Prosím o kontrolu
Napsal: 14 čer 2023 15:21
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-06-2023
Ran by micha (administrator) on RTX2060 (ATComputers ALZA) (14-06-2023 16:11:19)
Running from C:\Users\micha\OneDrive\Plocha\FRST64(1).exe
Loaded Profiles: micha
Platform: Microsoft Windows 11 Home Version 22H2 22621.1702 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <9>
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.11600.0.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\114.0.1823.43\msedgewebview2.exe <6>
(C:\Riot Games\Riot Client\RiotClientServices.exe ->) () [File not signed] C:\Riot Games\Riot Client\RiotClientCrashHandler.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe
(explorer.exe ->) (Global Delight Technologies Private Limited -> ) C:\Program Files\Global Delight\Boom 3D\Boom3D.exe
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Riot Games\Riot Client\RiotClientServices.exe
(explorer.exe ->) (Spotify AB -> Spotify Ltd) C:\Users\micha\AppData\Roaming\Spotify\Spotify.exe <6>
(explorer.exe ->) (Swift Media Entertainment, Inc. -> Blitz, Inc.) C:\Users\micha\AppData\Local\Programs\Blitz\Blitz.exe <5>
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.242\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.242\GoogleCrashHandler64.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <23>
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_059948e396d205d5\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.11600.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [CORSAIR iCUE Software] => C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe [405544 2020-01-29] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711288 2023-01-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4362600 2023-04-28] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Run: [Boom 3D] => C:\Program Files\Global Delight\Boom 3D\Boom3D.exe [465512 2023-04-20] (Global Delight Technologies Private Limited -> )
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Run: [Spotify] => C:\Users\micha\AppData\Roaming\Spotify\Spotify.exe [20984184 2023-06-10] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Run: [com.blitz.app] => C:\Users\micha\AppData\Local\Programs\Blitz\Blitz.exe [162280648 2023-06-04] (Swift Media Entertainment, Inc. -> Blitz, Inc.)
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Run: [MicrosoftEdgeAutoLaunch_ED02E366447D09E4F124EF89B233D989] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4113872 2023-06-08] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Run: [Discord] => C:\Users\micha\AppData\Local\Discord\Update.exe [1525016 2023-04-26] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Run: [RiotClient] => C:\Riot Games\Riot Client\RiotClientServices.exe [70738344 2023-06-12] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Policies\Explorer\DisallowRun: [1] irsetup.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\114.0.5735.110\Installer\chrmstp.exe [2023-06-09] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2022-12-24] (Adobe Inc. -> Adobe Systems, Inc.)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0328E049-7A4A-4627-865D-EA57E7431B91} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {1319CACA-70ED-4A91-9BB2-E5D2F432F2C0} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2023-01-27] (Nvidia Corporation -> NVIDIA Corporation)
Task: {20A366D9-E93F-4D6E-A823-4C7BE5407CB9} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [732064 2023-06-12] (Mozilla Corporation -> Mozilla Foundation)
Task: {234347B3-2463-4395-A0B7-61BB63DCD698} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2CF53CB0-B3F8-44C6-9FF6-719071839AAA} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe LogonUpdateResults (No File)
Task: {37014BAF-EEFB-4C76-BEAD-5A0BD11D2435} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {502ED7F6-03D6-4A3D-86A8-F0555EC48E82} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (No File)
Task: {5CE33833-7216-4204-A034-153900128AFA} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {62338717-132E-4BF2-BF0F-53A0E5698CBC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {70A8B671-EB36-4B6A-8E92-5EC3C539BFE7} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {76B236C7-46C5-4049-9FB9-E4C5D5AF1C8D} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7A56412B-097D-4875-8C1B-D045C821555E} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-15] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {80E18418-D35A-4116-9864-19EA26144B52} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {89B4490F-0D25-4959-BDA8-3D1FED320D08} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8E4CFC62-0167-48AE-841A-C1D0D05E9F62} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {978475F4-EADB-4452-ABE9-42BAD2C19E92} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (No File)
Task: {9CAB56CE-1534-43D5-A4E5-F8AE886FCCB4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A713B52F-0208-4A63-8F33-878DC553BE00} - System32\Tasks\GoogleUpdateTaskMachineCore{48EE3228-CA94-4494-9B7F-C52940CF401B} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [168632 2022-06-25] (Google LLC -> Google LLC)
Task: {B1584FD7-F3C2-4B04-9383-43D4118483C4} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BABED376-F065-4E42-95CC-6C35A40CEA7C} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D49F7FF4-0219-4623-AF82-9B462465CC1B} - System32\Tasks\Boom 3D App Updater => C:\Program Files\Global Delight\AppUpdater\Updater.exe [6144 2021-11-12] () [File not signed]
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {EDB06F8B-5CB9-4BE3-8ACC-EDDC4F152DF4} - System32\Tasks\GoogleUpdateTaskMachineUA{CEF93D1B-E371-44C4-9BA7-E9B52CAE39D7} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [168632 2022-06-25] (Google LLC -> Google LLC)
Task: {F3220573-E110-4433-9786-AF63E53C9346} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [680352 2023-06-12] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{2ae49ddd-672d-467c-8fc1-c5cf1da5de86}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{8f4b2b77-8370-49c5-a246-7eb7ec4ff163}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{e310e8a2-8b2e-4c4a-8b5e-dc370d074535}: [DhcpNameServer] 172.20.10.1
Edge:
=======
Edge Profile: C:\Users\micha\AppData\Local\Microsoft\Edge\User Data\Default [2023-05-10]
Edge Notifications: Default -> hxxps://www.ifortuna.cz
Edge HomePage: Default -> hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
Edge Extension: (Edge relevant text changes) - C:\Users\micha\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-04-30]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: 00lakxte.default
FF ProfilePath: C:\Users\micha\AppData\Roaming\Mozilla\Firefox\Profiles\00lakxte.default [2022-07-19]
FF ProfilePath: C:\Users\micha\AppData\Roaming\Mozilla\Firefox\Profiles\y0a19v2a.default-release [2023-06-14]
FF Homepage: Mozilla\Firefox\Profiles\y0a19v2a.default-release -> seznam.cz
FF Notifications: Mozilla\Firefox\Profiles\y0a19v2a.default-release -> hxxps://eune.op.gg; hxxps://www.instagram.com; hxxps://www.op.gg
FF Extension: (ColorZilla) - C:\Users\micha\AppData\Roaming\Mozilla\Firefox\Profiles\y0a19v2a.default-release\Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}.xpi [2022-06-19]
FF Extension: (Return YouTube Dislike) - C:\Users\micha\AppData\Roaming\Mozilla\Firefox\Profiles\y0a19v2a.default-release\Extensions\{762f9885-5a13-4abd-9c77-433dcd38b8fd}.xpi [2023-05-12]
FF Extension: (No Name) - C:\Users\micha\AppData\Roaming\Mozilla\Firefox\Profiles\y0a19v2a.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2023-05-04]
FF Extension: (Add-ons Restricted Domains) - C:\Users\micha\AppData\Roaming\Mozilla\Firefox\Profiles\y0a19v2a.default-release\features\{50fce5e7-6853-4947-8ced-8662f99f1e9b}\addons-restricted-domains@mozilla.com.xpi [2023-06-13]
FF Plugin: @java.com/DTPlugin,version=11.361.2 -> C:\Program Files\Java\jre1.8.0_361\bin\dtplugin\npDeployJava1.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.361.2 -> C:\Program Files\Java\jre1.8.0_361\bin\plugin2\npjp2.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-05-04] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default [2023-06-10]
CHR Notifications: Default -> hxxps://invv7n.reepratic.com; hxxps://reepratic.com
CHR Extension: (Dokumenty Google offline) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-06-10]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-06-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-06-25]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8885112 2022-11-06] (BattlEye Innovations e.K. -> )
R2 CorsairLLAService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe [384040 2020-01-29] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [55336 2020-01-29] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2022-10-08] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029456 2023-05-16] (Epic Games Inc. -> Epic Games, Inc.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2575624 2022-05-27] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3494672 2022-05-27] (Electronic Arts, Inc. -> Electronic Arts)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2017072 2022-01-27] (Rockstar Games, Inc. -> Rockstar Games) [File not signed]
S3 SmrtService; C:\ProgramData\SmartGuard\lineage2\smrt3d\release\Data\2b67c3ccd0d71e2037ebdf99a5a5c9caaffe4d3a\smrtsvc64.exe [13980504 2023-01-13] (Eikonect Software SL -> )
S3 ucldr_battlegrounds_gl; C:\Program Files\Common Files\Wellbia.com\ucldr_battlegrounds_gl.exe [5950504 2022-12-02] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\NisSrv.exe [3232576 2023-06-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe [133592 2023-06-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 zksvc; C:\Program Files\Common Files\PUBG\zksvc.exe [10011208 2022-12-02] (PUBG CORPORATION -> KRAFTON, Inc)
S3 AAErrorPort; C:\Users\micha\AppData\Local\Temp\ActiveAnticheat\aaerrport.exe [X] <==== ATTENTION
S3 BrYNSvc; "C:\Program Files (x86)\Browny02\BrYNSvc.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_059948e396d205d5\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_059948e396d205d5\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
R2 CorsairLLAccess3B84E98236B28D4E075D5737DF9F567A1FB76E8A; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys [21728 2020-01-15] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45984 2020-07-06] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21920 2020-07-06] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-12-12] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-12-12] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S1 EneTechIo; C:\Windows\system32\drivers\ene.sys [19968 2019-10-17] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 GDPL_BOOM; C:\WINDOWS\system32\drivers\boomvad.sys [46632 2023-04-20] (WDKTestCert Adarsh,133180870191105194 -> Windows (R) Win 7 DDK provider)
S3 gdrv3; C:\WINDOWS\System32\drivers\gdrv3.sys [45248 2022-11-05] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 GVCIDrv; C:\Program Files (x86)\GIGABYTE\RGBFusion\GVCIDrv64.sys [18432 2019-12-08] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 MpKsl0c9ba643; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BE5067FD-1B18-4FE8-B342-38FA9D22DD05}\MpKslDrv.sys [213288 2023-06-14] (Microsoft Windows -> Microsoft Corporation)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2022-05-06] (Microsoft Windows -> Realtek Semiconductor Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2023-06-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [498944 2023-06-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99568 2023-06-10] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [1445920 2022-12-04] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 PRProt; \??\C:\Users\micha\AppData\Local\Temp\ActiveAnticheat\1223745\active64.sys [X] <==== ATTENTION
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-06-14 14:24 - 2023-06-14 14:24 - 000725758 _____ C:\WINDOWS\system32\perfh005.dat
2023-06-14 14:24 - 2023-06-14 14:24 - 000151026 _____ C:\WINDOWS\system32\perfc005.dat
2023-06-14 11:36 - 2023-06-14 11:36 - 000098204 _____ C:\Users\micha\Downloads\priloha_1154004585_0_VypisROS-2.pdf
2023-06-14 11:36 - 2023-06-14 11:36 - 000001391 _____ C:\Users\micha\Downloads\priloha_1154004585_1_VypisROS(1).csv
2023-06-14 11:35 - 2023-06-14 11:35 - 000198736 _____ C:\Users\micha\Downloads\priloha_1202949222_0_DT_na_zkoušku.pdf
2023-06-10 13:38 - 2023-06-10 13:38 - 000911548 _____ C:\Users\micha\Downloads\Invoice 60046.pdf
2023-06-10 13:24 - 2023-06-10 13:24 - 000187592 _____ C:\Users\micha\Downloads\000037404538_Potvrdenie o úhrade diaľničnej známky,_202306101324.pdf
2023-05-20 22:07 - 2023-06-14 10:28 - 000000000 ____D C:\Users\micha\AppData\Local\Discord
2023-05-20 22:06 - 2023-05-20 22:07 - 095510296 _____ (Discord Inc.) C:\Users\micha\Downloads\DiscordSetup.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-06-14 16:12 - 2020-02-11 20:11 - 000000000 ____D C:\Program Files (x86)\Steam
2023-06-14 16:11 - 2022-06-22 18:39 - 000000000 ____D C:\FRST
2023-06-14 16:09 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-06-14 16:07 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-06-14 15:41 - 2020-02-11 15:47 - 000000000 ____D C:\Program Files (x86)\Google
2023-06-14 15:29 - 2021-09-12 09:55 - 000000000 ____D C:\Users\micha\AppData\Local\Spotify
2023-06-14 14:24 - 2023-01-22 12:58 - 001718028 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-06-14 14:24 - 2022-05-07 07:22 - 000000000 ____D C:\WINDOWS\INF
2023-06-14 14:12 - 2021-09-12 09:55 - 000000000 ____D C:\Users\micha\AppData\Roaming\Spotify
2023-06-14 13:32 - 2020-02-11 15:57 - 000000000 ____D C:\ProgramData\Riot Games
2023-06-14 12:25 - 2020-02-04 10:10 - 000000000 ____D C:\ProgramData\NVIDIA
2023-06-14 10:34 - 2020-02-14 17:40 - 000000000 ____D C:\Users\micha\AppData\Local\CrashDumps
2023-06-14 10:31 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-06-14 10:29 - 2022-02-12 11:58 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-06-14 10:28 - 2022-09-24 12:06 - 000000000 ____D C:\Users\micha\AppData\Roaming\Blitz
2023-06-14 10:28 - 2022-01-28 13:36 - 000000032 _____ C:\Users\micha\AppData\Roaming\.machineId
2023-06-14 10:28 - 2020-04-01 16:15 - 000000000 ____D C:\Users\micha\AppData\Roaming\discord
2023-06-13 22:13 - 2020-06-05 12:35 - 000000000 ____D C:\Users\micha\AppData\Roaming\.minecraft
2023-06-13 21:57 - 2020-04-17 11:49 - 000000301 _____ C:\Users\micha\OneDrive\Dokumenty\fio Fuck4funn & riot.txt
2023-06-13 21:46 - 2020-02-11 17:11 - 000000000 ____D C:\Users\micha\AppData\Local\D3DSCache
2023-06-13 21:43 - 2020-06-05 12:35 - 000000000 ____D C:\Program Files (x86)\Minecraft Launcher
2023-06-13 20:35 - 2023-01-22 02:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-06-13 20:35 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2023-06-13 20:35 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-06-12 23:01 - 2020-02-24 00:31 - 000000000 ____D C:\Users\micha\AppData\Roaming\vlc
2023-06-12 17:03 - 2022-01-11 18:52 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-06-12 17:03 - 2022-01-11 18:52 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-06-12 15:23 - 2020-02-11 15:41 - 000000000 ____D C:\Users\micha\AppData\Local\Packages
2023-06-11 12:10 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-06-10 19:41 - 2020-02-04 10:05 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-06-10 16:05 - 2023-01-22 02:37 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2039187500-3861812081-2781867699-1001
2023-06-10 16:05 - 2023-01-22 02:37 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2039187500-3861812081-2781867699-1001
2023-06-10 16:05 - 2022-11-30 18:51 - 000002388 _____ C:\Users\micha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-06-10 13:14 - 2020-06-08 22:17 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-06-09 19:14 - 2022-06-25 13:47 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-06-02 20:30 - 2023-01-11 18:56 - 000002224 _____ C:\Users\micha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blitz.lnk
2023-05-20 22:07 - 2020-04-01 16:15 - 000000000 ____D C:\Users\micha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2023-05-20 22:07 - 2020-04-01 16:15 - 000000000 ____D C:\Users\micha\AppData\Local\SquirrelTemp
2023-05-19 14:35 - 2023-04-11 01:00 - 000003844 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{CEF93D1B-E371-44C4-9BA7-E9B52CAE39D7}
2023-05-19 14:35 - 2023-04-11 01:00 - 000003720 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{48EE3228-CA94-4494-9B7F-C52940CF401B}
2023-05-17 19:19 - 2020-02-04 10:10 - 000000000 ____D C:\ProgramData\Packages
==================== Files in the root of some directories ========
2022-01-28 13:36 - 2023-06-14 10:28 - 000000032 _____ () C:\Users\micha\AppData\Roaming\.machineId
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Ran by micha (administrator) on RTX2060 (ATComputers ALZA) (14-06-2023 16:11:19)
Running from C:\Users\micha\OneDrive\Plocha\FRST64(1).exe
Loaded Profiles: micha
Platform: Microsoft Windows 11 Home Version 22H2 22621.1702 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <9>
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.11600.0.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\114.0.1823.43\msedgewebview2.exe <6>
(C:\Riot Games\Riot Client\RiotClientServices.exe ->) () [File not signed] C:\Riot Games\Riot Client\RiotClientCrashHandler.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe
(explorer.exe ->) (Global Delight Technologies Private Limited -> ) C:\Program Files\Global Delight\Boom 3D\Boom3D.exe
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Riot Games\Riot Client\RiotClientServices.exe
(explorer.exe ->) (Spotify AB -> Spotify Ltd) C:\Users\micha\AppData\Roaming\Spotify\Spotify.exe <6>
(explorer.exe ->) (Swift Media Entertainment, Inc. -> Blitz, Inc.) C:\Users\micha\AppData\Local\Programs\Blitz\Blitz.exe <5>
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.242\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.242\GoogleCrashHandler64.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <23>
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_059948e396d205d5\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.11600.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [CORSAIR iCUE Software] => C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe [405544 2020-01-29] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711288 2023-01-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4362600 2023-04-28] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Run: [Boom 3D] => C:\Program Files\Global Delight\Boom 3D\Boom3D.exe [465512 2023-04-20] (Global Delight Technologies Private Limited -> )
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Run: [Spotify] => C:\Users\micha\AppData\Roaming\Spotify\Spotify.exe [20984184 2023-06-10] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Run: [com.blitz.app] => C:\Users\micha\AppData\Local\Programs\Blitz\Blitz.exe [162280648 2023-06-04] (Swift Media Entertainment, Inc. -> Blitz, Inc.)
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Run: [MicrosoftEdgeAutoLaunch_ED02E366447D09E4F124EF89B233D989] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4113872 2023-06-08] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Run: [Discord] => C:\Users\micha\AppData\Local\Discord\Update.exe [1525016 2023-04-26] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Run: [RiotClient] => C:\Riot Games\Riot Client\RiotClientServices.exe [70738344 2023-06-12] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-2039187500-3861812081-2781867699-1001\...\Policies\Explorer\DisallowRun: [1] irsetup.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\114.0.5735.110\Installer\chrmstp.exe [2023-06-09] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2022-12-24] (Adobe Inc. -> Adobe Systems, Inc.)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0328E049-7A4A-4627-865D-EA57E7431B91} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {1319CACA-70ED-4A91-9BB2-E5D2F432F2C0} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2023-01-27] (Nvidia Corporation -> NVIDIA Corporation)
Task: {20A366D9-E93F-4D6E-A823-4C7BE5407CB9} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [732064 2023-06-12] (Mozilla Corporation -> Mozilla Foundation)
Task: {234347B3-2463-4395-A0B7-61BB63DCD698} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2CF53CB0-B3F8-44C6-9FF6-719071839AAA} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe LogonUpdateResults (No File)
Task: {37014BAF-EEFB-4C76-BEAD-5A0BD11D2435} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {502ED7F6-03D6-4A3D-86A8-F0555EC48E82} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (No File)
Task: {5CE33833-7216-4204-A034-153900128AFA} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {62338717-132E-4BF2-BF0F-53A0E5698CBC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {70A8B671-EB36-4B6A-8E92-5EC3C539BFE7} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {76B236C7-46C5-4049-9FB9-E4C5D5AF1C8D} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7A56412B-097D-4875-8C1B-D045C821555E} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-15] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {80E18418-D35A-4116-9864-19EA26144B52} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {89B4490F-0D25-4959-BDA8-3D1FED320D08} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8E4CFC62-0167-48AE-841A-C1D0D05E9F62} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {978475F4-EADB-4452-ABE9-42BAD2C19E92} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (No File)
Task: {9CAB56CE-1534-43D5-A4E5-F8AE886FCCB4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A713B52F-0208-4A63-8F33-878DC553BE00} - System32\Tasks\GoogleUpdateTaskMachineCore{48EE3228-CA94-4494-9B7F-C52940CF401B} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [168632 2022-06-25] (Google LLC -> Google LLC)
Task: {B1584FD7-F3C2-4B04-9383-43D4118483C4} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BABED376-F065-4E42-95CC-6C35A40CEA7C} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D49F7FF4-0219-4623-AF82-9B462465CC1B} - System32\Tasks\Boom 3D App Updater => C:\Program Files\Global Delight\AppUpdater\Updater.exe [6144 2021-11-12] () [File not signed]
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {EDB06F8B-5CB9-4BE3-8ACC-EDDC4F152DF4} - System32\Tasks\GoogleUpdateTaskMachineUA{CEF93D1B-E371-44C4-9BA7-E9B52CAE39D7} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [168632 2022-06-25] (Google LLC -> Google LLC)
Task: {F3220573-E110-4433-9786-AF63E53C9346} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [680352 2023-06-12] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{2ae49ddd-672d-467c-8fc1-c5cf1da5de86}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{8f4b2b77-8370-49c5-a246-7eb7ec4ff163}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{e310e8a2-8b2e-4c4a-8b5e-dc370d074535}: [DhcpNameServer] 172.20.10.1
Edge:
=======
Edge Profile: C:\Users\micha\AppData\Local\Microsoft\Edge\User Data\Default [2023-05-10]
Edge Notifications: Default -> hxxps://www.ifortuna.cz
Edge HomePage: Default -> hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
Edge Extension: (Edge relevant text changes) - C:\Users\micha\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-04-30]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: 00lakxte.default
FF ProfilePath: C:\Users\micha\AppData\Roaming\Mozilla\Firefox\Profiles\00lakxte.default [2022-07-19]
FF ProfilePath: C:\Users\micha\AppData\Roaming\Mozilla\Firefox\Profiles\y0a19v2a.default-release [2023-06-14]
FF Homepage: Mozilla\Firefox\Profiles\y0a19v2a.default-release -> seznam.cz
FF Notifications: Mozilla\Firefox\Profiles\y0a19v2a.default-release -> hxxps://eune.op.gg; hxxps://www.instagram.com; hxxps://www.op.gg
FF Extension: (ColorZilla) - C:\Users\micha\AppData\Roaming\Mozilla\Firefox\Profiles\y0a19v2a.default-release\Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}.xpi [2022-06-19]
FF Extension: (Return YouTube Dislike) - C:\Users\micha\AppData\Roaming\Mozilla\Firefox\Profiles\y0a19v2a.default-release\Extensions\{762f9885-5a13-4abd-9c77-433dcd38b8fd}.xpi [2023-05-12]
FF Extension: (No Name) - C:\Users\micha\AppData\Roaming\Mozilla\Firefox\Profiles\y0a19v2a.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2023-05-04]
FF Extension: (Add-ons Restricted Domains) - C:\Users\micha\AppData\Roaming\Mozilla\Firefox\Profiles\y0a19v2a.default-release\features\{50fce5e7-6853-4947-8ced-8662f99f1e9b}\addons-restricted-domains@mozilla.com.xpi [2023-06-13]
FF Plugin: @java.com/DTPlugin,version=11.361.2 -> C:\Program Files\Java\jre1.8.0_361\bin\dtplugin\npDeployJava1.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.361.2 -> C:\Program Files\Java\jre1.8.0_361\bin\plugin2\npjp2.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-05-04] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default [2023-06-10]
CHR Notifications: Default -> hxxps://invv7n.reepratic.com; hxxps://reepratic.com
CHR Extension: (Dokumenty Google offline) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-06-10]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-06-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-06-25]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8885112 2022-11-06] (BattlEye Innovations e.K. -> )
R2 CorsairLLAService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe [384040 2020-01-29] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [55336 2020-01-29] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2022-10-08] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029456 2023-05-16] (Epic Games Inc. -> Epic Games, Inc.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2575624 2022-05-27] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3494672 2022-05-27] (Electronic Arts, Inc. -> Electronic Arts)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2017072 2022-01-27] (Rockstar Games, Inc. -> Rockstar Games) [File not signed]
S3 SmrtService; C:\ProgramData\SmartGuard\lineage2\smrt3d\release\Data\2b67c3ccd0d71e2037ebdf99a5a5c9caaffe4d3a\smrtsvc64.exe [13980504 2023-01-13] (Eikonect Software SL -> )
S3 ucldr_battlegrounds_gl; C:\Program Files\Common Files\Wellbia.com\ucldr_battlegrounds_gl.exe [5950504 2022-12-02] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\NisSrv.exe [3232576 2023-06-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe [133592 2023-06-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 zksvc; C:\Program Files\Common Files\PUBG\zksvc.exe [10011208 2022-12-02] (PUBG CORPORATION -> KRAFTON, Inc)
S3 AAErrorPort; C:\Users\micha\AppData\Local\Temp\ActiveAnticheat\aaerrport.exe [X] <==== ATTENTION
S3 BrYNSvc; "C:\Program Files (x86)\Browny02\BrYNSvc.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_059948e396d205d5\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_059948e396d205d5\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
R2 CorsairLLAccess3B84E98236B28D4E075D5737DF9F567A1FB76E8A; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys [21728 2020-01-15] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45984 2020-07-06] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21920 2020-07-06] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-12-12] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-12-12] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S1 EneTechIo; C:\Windows\system32\drivers\ene.sys [19968 2019-10-17] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 GDPL_BOOM; C:\WINDOWS\system32\drivers\boomvad.sys [46632 2023-04-20] (WDKTestCert Adarsh,133180870191105194 -> Windows (R) Win 7 DDK provider)
S3 gdrv3; C:\WINDOWS\System32\drivers\gdrv3.sys [45248 2022-11-05] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 GVCIDrv; C:\Program Files (x86)\GIGABYTE\RGBFusion\GVCIDrv64.sys [18432 2019-12-08] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 MpKsl0c9ba643; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BE5067FD-1B18-4FE8-B342-38FA9D22DD05}\MpKslDrv.sys [213288 2023-06-14] (Microsoft Windows -> Microsoft Corporation)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2022-05-06] (Microsoft Windows -> Realtek Semiconductor Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2023-06-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [498944 2023-06-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99568 2023-06-10] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [1445920 2022-12-04] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 PRProt; \??\C:\Users\micha\AppData\Local\Temp\ActiveAnticheat\1223745\active64.sys [X] <==== ATTENTION
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-06-14 14:24 - 2023-06-14 14:24 - 000725758 _____ C:\WINDOWS\system32\perfh005.dat
2023-06-14 14:24 - 2023-06-14 14:24 - 000151026 _____ C:\WINDOWS\system32\perfc005.dat
2023-06-14 11:36 - 2023-06-14 11:36 - 000098204 _____ C:\Users\micha\Downloads\priloha_1154004585_0_VypisROS-2.pdf
2023-06-14 11:36 - 2023-06-14 11:36 - 000001391 _____ C:\Users\micha\Downloads\priloha_1154004585_1_VypisROS(1).csv
2023-06-14 11:35 - 2023-06-14 11:35 - 000198736 _____ C:\Users\micha\Downloads\priloha_1202949222_0_DT_na_zkoušku.pdf
2023-06-10 13:38 - 2023-06-10 13:38 - 000911548 _____ C:\Users\micha\Downloads\Invoice 60046.pdf
2023-06-10 13:24 - 2023-06-10 13:24 - 000187592 _____ C:\Users\micha\Downloads\000037404538_Potvrdenie o úhrade diaľničnej známky,_202306101324.pdf
2023-05-20 22:07 - 2023-06-14 10:28 - 000000000 ____D C:\Users\micha\AppData\Local\Discord
2023-05-20 22:06 - 2023-05-20 22:07 - 095510296 _____ (Discord Inc.) C:\Users\micha\Downloads\DiscordSetup.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-06-14 16:12 - 2020-02-11 20:11 - 000000000 ____D C:\Program Files (x86)\Steam
2023-06-14 16:11 - 2022-06-22 18:39 - 000000000 ____D C:\FRST
2023-06-14 16:09 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-06-14 16:07 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-06-14 15:41 - 2020-02-11 15:47 - 000000000 ____D C:\Program Files (x86)\Google
2023-06-14 15:29 - 2021-09-12 09:55 - 000000000 ____D C:\Users\micha\AppData\Local\Spotify
2023-06-14 14:24 - 2023-01-22 12:58 - 001718028 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-06-14 14:24 - 2022-05-07 07:22 - 000000000 ____D C:\WINDOWS\INF
2023-06-14 14:12 - 2021-09-12 09:55 - 000000000 ____D C:\Users\micha\AppData\Roaming\Spotify
2023-06-14 13:32 - 2020-02-11 15:57 - 000000000 ____D C:\ProgramData\Riot Games
2023-06-14 12:25 - 2020-02-04 10:10 - 000000000 ____D C:\ProgramData\NVIDIA
2023-06-14 10:34 - 2020-02-14 17:40 - 000000000 ____D C:\Users\micha\AppData\Local\CrashDumps
2023-06-14 10:31 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-06-14 10:29 - 2022-02-12 11:58 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-06-14 10:28 - 2022-09-24 12:06 - 000000000 ____D C:\Users\micha\AppData\Roaming\Blitz
2023-06-14 10:28 - 2022-01-28 13:36 - 000000032 _____ C:\Users\micha\AppData\Roaming\.machineId
2023-06-14 10:28 - 2020-04-01 16:15 - 000000000 ____D C:\Users\micha\AppData\Roaming\discord
2023-06-13 22:13 - 2020-06-05 12:35 - 000000000 ____D C:\Users\micha\AppData\Roaming\.minecraft
2023-06-13 21:57 - 2020-04-17 11:49 - 000000301 _____ C:\Users\micha\OneDrive\Dokumenty\fio Fuck4funn & riot.txt
2023-06-13 21:46 - 2020-02-11 17:11 - 000000000 ____D C:\Users\micha\AppData\Local\D3DSCache
2023-06-13 21:43 - 2020-06-05 12:35 - 000000000 ____D C:\Program Files (x86)\Minecraft Launcher
2023-06-13 20:35 - 2023-01-22 02:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-06-13 20:35 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2023-06-13 20:35 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-06-12 23:01 - 2020-02-24 00:31 - 000000000 ____D C:\Users\micha\AppData\Roaming\vlc
2023-06-12 17:03 - 2022-01-11 18:52 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-06-12 17:03 - 2022-01-11 18:52 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-06-12 15:23 - 2020-02-11 15:41 - 000000000 ____D C:\Users\micha\AppData\Local\Packages
2023-06-11 12:10 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-06-10 19:41 - 2020-02-04 10:05 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-06-10 16:05 - 2023-01-22 02:37 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2039187500-3861812081-2781867699-1001
2023-06-10 16:05 - 2023-01-22 02:37 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2039187500-3861812081-2781867699-1001
2023-06-10 16:05 - 2022-11-30 18:51 - 000002388 _____ C:\Users\micha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-06-10 13:14 - 2020-06-08 22:17 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-06-09 19:14 - 2022-06-25 13:47 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-06-02 20:30 - 2023-01-11 18:56 - 000002224 _____ C:\Users\micha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blitz.lnk
2023-05-20 22:07 - 2020-04-01 16:15 - 000000000 ____D C:\Users\micha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2023-05-20 22:07 - 2020-04-01 16:15 - 000000000 ____D C:\Users\micha\AppData\Local\SquirrelTemp
2023-05-19 14:35 - 2023-04-11 01:00 - 000003844 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{CEF93D1B-E371-44C4-9BA7-E9B52CAE39D7}
2023-05-19 14:35 - 2023-04-11 01:00 - 000003720 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{48EE3228-CA94-4494-9B7F-C52940CF401B}
2023-05-17 19:19 - 2020-02-04 10:10 - 000000000 ____D C:\ProgramData\Packages
==================== Files in the root of some directories ========
2022-01-28 13:36 - 2023-06-14 10:28 - 000000032 _____ () C:\Users\micha\AppData\Roaming\.machineId
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================