporation)
S3 AAErrorPort; C:\Users\micha\AppData\Local\Temp\ActiveAnticheat\aaerrport.exe [X] <==== ATTENTION
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_19c79fb6254e3b11\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_19c79fb6254e3b11\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [507904 2021-09-13] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [180224 2021-06-05] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [98304 2021-06-05] (Microsoft Corporation) [File not signed]
R2 CorsairLLAccess3B84E98236B28D4E075D5737DF9F567A1FB76E8A; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys [21728 2020-01-15] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45984 2020-07-06] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21920 2020-07-06] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-12-12] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-12-12] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 EneTechIo; C:\Windows\system32\drivers\ene.sys [19968 2019-10-17] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 GDPL_BOOM; C:\WINDOWS\system32\drivers\boomvad.sys [51016 2021-06-17] (WDKTestCert Adarsh,131897759775447238 -> Windows (R) Win 7 DDK provider)
R3 gdrv2; C:\Windows\gdrv2.sys [32600 2020-02-04] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R3 gdrv3; C:\WINDOWS\System32\drivers\gdrv3.sys [41480 2022-03-12] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 GVCIDrv; C:\Program Files (x86)\GIGABYTE\RGBFusion\GVCIDrv64.sys [18432 2019-12-08] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 MpKslba7df588; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{29761927-5EA5-4232-9FB1-0DA79148BCFD}\MpKslDrv.sys [141576 2022-07-15] (Microsoft Windows -> Microsoft Corporation)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2021-06-01] (Microsoft Windows -> Realtek Semiconductor Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-06-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [452856 2022-06-22] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [91384 2022-06-22] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [2522256 2022-02-05] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 cpuz149; \??\C:\WINDOWS\temp\cpuz149\cpuz149_x64.sys [X]
S3 PRProt; \??\C:\Users\micha\AppData\Local\Temp\ActiveAnticheat\1223536\active64.sys [X] <==== ATTENTION
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-07-13 17:37 - 2022-07-13 17:37 - 000530944 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-07-13 17:37 - 2022-07-13 17:37 - 000470528 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-07-13 17:37 - 2022-07-13 17:37 - 000335872 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-07-13 17:37 - 2022-07-13 17:37 - 000015040 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-07-13 17:35 - 2022-07-13 17:35 - 000000000 ___HD C:\$WinREAgent
2022-07-10 12:40 - 2022-07-15 19:07 - 000000000 ____D C:\Users\micha\AppData\Roaming\Blitz
2022-07-10 12:40 - 2022-07-13 17:24 - 000000000 ____D C:\Users\micha\AppData\Local\blitz-updater
2022-07-10 12:40 - 2022-07-10 12:40 - 000002224 _____ C:\Users\micha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blitz.lnk
2022-07-10 12:38 - 2022-07-10 12:40 - 076190232 _____ (Blitz, Inc.) C:\Users\micha\Downloads\Blitz-1.17.5.exe
2022-07-10 12:37 - 2022-07-10 12:37 - 000006942 _____ C:\Users\micha\Downloads\moba-debug-logs-sun-10-jul-2022-10-37-19-gmt.json
2022-07-02 01:11 - 2022-07-02 01:11 - 000000000 ____D C:\Users\micha\.ms-ad
2022-06-26 14:16 - 2022-06-26 14:16 - 000000513 _____ C:\Users\micha\Downloads\L2Heyday.com - ZECmichalcz12.txt
2022-06-26 13:41 - 2022-06-26 14:09 - 267201548 _____ C:\Users\micha\Downloads\l2heyday_v1a.7z
2022-06-25 13:47 - 2022-07-05 22:30 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-06-25 13:47 - 2022-06-25 13:47 - 000000000 ____D C:\Program Files\Google
2022-06-25 13:46 - 2022-06-25 13:46 - 000003550 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{17E2BA56-AF40-46F5-BEEF-987FED1153C8}
2022-06-25 13:46 - 2022-06-25 13:46 - 000003426 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{50A76D15-CD66-4606-BFFA-2A6409EB6FE3}
2022-06-24 22:45 - 2022-06-24 22:47 - 393593277 _____ C:\Users\micha\Downloads\xvideos.com_5055f5a63afab7147a17ce63a959a9f2-1.mp4
2022-06-22 18:39 - 2022-07-15 19:13 - 000000000 ____D C:\FRST
2022-06-21 17:53 - 2022-06-21 17:53 - 003976017 _____ C:\Users\micha\Downloads\iCloud Photos.zip
2022-06-16 17:24 - 2022-06-16 17:24 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2022-06-16 17:24 - 2022-06-16 17:24 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2022-06-16 17:24 - 2022-06-16 17:24 - 000299008 _____ C:\WINDOWS\system32\EsclScan.dll
2022-06-16 17:24 - 2022-06-16 17:24 - 000180224 _____ C:\WINDOWS\system32\EsclProtocol.dll
2022-06-16 17:23 - 2022-06-16 17:23 - 000614400 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-07-15 19:13 - 2021-06-05 14:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-07-15 19:13 - 2021-06-05 14:09 - 000000000 ____D C:\WINDOWS\INF
2022-07-15 19:13 - 2020-02-04 10:10 - 000000000 ____D C:\ProgramData\NVIDIA
2022-07-15 19:12 - 2021-10-10 21:09 - 001714894 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-07-15 19:12 - 2021-06-05 19:20 - 000724600 _____ C:\WINDOWS\system32\perfh005.dat
2022-07-15 19:12 - 2021-06-05 19:20 - 000150562 _____ C:\WINDOWS\system32\perfc005.dat
2022-07-15 19:12 - 2021-03-19 20:01 - 000000000 ____D C:\Users\micha\Downloads\FRST-OlderVersion
2022-07-15 19:09 - 2021-09-12 09:55 - 000000000 ____D C:\Users\micha\AppData\Roaming\Spotify
2022-07-15 19:07 - 2022-02-12 11:58 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-07-15 19:07 - 2021-09-12 09:55 - 000000000 ____D C:\Users\micha\AppData\Local\Spotify
2022-07-15 19:07 - 2020-02-11 15:47 - 000000000 ____D C:\Program Files (x86)\Google
2022-07-15 19:06 - 2022-01-28 13:36 - 000000032 _____ C:\Users\micha\AppData\Roaming\.machineId
2022-07-15 19:06 - 2021-06-05 14:10 - 000000000 ___HD C:\Program Files\WindowsApps
2022-07-15 19:06 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-07-15 19:06 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-07-15 19:06 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-07-15 19:06 - 2021-03-11 12:33 - 000000000 ____D C:\Users\micha\AppData\LocalLow\Mozilla
2022-07-15 19:06 - 2020-11-20 21:16 - 000000000 ____D C:\Users\micha\AppData\Local\Discord
2022-07-15 19:06 - 2020-04-01 16:15 - 000000000 ____D C:\Users\micha\AppData\Roaming\discord
2022-07-15 19:06 - 2020-02-11 20:11 - 000000000 ____D C:\Program Files (x86)\Steam
2022-07-15 19:05 - 2021-10-10 21:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-07-15 19:05 - 2021-10-10 21:02 - 000328960 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-07-15 19:05 - 2021-10-10 21:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-07-15 19:05 - 2021-06-05 14:01 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-07-15 19:05 - 2020-11-16 02:12 - 000012288 ___SH C:\DumpStack.log.tmp
2022-07-15 19:04 - 2021-06-05 14:10 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-07-15 19:04 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2022-07-15 19:04 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-07-15 19:04 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SystemResources
2022-07-15 19:04 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\setup
2022-07-15 19:04 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-07-15 19:04 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2022-07-15 19:04 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-07-15 19:04 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-07-15 19:04 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-07-15 19:04 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\Provisioning
2022-07-15 19:04 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-07-15 19:04 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-07-15 18:38 - 2020-02-11 15:57 - 000000000 ____D C:\ProgramData\Riot Games
2022-07-15 17:33 - 2021-04-18 12:55 - 000000000 ____D C:\Users\micha\AppData\Local\Enlisted
2022-07-14 21:24 - 2021-12-18 11:22 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2039187500-3861812081-2781867699-1001
2022-07-14 21:24 - 2021-10-10 21:05 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2039187500-3861812081-2781867699-1001
2022-07-14 21:24 - 2020-11-16 02:13 - 000002388 _____ C:\Users\micha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-07-14 21:20 - 2020-02-04 10:08 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2022-07-14 18:57 - 2020-02-11 17:11 - 000000000 ____D C:\Users\micha\AppData\Local\D3DSCache
2022-07-14 17:45 - 2021-03-27 17:36 - 000000000 ____D C:\Users\micha\AppData\Local\Boom 3D
2022-07-14 17:35 - 2021-08-28 09:43 - 000003027 _____ C:\Users\micha\AppData\Roaming\Microsoft\Windows\Start Menu\Boom 3D.lnk
2022-07-13 19:23 - 2020-02-11 15:59 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-07-13 19:21 - 2020-02-11 15:59 - 146546848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-07-13 17:41 - 2021-06-05 14:01 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-07-13 17:37 - 2021-10-10 21:05 - 003101696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-07-10 18:55 - 2020-02-24 00:31 - 000000000 ____D C:\Users\micha\AppData\Roaming\vlc
2022-07-10 18:42 - 2020-02-14 17:40 - 000000000 ____D C:\Users\micha\AppData\Local\CrashDumps
2022-07-10 12:38 - 2022-04-22 17:28 - 000000000 ____D C:\Users\micha\AppData\Roaming\mobalytics-desktop
2022-07-08 16:37 - 2020-06-08 22:17 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-07-07 22:47 - 2021-10-10 20:42 - 000000000 ____D C:\Users\micha
2022-07-07 18:29 - 2022-01-11 18:52 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-07-07 18:29 - 2022-01-11 18:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-07-07 18:27 - 2022-01-11 18:52 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-07-07 18:27 - 2022-01-11 18:52 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-07-03 16:33 - 2020-02-23 23:58 - 000000000 ___RD C:\pergl
2022-07-02 16:44 - 2020-04-17 11:49 - 000000193 _____ C:\Users\micha\OneDrive\Dokumenty\fio Fuck4funn & riot.txt
2022-06-29 17:30 - 2020-02-11 16:33 - 000000000 ____D C:\Users\micha\AppData\Local\ElevatedDiagnostics
2022-06-28 19:53 - 2020-02-11 23:50 - 000000000 ____D C:\Users\micha\AppData\Roaming\Origin
2022-06-28 19:53 - 2020-02-11 23:50 - 000000000 ____D C:\ProgramData\Origin
2022-06-28 19:45 - 2020-02-11 23:50 - 000000000 ____D C:\Users\micha\AppData\Local\Origin
2022-06-28 19:15 - 2021-07-30 16:00 - 000000000 ____D C:\Program Files (x86)\Origin Games
2022-06-26 17:19 - 2020-02-11 23:57 - 000000000 ____D C:\Program Files (x86)\Origin
2022-06-25 13:47 - 2020-02-11 15:45 - 000000000 ____D C:\Users\micha\AppData\Local\Google
2022-06-22 18:43 - 2021-03-16 18:28 - 000125255 _____ C:\Users\micha\Downloads\Addition.txt
2022-06-22 18:43 - 2021-03-16 18:26 - 000040614 _____ C:\Users\micha\Downloads\FRST.txt
2022-06-22 17:22 - 2020-02-04 10:05 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-06-21 21:48 - 2020-02-22 01:16 - 000000000 ____D C:\Users\micha\AppData\Roaming\AIMP
2022-06-16 22:20 - 2021-06-05 19:28 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2022-06-16 22:20 - 2021-06-05 19:28 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-06-16 22:20 - 2021-06-05 14:10 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2022-06-16 22:20 - 2021-06-05 14:10 - 000000000 ___SD C:\WINDOWS\system32\F12
2022-06-16 22:20 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2022-06-16 22:20 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2022-06-16 22:20 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-06-16 22:20 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-06-16 22:20 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2022-06-16 22:20 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2022-06-16 22:20 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-06-16 22:20 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-06-16 22:20 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2022-06-16 22:20 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2022-06-16 22:20 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-06-16 22:20 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-06-16 22:20 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\id-ID
2022-06-16 22:20 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2022-06-16 22:20 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-06-16 22:20 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-06-16 22:20 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-06-16 22:20 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2022-06-16 22:20 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-06-16 17:17 - 2021-11-19 15:40 - 000003546 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d7be0989d97c5f
2022-06-16 17:17 - 2021-10-10 21:05 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-06-15 13:10 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
==================== Files in the root of some directories ========
2022-01-28 13:36 - 2022-07-15 19:06 - 000000032 _____ () C:\Users\micha\AppData\Roaming\.machineId
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================