Ok, děkuji za objnasnění.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-01-2023
Ran by micha (administrator) on RTX2060 (ATComputers ALZA) (19-01-2023 19:14:50)
Running from C:\Users\micha\OneDrive\Plocha
Loaded Profiles: micha
Platform: Microsoft Windows 11 Home Version 21H2 22000.1455 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_422.33900.0.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.52\msedgewebview2.exe <6>
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCopyAccelerator.exe
(C:\Windows\UUS\amd64\MoUsoCoreWorker.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoNotificationUx.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe
(explorer.exe ->) (Global Delight Technologies Private Limited -> Global-Delight) C:\Program Files\Global Delight\Boom 3D\Boom3D.exe
(explorer.exe ->) (Spotify AB -> Spotify Ltd) C:\Users\micha\AppData\Roaming\Spotify\Spotify.exe <6>
(explorer.exe ->) (Swift Media Entertainment, Inc. -> Blitz, Inc.) C:\Users\micha\AppData\Local\Programs\Blitz\Blitz.exe <5>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <26>
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_19c79fb6254e3b11\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(sihost.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22102.229.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\MoUsoCoreWorker.exe
(svchost.exe ->) (Unpacker) [File not signed] C:\Users\micha\AppData\Roaming\Unpacker\Unpacker.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [CORSAIR iCUE Software] => C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe [405544 2020-01-29] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711288 2023-01-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4246376 2022-12-15] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Run: [Boom 3D] => C:\Program Files\Global Delight\Boom 3D\Boom3D.exe [465568 2022-07-29] (Global Delight Technologies Private Limited -> Global-Delight)
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Run: [Spotify] => C:\Users\micha\AppData\Roaming\Spotify\Spotify.exe [20422520 2022-12-09] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Run: [MobalyticsHQ.DesktopApp] => "C:\Users\micha\AppData\Local\Programs\mobalytics-desktop\Mobalytics Desktop.exe" (No File)
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Run: [electron.app.Mobalytics Desktop] => "C:\Users\micha\AppData\Local\Programs\mobalytics-desktop\Mobalytics Desktop.exe" (No File)
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Run: [com.blitz.app] => C:\Users\micha\AppData\Local\Programs\Blitz\Blitz.exe [130395848 2023-01-18] (Swift Media Entertainment, Inc. -> Blitz, Inc.)
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Policies\Explorer\DisallowRun: [1] irsetup.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\109.0.5414.75\Installer\chrmstp.exe [2023-01-18] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2022-12-24] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] ->
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] ->
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0DED5193-48D5-4ADC-880B-F332E453A558} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [647424 2022-05-04] (Nvidia Corporation -> NVIDIA Corporation)
Task: {0E8A0FF6-FFB5-4406-8D8E-3F967A558CB7} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1649920 2022-05-04] (Nvidia Corporation -> NVIDIA Corporation)
Task: {20CA0181-C907-4315-8E39-B2A76DD475A5} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-25] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {49F7BC1B-E5DC-4CCE-BF8A-86A1F7A2D768} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {70A8B671-EB36-4B6A-8E92-5EC3C539BFE7} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {72FBF00F-9CDB-4433-AC76-31CD08C66FF4} - System32\Tasks\GoogleUpdateTaskMachineUA{AC9986A4-F60C-4124-AC58-12D905C67CD9} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [168632 2022-06-25] (Google LLC -> Google LLC)
Task: {79AF2B12-6C66-44D0-BA80-DBB6955419B0} - System32\Tasks\SoundBass => C:\Users\micha\AppData\Roaming\Unpacker\Unpacker.exe [290332672 2021-07-30] (Unpacker) [File not signed] <==== ATTENTION
Task: {825EB19E-95CD-4D12-BC82-7933E191EE5A} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1649920 2022-05-04] (Nvidia Corporation -> NVIDIA Corporation)
Task: {8FE46749-E453-4C26-B83C-7B5A3F6BF0FB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A85588C4-0925-4657-8006-E880A2CF5277} - System32\Tasks\GoogleUpdateTaskMachineCore{50A76D15-CD66-4606-BFFA-2A6409EB6FE3} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [168632 2022-06-25] (Google LLC -> Google LLC)
Task: {AC469810-92C1-4314-BC95-437335DDDDFE} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {B4923D90-C16F-4B40-A83C-C7519C09D949} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3341432 2022-05-06] (Nvidia Corporation -> NVIDIA Corporation)
Task: {B6AC7231-3876-427E-8830-135F6DE75D2C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C148F974-4502-4D2E-9BF0-1D129D11F81E} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1649920 2022-05-04] (Nvidia Corporation -> NVIDIA Corporation)
Task: {C640955E-80C4-401A-B114-CC3098BC8D0A} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1649920 2022-05-04] (Nvidia Corporation -> NVIDIA Corporation)
Task: {D2F08D19-A8B8-434D-944E-368F11F18A1A} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905984 2022-05-04] (Nvidia Corporation -> NVIDIA Corporation)
Task: {D49F7FF4-0219-4623-AF82-9B462465CC1B} - System32\Tasks\Boom 3D App Updater => C:\Program Files\Global Delight\AppUpdater\Updater.exe [6144 2021-11-12] () [File not signed]
Task: {EC499A8F-E60B-4D3D-A3B8-257A9ED5F42E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F3220573-E110-4433-9786-AF63E53C9346} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {F92F2E36-2BAD-45DB-ABA6-17B4AB4E724B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {FF172D4D-3812-4A33-B57C-7745BA01DD83} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905984 2022-05-04] (Nvidia Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{1c9091e5-cbed-403f-8952-5c8cbff6cdd1}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{2ae49ddd-672d-467c-8fc1-c5cf1da5de86}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{8f4b2b77-8370-49c5-a246-7eb7ec4ff163}: [DhcpNameServer] 192.168.2.1
Edge:
=======
Edge Profile: C:\Users\micha\AppData\Local\Microsoft\Edge\User Data\Default [2022-12-28]
Edge Notifications: Default -> hxxps://
www.ifortuna.cz
Edge HomePage: Default -> hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: 00lakxte.default
FF ProfilePath: C:\Users\micha\AppData\Roaming\Mozilla\Firefox\Profiles\00lakxte.default [2022-07-19]
FF ProfilePath: C:\Users\micha\AppData\Roaming\Mozilla\Firefox\Profiles\y0a19v2a.default-release [2023-01-19]
FF Homepage: Mozilla\Firefox\Profiles\y0a19v2a.default-release -> seznam.cz
FF Notifications: Mozilla\Firefox\Profiles\y0a19v2a.default-release -> hxxps://eune.op.gg; hxxps://
www.instagram.com; hxxps://
www.tiktok.com; hxxps://
www.op.gg
FF Extension: (ColorZilla) - C:\Users\micha\AppData\Roaming\Mozilla\Firefox\Profiles\y0a19v2a.default-release\Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}.xpi [2022-06-19]
FF Extension: (Return YouTube Dislike) - C:\Users\micha\AppData\Roaming\Mozilla\Firefox\Profiles\y0a19v2a.default-release\Extensions\{762f9885-5a13-4abd-9c77-433dcd38b8fd}.xpi [2023-01-03]
FF Extension: (No Name) - C:\Users\micha\AppData\Roaming\Mozilla\Firefox\Profiles\y0a19v2a.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2022-12-05]
FF Plugin: @java.com/DTPlugin,version=11.361.2 -> C:\Program Files\Java\jre1.8.0_361\bin\dtplugin\npDeployJava1.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.361.2 -> C:\Program Files\Java\jre1.8.0_361\bin\plugin2\npjp2.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-12-24] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default [2023-01-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-09-02]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-01-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-06-25]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8885112 2022-11-06] (BattlEye Innovations e.K. -> )
R2 CorsairLLAService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe [384040 2020-01-29] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [55336 2020-01-29] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2022-10-08] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [584680 2022-06-03] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029456 2023-01-03] (Epic Games Inc. -> Epic Games, Inc.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2575624 2022-05-27] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3494672 2022-05-27] (Electronic Arts, Inc. -> Electronic Arts)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2017072 2022-01-27] (Rockstar Games, Inc. -> Rockstar Games)
S3 SmrtService; C:\ProgramData\SmartGuard\lineage2\smrt3d\release\Data\2b67c3ccd0d71e2037ebdf99a5a5c9caaffe4d3a\smrtsvc64.exe [13980504 2023-01-13] (Eikonect Software SL -> )
S3 ucldr_battlegrounds_gl; C:\Program Files\Common Files\Wellbia.com\ucldr_battlegrounds_gl.exe [5950504 2022-12-02] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe [3191264 2022-12-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe [133592 2022-12-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 zksvc; C:\Program Files\Common Files\PUBG\zksvc.exe [10011208 2022-12-02] (PUBG CORPORATION -> KRAFTON, Inc)
S3 AAErrorPort; C:\Users\micha\AppData\Local\Temp\ActiveAnticheat\aaerrport.exe [X] <==== ATTENTION
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_19c79fb6254e3b11\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_19c79fb6254e3b11\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [98304 2021-06-05] (Microsoft Corporation) [File not signed]
R2 CorsairLLAccess3B84E98236B28D4E075D5737DF9F567A1FB76E8A; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys [21728 2020-01-15] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45984 2020-07-06] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21920 2020-07-06] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-12-12] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-12-12] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 EneTechIo; C:\Windows\system32\drivers\ene.sys [19968 2019-10-17] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 GDPL_BOOM; C:\WINDOWS\system32\drivers\boomvad.sys [51016 2021-06-17] (WDKTestCert Adarsh,131897759775447238 -> Windows (R) Win 7 DDK provider)
S3 gdrv3; C:\WINDOWS\System32\drivers\gdrv3.sys [45248 2022-11-05] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 GVCIDrv; C:\Program Files (x86)\GIGABYTE\RGBFusion\GVCIDrv64.sys [18432 2019-12-08] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 MpKsl0f868f9f; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F24F93CB-AD6B-4881-97E5-6C4463FD87EB}\MpKslDrv.sys [214280 2023-01-19] (Microsoft Windows -> Microsoft Corporation)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2021-06-01] (Microsoft Windows -> Realtek Semiconductor Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2022-12-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [473376 2022-12-02] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99616 2022-12-02] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [1445920 2022-12-04] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S0 BTATH_BUS; System32\drivers\btath_bus.sys [X]
S3 cpuz149; \??\C:\WINDOWS\temp\cpuz149\cpuz149_x64.sys [X]
S3 PRProt; \??\C:\Users\micha\AppData\Local\Temp\ActiveAnticheat\1223694\active64.sys [X] <==== ATTENTION
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-01-13 18:21 - 2023-01-13 18:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reborn
2023-01-11 19:49 - 2023-01-11 19:49 - 000000000 ___HD C:\$WinREAgent
2023-01-11 17:56 - 2023-01-12 17:56 - 000002224 _____ C:\Users\micha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blitz.lnk
2023-01-05 15:42 - 2023-01-05 15:42 - 000001024 _____ C:\Users\micha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Updater_C4.lnk
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-01-19 19:15 - 2022-06-22 17:39 - 000000000 ____D C:\FRST
2023-01-19 18:46 - 2021-09-12 08:55 - 000000000 ____D C:\Users\micha\AppData\Roaming\Spotify
2023-01-19 18:39 - 2020-02-11 14:47 - 000000000 ____D C:\Program Files (x86)\Google
2023-01-19 18:26 - 2021-06-05 13:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-01-19 18:10 - 2021-09-12 08:55 - 000000000 ____D C:\Users\micha\AppData\Local\Spotify
2023-01-19 18:08 - 2020-02-14 16:40 - 000000000 ____D C:\Users\micha\AppData\Local\CrashDumps
2023-01-19 18:08 - 2020-02-11 14:57 - 000000000 ____D C:\ProgramData\Riot Games
2023-01-19 17:50 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-01-19 17:50 - 2020-02-11 16:11 - 000000000 ____D C:\Users\micha\AppData\Local\D3DSCache
2023-01-19 17:48 - 2020-02-11 19:11 - 000000000 ____D C:\Program Files (x86)\Steam
2023-01-19 17:46 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-01-19 17:46 - 2020-02-04 09:10 - 000000000 ____D C:\ProgramData\NVIDIA
2023-01-19 17:44 - 2022-02-12 10:58 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-01-19 17:40 - 2022-09-24 11:06 - 000000000 ____D C:\Users\micha\AppData\Roaming\Blitz
2023-01-19 17:40 - 2022-01-28 12:36 - 000000032 _____ C:\Users\micha\AppData\Roaming\.machineId
2023-01-18 19:23 - 2021-10-09 16:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2023-01-18 19:23 - 2021-10-09 16:55 - 000000000 ____D C:\Program Files\Java
2023-01-18 18:11 - 2022-01-11 17:52 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-01-18 18:11 - 2022-01-11 17:52 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2023-01-18 18:11 - 2022-01-11 17:52 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-01-18 18:11 - 2022-01-11 17:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-01-18 18:07 - 2022-11-30 17:51 - 000002388 _____ C:\Users\micha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-01-18 18:07 - 2021-12-18 10:22 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2039187500-3861812081-2781867699-1001
2023-01-18 18:07 - 2021-10-10 20:05 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2039187500-3861812081-2781867699-1001
2023-01-18 18:00 - 2022-06-25 12:47 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-01-17 17:52 - 2021-06-05 13:10 - 000000000 ___HD C:\Program Files\WindowsApps
2023-01-17 17:38 - 2020-06-08 21:17 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-01-16 23:15 - 2021-10-10 20:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-01-15 17:22 - 2020-02-23 23:31 - 000000000 ____D C:\Users\micha\AppData\Roaming\vlc
2023-01-15 14:45 - 2020-03-11 22:15 - 000000000 ____D C:\Users\micha\AppData\Roaming\Awesomium
2023-01-13 23:37 - 2021-10-10 19:42 - 000000000 ____D C:\Users\micha
2023-01-13 22:34 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\ServiceState
2023-01-13 21:25 - 2021-10-10 20:09 - 001714894 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-01-13 21:25 - 2021-06-05 18:20 - 000724600 _____ C:\WINDOWS\system32\perfh005.dat
2023-01-13 21:25 - 2021-06-05 18:20 - 000150562 _____ C:\WINDOWS\system32\perfc005.dat
2023-01-13 21:25 - 2021-06-05 13:09 - 000000000 ____D C:\WINDOWS\INF
2023-01-13 21:25 - 2021-03-11 11:33 - 000000000 ____D C:\Users\micha\AppData\LocalLow\Mozilla
2023-01-13 21:18 - 2021-10-10 20:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-01-13 21:18 - 2020-11-16 01:12 - 000012288 ___SH C:\DumpStack.log.tmp
2023-01-13 18:20 - 2020-08-16 09:53 - 000000000 ____D C:\Lineage II
2023-01-13 17:02 - 2021-06-05 13:01 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-01-11 21:30 - 2021-10-10 20:02 - 000328960 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-01-11 21:30 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SystemResources
2023-01-11 21:30 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-01-11 21:30 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-01-11 20:14 - 2020-02-11 14:59 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-01-11 20:11 - 2020-02-11 14:59 - 150199536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-01-11 19:53 - 2021-06-05 13:01 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-01-11 19:51 - 2021-10-10 20:05 - 003110912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-01-11 18:10 - 2022-10-11 16:47 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2023-01-09 09:10 - 2021-10-09 16:55 - 000195232 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2023-01-08 14:19 - 2021-03-27 16:36 - 000000000 ____D C:\Users\micha\AppData\Local\Boom 3D
2023-01-06 08:15 - 2021-10-10 20:05 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-01-06 08:15 - 2021-10-10 20:05 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-01-05 16:42 - 2020-02-23 22:58 - 000000000 ___RD C:\pergl
2022-12-30 15:00 - 2020-05-25 14:14 - 000000000 ____D C:\Users\micha\AppData\Local\Roblox
2022-12-30 14:57 - 2022-09-05 22:10 - 000000000 ____D C:\Users\micha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2022-12-30 14:57 - 2020-05-25 14:14 - 000000256 _____ C:\Users\micha\AppData\LocalLow\rbxcsettings.rbx
2022-12-26 18:38 - 2020-05-26 22:23 - 000000000 ____D C:\Users\micha\AppData\Local\Battle.net
2022-12-22 11:06 - 2020-05-26 22:23 - 000000000 ____D C:\Program Files (x86)\World of Warcraft
==================== Files in the root of some directories ========
2022-01-28 12:36 - 2023-01-19 17:40 - 000000032 _____ () C:\Users\micha\AppData\Roaming\.machineId
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================