Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-01-2020 01
Ran by Agent (administrator) on DESKTOP-T54QBQ1 (Gigabyte Technology Co., Ltd. To be filled by O.E.M.) (23-01-2020 20:59:33)
Running from C:\Users\Agent\Desktop
Loaded Profiles: Agent (Available Profiles: Agent)
Platform: Windows 10 Pro Version 1909 18363.592 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\SPEEDLINK\VIRTUIS Advanced Gaming Keyboard\Monitor.EXE
() [File not signed] C:\Program Files (x86)\SPEEDLINK\VIRTUIS Advanced Gaming Keyboard\OSD.exe
() [File not signed] C:\Users\Agent\AppData\Local\SmartGenius\resources\KeyboardDriver\SmartHID.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Aslain ) [File not signed] C:\Users\Agent\Downloads\Aslains_WoT_Modpack_Installer_v.1.7.0.2_19.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(KYE SYSTEMS CORP. -> ) C:\Users\Agent\AppData\Local\SmartGenius\resources\KeyboardDriver\SmartFore.exe
(KYE SYSTEMS CORP. -> GitHub, Inc.) C:\Users\Agent\AppData\Local\SmartGenius\SmartGenius.exe
(KYE SYSTEMS CORP. -> GitHub, Inc.) C:\Users\Agent\AppData\Local\SmartGenius\SmartGenius.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Agent\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12001.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a3efb8aa9e9e249a\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a3efb8aa9e9e249a\Display.NvContainer\NVDisplay.Container.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SmartGenius] => C:\Users\Agent\AppData\Local\SmartGenius\SmartGenius.exe [93723136 2019-10-26] (KYE SYSTEMS CORP. -> GitHub, Inc.)
HKLM\...\Run: [RunSmartForeFile] => C:\Users\Agent\AppData\Local\SmartGenius\resources\KeyboardDriver\SmartHIDStart.exe [524288 2019-10-16] () [File not signed]
HKLM\...\Run: [RunSmartHIDFile] => C:\Users\Agent\AppData\Local\SmartGenius\resources\KeyboardDriver\SmartHID.exe [815616 2019-10-16] () [File not signed]
HKLM-x32\...\Run: [SL-6481 Gaming Keyboard] => C:\Program Files (x86)\SPEEDLINK\VIRTUIS Advanced Gaming Keyboard\Monitor.exe [1976832 2014-06-21] () [File not signed]
HKU\S-1-5-21-357395720-4081436159-901972258-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2414456 2019-12-18] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-357395720-4081436159-901972258-1001\...\Run: [X7OscarLite] => C:\Program Files (x86)\X7OscarLite\X7OscarLite\X7OscarLite.exe [13070064 2018-05-03] (A FOUR TECH CO., LTD. -> )
HKU\S-1-5-21-357395720-4081436159-901972258-1001\...\MountPoints2: {ee9fa2ff-c576-11e8-ba2c-902b3458fe0b} - "E:\iStudio.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-17] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01B1C61D-E6B8-44FB-855B-68AA602713C4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653848 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {08FD9B59-C7D5-42EC-BE89-A0F72BB0077A} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0B6A13EC-DA89-4706-8E5A-A054501A5C2D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-10-03] (Google Inc -> Google Inc.)
Task: {11D80942-41A5-4CF1-AEB7-D2623A7C4293} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {14A6985A-7AE5-4871-9E93-70910DDECF7F} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [791232 2019-09-15] (Kaspersky Lab -> AO Kaspersky Lab)
Task: {18794D21-ADFC-4192-829A-0AEE96E427EF} - System32\Tasks\MaiSoft\QA-de_010D14EF-D5AB-41EE-ADFB-96D42EBD9150 => C:\Users\Agent\AppData\Local\QA\Helper.vbs [Argument = -run $(Arg0)]
Task: {3250A391-4BE4-466C-A72F-629AD337B853} - System32\Tasks\MaiSoft\QA_010D14EF-D5AB-41EE-ADFB-96D42EBD9150 => C:\Users\Agent\AppData\Local\QA\Helper.vbs [Argument = -run $(Arg0)]
Task: {348A80F7-DDEB-4684-86A7-A9244A5813A5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {3A75F282-C4E9-460C-A2C1-87A217E38966} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3CAA405F-1C25-4B00-8673-7604878633DC} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4342157F-F391-47FD-92C5-5E77A17D0397} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5D68FA6D-F381-4985-AFD5-BCF6C1BCBEFE} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {683EB72E-122A-4749-9754-0908AB93927A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {6A72A600-EE8F-4663-B75F-4DD816B9A78A} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {909DB51D-66C6-43A3-A0A5-0F3623D6399C} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9746180B-53A1-4072-A661-F4EBAF4B0344} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-10-03] (Google Inc -> Google Inc.)
Task: {9D90E225-8D5D-42E9-8FE3-CDF6D0ED3860} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D18269C5-9661-47E9-8D1E-974000DD40A9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {F7665A4B-6BEB-474A-BA08-DBAAE2229C68} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302880 2019-12-09] (NVIDIA Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{a6117354-5a7e-462d-b3b7-9b932c6351bd}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{dc203d49-5893-4b0d-b49d-cc9f229343f1}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2019-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> D:\Office\Office15\OCHelper.dll [2019-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> D:\Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - D:\Office\Office15\MSOSB.DLL [2018-03-14] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [light_plugin_B29D4AD94F82454BBC9215BCBD7E80AE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Ochrana Kaspersky) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\FFExt\light_plugin_firefox\addon.xpi [2019-12-19]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_B29D4AD94F82454BBC9215BCBD7E80AE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-06-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> D:\Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Notifications: Default -> hxxps://www.facebook.com; hxxps://www.knihcentrum.cz; hxxps://www.megaknihy.cz
CHR Profile: C:\Users\Agent\AppData\Local\Google\Chrome\User Data\Default [2020-01-23]
CHR Extension: (Prezentace) - C:\Users\Agent\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-10-03]
CHR Extension: (Dokumenty) - C:\Users\Agent\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-10-03]
CHR Extension: (Disk Google) - C:\Users\Agent\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-09]
CHR Extension: (Zhasnout světla) - C:\Users\Agent\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2020-01-20]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\Agent\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2019-10-08]
CHR Extension: (YouTube) - C:\Users\Agent\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-10-03]
CHR Extension: (Adobe Acrobat) - C:\Users\Agent\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-09-30]
CHR Extension: (Ochrana Kaspersky) - C:\Users\Agent\AppData\Local\Google\Chrome\User Data\Default\Extensions\elhpdacimkjpccooodognopfhbdgnpbk [2019-11-25]
CHR Extension: (Tabulky) - C:\Users\Agent\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-10-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\Agent\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-09]
CHR Extension: (Rozšíření Odběry RSS (od Googlu)) - C:\Users\Agent\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd [2018-10-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Agent\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-09-30]
CHR Extension: (Gmail) - C:\Users\Agent\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-15]
CHR Extension: (Chrome Media Router) - C:\Users\Agent\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-17]
CHR Profile: C:\Users\Agent\AppData\Local\Google\Chrome\User Data\System Profile [2019-12-04]
CHR HKLM\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps://chrome.google.com/webstore/detail/elhpdacimkjpccooodognopfhbdgnpbk
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps://chrome.google.com/webstore/detail/elhpdacimkjpccooodognopfhbdgnpbk
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AVP20.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\avp.exe [357416 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klvssbridge64_20.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\vssbridge64.exe [438928 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab)
S2 KSDE4.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 4.0\ksde.exe [619752 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\NisSrv.exe [3004048 2019-10-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MsMpEng.exe [103384 2019-10-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a3efb8aa9e9e249a\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a3efb8aa9e9e249a\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [246912 2019-02-16] (Kaspersky Lab -> AO Kaspersky Lab)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 gKbdfltr; C:\WINDOWS\System32\drivers\gKbdfltr.sys [29576 2019-10-16] (KYE SYSTEMS CORP. -> )
R3 ioFakDrv; C:\WINDOWS\System32\drivers\ioFakDrv.sys [35928 2019-10-16] (KYE Systems Corp -> KYE System Corp.)
R3 ioFakMap; C:\WINDOWS\System32\drivers\ioFakMap.sys [24664 2019-10-16] (KYE Systems Corp -> KYE System Corp.)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [79696 2019-12-19] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [145304 2019-12-19] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [93312 2019-03-12] (Kaspersky Lab -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [37816 2019-01-24] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [251512 2019-10-31] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [516216 2019-09-17] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [1123664 2019-10-17] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klids; C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\klids.sys [201280 2019-12-16] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [998016 2019-10-31] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [58192 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [79184 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [59512 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [51328 2019-03-13] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [45904 2019-03-10] (Kaspersky Lab -> AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [48592 2018-03-16] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [251256 2019-10-14] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [99152 2019-09-15] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [306248 2019-10-15] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [119744 2019-10-15] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [204520 2019-10-16] (Kaspersky Lab -> AO Kaspersky Lab)
S4 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [105600 2019-03-05] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [211048 2019-12-19] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [232272 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
R3 L1C; C:\WINDOWS\System32\drivers\L1C63x64.sys [121344 2019-03-19] (Microsoft Windows -> Qualcomm Atheros Co., Ltd.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a3efb8aa9e9e249a\nvlddmkm.sys [23231744 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-12-07] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46688 2019-10-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [350136 2019-10-02] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54200 2019-10-02] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-23 20:59 - 2020-01-23 21:00 - 000023512 _____ C:\Users\Agent\Desktop\FRST.txt
2020-01-23 20:58 - 2020-01-23 20:58 - 002580480 _____ (Farbar) C:\Users\Agent\Desktop\FRST64.exe
2020-01-23 18:37 - 2020-01-23 18:52 - 148678505 _____ (Aslain ) C:\Users\Agent\Downloads\Aslains_WoT_Modpack_Installer_v.1.7.0.2_19.exe
2020-01-23 18:15 - 2020-01-23 18:15 - 000000000 ____D C:\WINDOWS\system32\Tasks\S-1-5-21-357395720-4081436159-901972258-1001
2020-01-21 17:29 - 2020-01-21 17:35 - 147950841 _____ (Aslain ) C:\Users\Agent\Downloads\Aslains_WoT_Modpack_Installer_v.1.7.0.2_18 (1).exe
2020-01-20 16:22 - 2020-01-20 16:23 - 008237744 _____ (Malwarebytes) C:\Users\Agent\Downloads\adwcleaner_8.0.1.exe
2020-01-20 16:11 - 2020-01-20 16:11 - 000155555 _____ C:\Users\Agent\Downloads\faktura-vf1-26073-2019.pdf
2020-01-19 13:23 - 2020-01-19 13:28 - 147950841 _____ (Aslain ) C:\Users\Agent\Downloads\Aslains_WoT_Modpack_Installer_v.1.7.0.2_18.exe
2020-01-16 18:33 - 2020-01-16 18:33 - 000000000 ____D C:\Program Files (x86)\AnyMP4 Studio
2020-01-16 18:31 - 2020-01-16 18:32 - 044975864 _____ (AnyMP4 Studio ) C:\Users\Agent\Downloads\blu-ray-player.exe
2020-01-16 14:51 - 2020-01-16 14:51 - 025900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 009928208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-01-16 14:51 - 2020-01-16 14:51 - 008012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 007016448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 006520480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 005913600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-01-16 14:51 - 2020-01-16 14:51 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 002801152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-01-16 14:51 - 2020-01-16 14:51 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-01-16 14:51 - 2020-01-16 14:51 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 002494464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 002473976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 001985928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 001655880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 001399096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-01-16 14:51 - 2020-01-16 14:51 - 001330952 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 001106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-01-16 14:51 - 2020-01-16 14:51 - 001051664 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 001020032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-01-16 14:51 - 2020-01-16 14:51 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000678712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-01-16 14:51 - 2020-01-16 14:51 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-01-16 14:51 - 2020-01-16 14:51 - 000542496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000432256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-01-16 14:51 - 2020-01-16 14:51 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-01-16 14:51 - 2020-01-16 14:51 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000363840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-01-16 14:51 - 2020-01-16 14:51 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-01-16 14:51 - 2020-01-16 14:51 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-01-16 14:51 - 2020-01-16 14:51 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssrvlic.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-01-16 14:51 - 2020-01-16 14:51 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000162696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-01-16 14:51 - 2020-01-16 14:51 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tsusbhub.sys
2020-01-16 14:51 - 2020-01-16 14:51 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000127520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-01-16 14:51 - 2020-01-16 14:51 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\LSCSHostPolicy.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\lstelemetry.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiatrace.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-01-16 14:45 - 2020-01-16 14:45 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-01-16 14:45 - 2020-01-16 14:45 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-01-15 19:28 - 2020-01-15 21:13 - 000013913 _____ C:\ProgramData\DisplaySessionContainer74.log_backup1
2020-01-15 17:13 - 2020-01-15 19:28 - 000013516 _____ C:\ProgramData\DisplaySessionContainer73.log_backup1
2020-01-15 16:01 - 2020-01-15 16:01 - 000155582 _____ C:\Users\Agent\Downloads\faktura-vf1-0060-2020.pdf
2020-01-15 14:59 - 2020-01-15 17:13 - 000013158 _____ C:\ProgramData\DisplaySessionContainer72.log_backup1
2020-01-14 20:45 - 2020-01-15 14:59 - 000013905 _____ C:\ProgramData\DisplaySessionContainer71.log_backup1
2020-01-14 19:58 - 2020-01-14 20:45 - 000013512 _____ C:\ProgramData\DisplaySessionContainer70.log_backup1
2020-01-14 17:23 - 2020-01-14 19:58 - 000013897 _____ C:\ProgramData\DisplaySessionContainer69.log_backup1
2020-01-14 17:13 - 2020-01-14 17:23 - 000013913 _____ C:\ProgramData\DisplaySessionContainer68.log_backup1
2020-01-14 14:45 - 2020-01-14 17:13 - 000013520 _____ C:\ProgramData\DisplaySessionContainer67.log_backup1
2020-01-13 22:26 - 2020-01-14 14:45 - 000013520 _____ C:\ProgramData\DisplaySessionContainer66.log_backup1
2020-01-12 20:53 - 2020-01-13 22:26 - 000013913 _____ C:\ProgramData\DisplaySessionContainer65.log_backup1
2020-01-12 16:59 - 2020-01-12 20:53 - 000012218 _____ C:\ProgramData\DisplaySessionContainer64.log_backup1
2020-01-12 01:37 - 2020-01-12 16:30 - 000013905 _____ C:\ProgramData\DisplaySessionContainer63.log_backup1
2020-01-11 22:38 - 2020-01-12 01:37 - 000013512 _____ C:\ProgramData\DisplaySessionContainer62.log_backup1
2020-01-11 16:28 - 2020-01-11 22:38 - 000013524 _____ C:\ProgramData\DisplaySessionContainer61.log_backup1
2020-01-11 14:20 - 2020-01-11 16:28 - 000013913 _____ C:\ProgramData\DisplaySessionContainer60.log_backup1
2020-01-11 12:18 - 2020-01-11 14:20 - 000013905 _____ C:\ProgramData\DisplaySessionContainer59.log_backup1
2020-01-11 10:20 - 2020-01-11 12:18 - 000013516 _____ C:\ProgramData\DisplaySessionContainer58.log_backup1
2020-01-11 06:37 - 2020-01-11 10:20 - 000013516 _____ C:\ProgramData\DisplaySessionContainer57.log_backup1
2020-01-11 00:27 - 2020-01-11 06:37 - 000013905 _____ C:\ProgramData\DisplaySessionContainer56.log_backup1
2020-01-10 19:03 - 2020-01-11 00:27 - 000013913 _____ C:\ProgramData\DisplaySessionContainer55.log_backup1
2020-01-10 14:38 - 2020-01-10 19:03 - 000013520 _____ C:\ProgramData\DisplaySessionContainer54.log_backup1
2020-01-09 22:00 - 2020-01-10 14:38 - 000013512 _____ C:\ProgramData\DisplaySessionContainer53.log_backup1
2020-01-09 19:19 - 2020-01-09 22:00 - 000013913 _____ C:\ProgramData\DisplaySessionContainer52.log_backup1
2020-01-09 16:32 - 2020-01-09 19:19 - 000013516 _____ C:\ProgramData\DisplaySessionContainer51.log_backup1
2020-01-08 22:54 - 2020-01-09 16:32 - 000013520 _____ C:\ProgramData\DisplaySessionContainer50.log_backup1
2020-01-08 16:46 - 2020-01-08 22:54 - 000013516 _____ C:\ProgramData\DisplaySessionContainer49.log_backup1
2020-01-08 13:41 - 2020-01-08 16:46 - 000013512 _____ C:\ProgramData\DisplaySessionContainer48.log_backup1
2020-01-08 09:29 - 2020-01-08 13:41 - 000013905 _____ C:\ProgramData\DisplaySessionContainer47.log_backup1
2020-01-07 23:12 - 2020-01-08 09:29 - 000013520 _____ C:\ProgramData\DisplaySessionContainer46.log_backup1
2020-01-07 16:36 - 2020-01-07 16:36 - 001181171 _____ C:\Users\Agent\Downloads\Návod k použití CZ.pdf
2020-01-07 07:10 - 2020-01-07 23:12 - 000013166 _____ C:\ProgramData\DisplaySessionContainer45.log_backup1
2020-01-06 22:48 - 2020-01-07 07:10 - 000013512 _____ C:\ProgramData\DisplaySessionContainer44.log_backup1
2019-12-24 10:43 - 2020-01-17 14:19 - 000001209 _____ C:\ProgramData\NvcDispCorePlugin.log_backup1
2019-12-24 10:41 - 2019-12-07 05:31 - 000047032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2019-12-24 10:39 - 2019-12-08 16:30 - 011843728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2019-12-24 10:39 - 2019-12-08 16:30 - 001729232 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2019-12-24 10:39 - 2019-12-08 16:30 - 001729232 _____ C:\WINDOWS\system32\vulkaninfo.exe
2019-12-24 10:39 - 2019-12-08 16:30 - 001329360 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-12-24 10:39 - 2019-12-08 16:30 - 001329360 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2019-12-24 10:39 - 2019-12-08 16:30 - 001078992 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2019-12-24 10:39 - 2019-12-08 16:30 - 001078992 _____ C:\WINDOWS\system32\vulkan-1.dll
2019-12-24 10:39 - 2019-12-08 16:30 - 000937680 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2019-12-24 10:39 - 2019-12-08 16:30 - 000937680 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2019-12-24 10:39 - 2019-12-08 16:30 - 000451440 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2019-12-24 10:39 - 2019-12-08 16:30 - 000352504 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2019-12-24 10:39 - 2019-12-08 16:29 - 010167744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2019-12-24 10:39 - 2019-12-08 16:29 - 001001408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2019-12-24 10:39 - 2019-12-08 16:29 - 000824256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2019-12-24 10:39 - 2019-12-08 16:29 - 000676608 _____ C:\WINDOWS\system32\nvofapi64.dll
2019-12-24 10:39 - 2019-12-08 16:29 - 000545296 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2019-12-24 10:39 - 2019-12-08 16:28 - 017462400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2019-12-24 10:39 - 2019-12-08 16:28 - 015030896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2019-12-24 10:39 - 2019-12-08 16:28 - 005382232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2019-12-24 10:39 - 2019-12-08 16:28 - 004717656 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2019-12-24 10:39 - 2019-12-08 16:28 - 002076064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2019-12-24 10:39 - 2019-12-08 16:28 - 001568504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2019-12-24 10:39 - 2019-12-08 16:28 - 001483712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2019-12-24 10:39 - 2019-12-08 16:28 - 001371648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2019-12-24 10:39 - 2019-12-08 16:28 - 001146880 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2019-12-24 10:39 - 2019-12-08 16:28 - 001064840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2019-12-24 10:39 - 2019-12-08 16:28 - 000812800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2019-12-24 10:39 - 2019-12-08 16:28 - 000684992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2019-12-24 10:39 - 2019-12-08 16:28 - 000659152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2019-12-24 10:39 - 2019-12-08 16:28 - 000573176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2019-12-24 10:39 - 2019-12-08 16:28 - 000557072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2019-12-24 10:39 - 2019-12-08 16:28 - 000452720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2019-12-24 10:39 - 2019-12-08 16:27 - 040510424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2019-12-24 10:39 - 2019-12-08 16:27 - 035380264 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2019-12-24 10:39 - 2019-12-08 16:27 - 004224176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2019-12-24 10:39 - 2019-12-08 16:27 - 000858712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2019-12-24 10:39 - 2019-12-07 05:31 - 000081581 _____ C:\WINDOWS\system32\nvidia-smi.1.pdf
2019-12-24 10:39 - 2019-12-07 05:31 - 000075706 _____ C:\WINDOWS\system32\nvinfo.pb
2019-12-24 10:30 - 2019-12-05 22:24 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2019-12-24 10:27 - 2019-12-24 10:27 - 000000000 ___HD C:\$SysReset
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-23 20:59 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-01-23 20:59 - 2019-01-23 15:44 - 000000000 ____D C:\FRST
2020-01-23 20:59 - 2018-11-21 09:09 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2020-01-23 20:55 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-23 19:10 - 2018-10-03 14:34 - 000000000 ____D C:\ProgramData\NVIDIA
2020-01-23 19:08 - 2019-09-17 15:32 - 000000880 _____ C:\Users\Agent\Desktop\Aslains WoT Logs Archiver.lnk
2020-01-23 19:05 - 2019-08-01 07:31 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-23 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-01-23 17:47 - 2018-10-04 14:06 - 000748816 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-01-23 15:38 - 2019-12-21 09:28 - 000000000 ____D C:\Users\Agent\AppData\Roaming\SmartGenius
2020-01-23 15:38 - 2019-11-09 09:54 - 000013511 _____ C:\ProgramData\DisplaySessionContainer7.log_backup1
2020-01-23 15:37 - 2018-12-11 15:09 - 000000000 ____D C:\Users\Agent\Desktop\Nová složka (2)
2020-01-22 20:05 - 2019-11-08 21:11 - 000013900 _____ C:\ProgramData\DisplaySessionContainer6.log_backup1
2020-01-22 18:03 - 2019-11-08 18:16 - 000013908 _____ C:\ProgramData\DisplaySessionContainer5.log_backup1
2020-01-22 16:23 - 2019-11-08 14:45 - 000013900 _____ C:\ProgramData\DisplaySessionContainer4.log_backup1
2020-01-22 14:54 - 2019-11-08 05:41 - 000013515 _____ C:\ProgramData\DisplaySessionContainer3.log_backup1
2020-01-22 14:23 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-01-21 19:56 - 2019-11-07 21:56 - 000013507 _____ C:\ProgramData\DisplaySessionContainer2.log_backup1
2020-01-20 21:37 - 2019-11-07 15:48 - 000012597 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2020-01-20 16:33 - 2019-08-01 07:39 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-01-20 16:33 - 2019-03-19 12:57 - 000716944 _____ C:\WINDOWS\system32\perfh005.dat
2020-01-20 16:33 - 2019-03-19 12:57 - 000145024 _____ C:\WINDOWS\system32\perfc005.dat
2020-01-20 16:27 - 2019-08-01 07:37 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-01-20 16:26 - 2019-11-07 15:48 - 000000385 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2020-01-20 16:26 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-01-20 15:36 - 2019-11-07 15:48 - 000387377 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2020-01-20 14:47 - 2019-11-10 18:03 - 000013895 _____ C:\ProgramData\DisplaySessionContainer11.log_backup1
2020-01-19 22:36 - 2019-11-10 10:20 - 000013909 _____ C:\ProgramData\DisplaySessionContainer10.log_backup1
2020-01-19 19:04 - 2019-11-09 23:30 - 000013511 _____ C:\ProgramData\DisplaySessionContainer9.log_backup1
2020-01-19 02:46 - 2019-11-09 17:57 - 000011827 _____ C:\ProgramData\DisplaySessionContainer8.log_backup1
2020-01-18 23:35 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-17 14:26 - 2018-10-03 14:42 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-17 14:26 - 2018-10-03 14:42 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-01-17 14:19 - 2019-08-01 07:37 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-357395720-4081436159-901972258-1001
2020-01-17 14:19 - 2019-08-01 07:33 - 000000000 ____D C:\Users\Agent
2020-01-17 14:19 - 2019-03-19 05:37 - 087293952 _____ C:\WINDOWS\system32\config\software.bak
2020-01-17 14:19 - 2019-03-19 05:37 - 016515072 _____ C:\WINDOWS\system32\config\system.bak
2020-01-17 14:19 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\default.bak
2020-01-17 14:18 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-01-17 14:17 - 2018-09-26 16:55 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-01-16 20:43 - 2019-03-19 05:37 - 000020480 _____ C:\WINDOWS\system32\config\ELAM
2020-01-16 14:57 - 2019-08-01 07:31 - 000458360 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-01-16 14:57 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-01-16 14:57 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-01-16 14:57 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-01-16 14:57 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-01-16 14:55 - 2018-10-04 14:10 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-01-16 14:53 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-01-16 14:53 - 2018-11-08 16:57 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2020-01-16 14:53 - 2018-10-04 14:10 - 120202352 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-01-13 17:12 - 2019-11-06 20:34 - 000000000 ____D C:\Users\Agent\AppData\Local\CrashDumps
2020-01-12 13:32 - 2018-09-27 14:08 - 000000000 ____D C:\Users\Agent\Desktop\replays
2020-01-11 22:13 - 2019-12-21 09:27 - 000000000 ____D C:\Users\Agent\AppData\Local\SmartGenius
2020-01-10 21:53 - 2019-08-01 07:33 - 000002361 _____ C:\Users\Agent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-01-10 21:53 - 2018-09-26 16:56 - 000000000 ___RD C:\Users\Agent\OneDrive
2020-01-07 18:59 - 2018-09-26 18:58 - 000000625 _____ C:\Users\Agent\Desktop\Nový textový dokument.txt
2020-01-06 22:48 - 2019-11-30 10:31 - 000013516 _____ C:\ProgramData\DisplaySessionContainer43.log_backup1
2020-01-06 21:41 - 2019-11-30 10:00 - 000013905 _____ C:\ProgramData\DisplaySessionContainer42.log_backup1
2020-01-06 17:36 - 2019-11-29 22:12 - 000013528 _____ C:\ProgramData\DisplaySessionContainer41.log_backup1
2020-01-06 15:57 - 2019-11-29 15:42 - 000013901 _____ C:\ProgramData\DisplaySessionContainer40.log_backup1
2020-01-06 12:28 - 2019-11-29 11:07 - 000013905 _____ C:\ProgramData\DisplaySessionContainer39.log_backup1
2020-01-06 07:34 - 2019-11-28 23:25 - 000013905 _____ C:\ProgramData\DisplaySessionContainer38.log_backup1
2020-01-05 19:55 - 2019-11-28 15:47 - 000013528 _____ C:\ProgramData\DisplaySessionContainer37.log_backup1
2020-01-05 15:45 - 2019-11-28 11:46 - 000013520 _____ C:\ProgramData\DisplaySessionContainer36.log_backup1
2020-01-05 04:08 - 2019-11-28 00:51 - 000013528 _____ C:\ProgramData\DisplaySessionContainer35.log_backup1
2020-01-04 22:49 - 2019-11-27 22:29 - 000013528 _____ C:\ProgramData\DisplaySessionContainer34.log_backup1
2020-01-04 19:11 - 2019-11-27 14:48 - 000013905 _____ C:\ProgramData\DisplaySessionContainer33.log_backup1
2020-01-04 17:28 - 2019-11-27 00:51 - 000013905 _____ C:\ProgramData\DisplaySessionContainer32.log_backup1
2020-01-04 12:54 - 2019-11-26 21:11 - 000013897 _____ C:\ProgramData\DisplaySessionContainer31.log_backup1
2020-01-04 02:10 - 2019-11-26 20:30 - 000013490 _____ C:\ProgramData\DisplaySessionContainer30.log_backup1
2020-01-03 14:48 - 2019-11-26 15:45 - 000013905 _____ C:\ProgramData\DisplaySessionContainer29.log_backup1
2020-01-03 03:03 - 2019-11-26 12:18 - 000013905 _____ C:\ProgramData\DisplaySessionContainer28.log_backup1
2020-01-02 12:16 - 2019-11-25 23:26 - 000013897 _____ C:\ProgramData\DisplaySessionContainer27.log_backup1
2020-01-02 10:54 - 2019-11-25 22:35 - 000013905 _____ C:\ProgramData\DisplaySessionContainer26.log_backup1
2020-01-02 04:44 - 2019-11-25 15:02 - 000013905 _____ C:\ProgramData\DisplaySessionContainer25.log_backup1
2020-01-01 15:08 - 2019-11-25 10:40 - 000013905 _____ C:\ProgramData\DisplaySessionContainer24.log_backup1
2020-01-01 12:19 - 2019-11-24 22:09 - 000013907 _____ C:\ProgramData\DisplaySessionContainer23.log_backup1
2020-01-01 00:16 - 2019-11-14 05:42 - 000013904 _____ C:\ProgramData\DisplaySessionContainer22.log_backup1
2019-12-31 15:21 - 2019-11-13 23:28 - 000013520 _____ C:\ProgramData\DisplaySessionContainer21.log_backup1
2019-12-31 14:05 - 2019-11-13 05:36 - 000013502 _____ C:\ProgramData\DisplaySessionContainer20.log_backup1
2019-12-31 13:26 - 2019-11-12 22:56 - 000013903 _____ C:\ProgramData\DisplaySessionContainer19.log_backup1
2019-12-30 18:56 - 2019-11-12 16:54 - 000013903 _____ C:\ProgramData\DisplaySessionContainer18.log_backup1
2019-12-30 16:17 - 2019-11-12 15:08 - 000013160 _____ C:\ProgramData\DisplaySessionContainer17.log_backup1
2019-12-29 20:39 - 2019-11-12 05:40 - 000013109 _____ C:\ProgramData\DisplaySessionContainer15.log_backup1
2019-12-29 11:59 - 2019-11-11 23:56 - 000013903 _____ C:\ProgramData\DisplaySessionContainer14.log_backup1
2019-12-29 02:21 - 2019-11-11 12:15 - 000013789 _____ C:\ProgramData\DisplaySessionContainer13.log_backup1
2019-12-28 12:27 - 2019-11-10 22:36 - 000012229 _____ C:\ProgramData\DisplaySessionContainer12.log_backup1
2019-12-24 10:43 - 2018-10-03 14:36 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-12-24 10:41 - 2018-10-03 14:33 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-12-24 10:30 - 2019-08-11 13:56 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-24 10:30 - 2019-08-11 13:56 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-24 10:30 - 2019-08-11 13:56 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-24 10:30 - 2019-08-11 13:56 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-24 10:30 - 2019-08-11 13:56 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-24 10:30 - 2019-08-11 13:56 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-24 10:30 - 2019-08-11 13:56 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-24 10:30 - 2019-08-11 13:56 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-24 10:30 - 2019-08-11 13:56 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-24 10:30 - 2019-08-11 13:56 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-24 10:30 - 2019-08-11 13:56 - 000001443 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2019-12-24 10:30 - 2018-10-03 14:33 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-12-24 10:24 - 2019-09-19 07:42 - 000000000 ____D C:\Program Files (x86)\FastShare
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu.
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
vrbickyjaroslav
- Návštěvník
- Příspěvky: 33
- Registrován: 07 led 2007 20:51
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu.
Zdravím!
Přidejte ještě log Addition. Měl by být na ploše v souboru addition.txt. Děkuji.
Přidejte ještě log Addition. Měl by být na ploše v souboru addition.txt. Děkuji.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
vrbickyjaroslav
- Návštěvník
- Příspěvky: 33
- Registrován: 07 led 2007 20:51
Re: Prosím o kontrolu logu.
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-01-2020 01Rudy píše:Zdravím!
Přidejte ještě log Addition. Měl by být na ploše v souboru addition.txt. Děkuji.
Ran by Agent (23-01-2020 21:00:31)
Running from C:\Users\Agent\Desktop
Windows 10 Pro Version 1909 18363.592 (X64) (2019-08-01 06:38:03)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-357395720-4081436159-901972258-500 - Administrator - Disabled)
Agent (S-1-5-21-357395720-4081436159-901972258-1001 - Administrator - Enabled) => C:\Users\Agent
DefaultAccount (S-1-5-21-357395720-4081436159-901972258-503 - Limited - Disabled)
Guest (S-1-5-21-357395720-4081436159-901972258-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-357395720-4081436159-901972258-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Free (Disabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Aktualizace NVIDIA 38.0.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.4.0 - NVIDIA Corporation) Hidden
Aslain's WoT Modpack verze 1.7.0.2.19 (HKLM-x32\...\Aslains_WoT_Modpack_Installer_is1) (Version: 1.7.0.2.19 - Aslain)
Bandicam (HKLM-x32\...\Bandicam) (Version: 4.0.1.1339 - Bandicam.com)
Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Kaspersky Free (HKLM-x32\...\InstallWIX_{D891550B-ACFE-4797-B368-BCFC434BBEB1}) (Version: 20.0.14.1085 - Kaspersky)
Kaspersky Internet Security (HKLM-x32\...\{D891550B-ACFE-4797-B368-BCFC434BBEB1}) (Version: 20.0.14.1085 - Kaspersky) Hidden
Kaspersky Secure Connection (HKLM-x32\...\{145AE349-477A-45E5-A57C-5F5BF2BB5775}) (Version: 20.0.14.1085 - Kaspersky) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{145AE349-477A-45E5-A57C-5F5BF2BB5775}) (Version: 20.0.14.1085 - Kaspersky)
Luxor 2 HD (HKLM-x32\...\Luxor 2 HD1.0) (Version: 1.0 - Foxy Games)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-357395720-4081436159-901972258-1001\...\OneDriveSetup.exe) (Version: 19.222.1110.0006 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM-x32\...\{90150000-001F-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM-x32\...\{90150000-001F-041B-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 441.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 441.66 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
SmartGenius (HKLM\...\{F96B1114-82A6-4348-8A84-8FD4E9D99F3B}_is1) (Version: 1.7.0.1 - KYE Systems Corp.)
Update for Skype for Business 2015 (KB4475564) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{14E2D22A-5164-4E35-8239-E2DB5D6B9A09}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4475564) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0405-0000-0000000FF1CE}_Office15.PROPLUSR_{14E2D22A-5164-4E35-8239-E2DB5D6B9A09}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4475564) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{14E2D22A-5164-4E35-8239-E2DB5D6B9A09}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
VIRTUIS ADVANCED Gaming Keyboard Driver (HKLM-x32\...\{B3CDED64-7DC2-429D-A325-BBC3CF793AA6}) (Version: 1.0 - SPEEDLINK)
Wargaming.net Game Center (HKU\S-1-5-21-357395720-4081436159-901972258-1001\...\Wargaming.net Game Center) (Version: 19.8.0.7920 - Wargaming.net)
WinASO Registry Optimizer 5.6 (HKLM-x32\...\WinASO Registry Optimizer_is1) (Version: - X.M.Y International LLC)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
World of Tanks EU (HKU\S-1-5-21-357395720-4081436159-901972258-1001\...\WOT.EU.PRODUCTION) (Version: - Wargaming.net)
World of Tanks NA (HKU\S-1-5-21-357395720-4081436159-901972258-1001\...\WOT.NA.PRODUCTION) (Version: - Wargaming.net)
World_of_Warships_NA (HKU\S-1-5-21-357395720-4081436159-901972258-1001\...\WOWS.NA.PRODUCTION) (Version: - Wargaming.net)
X7 Oscar Lite (HKLM-x32\...\X7OscarLite) (Version: 18.05.0002 - A4Tech)
Packages:
=========
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1680.3.0_x86__kgqvnymyfvs32 [2020-01-16] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.154.400.0_x86__kgqvnymyfvs32 [2019-12-12] (king.com)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.1.3842.0_x64__rz1tebttyb220 [2019-12-19] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-10-26] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-07-28] (Microsoft Corporation)
Hidden City: Hidden Object Adventure -> C:\Program Files\WindowsApps\828B5831.HiddenCityMysteryofShadows_1.32.3201.0_x86__ytsefhwckbdv6 [2020-01-03] (G5 Entertainment AB)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-05] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-05] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-12] (Microsoft Studios) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-16] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.956.0_x64__56jybvy8sckqj [2019-11-07] (NVIDIA Corp.)
World of Tanks Blitz -> C:\Program Files\WindowsApps\7458BE2C.WorldofTanksBlitz_6.7.188.0_x64__x4tje2y229k00 [2020-01-16] (Wargaming Group Limited)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\ShellEx.dll [2019-10-31] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\ShellEx.dll [2019-10-31] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\ShellEx.dll [2019-10-31] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a3efb8aa9e9e249a\nvshext.dll [2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\ShellEx.dll [2019-10-31] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.mjpg] => C:\WINDOWS\system32\bdmjpeg64.dll [75248 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\WINDOWS\system32\bdmpegv64.dll [75272 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\WINDOWS\system32\bdmpega64.acm [75784 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [71152 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [71176 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [71176 2017-01-26] (Bandicam Company -> )
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2019-12-21 09:27 - 2019-11-06 11:12 - 000641024 _____ () [File not signed] \\?\C:\Users\Agent\AppData\Local\SmartGenius\resources\app\backend\protocol\platform\win32\Release\x64_driverWin.node
2019-12-21 09:27 - 2019-11-06 11:12 - 000641024 _____ () [File not signed] \\?\C:\Users\Agent\AppData\Local\SmartGenius\resources\app\backend\protocol\platform\win32\Release\x64_hidWin.node
2019-12-21 09:27 - 2019-11-06 11:12 - 000265728 _____ () [File not signed] \\?\C:\Users\Agent\AppData\Local\SmartGenius\resources\app\backend\protocol\platform\win32\Release\x64_sysWin.node
2019-09-02 17:30 - 2012-11-05 07:37 - 000061440 _____ () [File not signed] C:\Program Files (x86)\SPEEDLINK\VIRTUIS Advanced Gaming Keyboard\hiddriver.dll
2019-09-02 17:30 - 2013-08-17 13:13 - 000036864 _____ () [File not signed] C:\Program Files (x86)\SPEEDLINK\VIRTUIS Advanced Gaming Keyboard\Lang\Lang_EN.dll
2019-12-21 09:27 - 2019-10-16 09:32 - 002126848 _____ () [File not signed] C:\Users\Agent\AppData\Local\SmartGenius\ffmpeg.dll
2019-12-21 09:27 - 2019-10-16 09:32 - 000109056 _____ () [File not signed] C:\Users\Agent\AppData\Local\SmartGenius\libegl.dll
2019-12-21 09:27 - 2019-10-16 09:32 - 005103616 _____ () [File not signed] C:\Users\Agent\AppData\Local\SmartGenius\libglesv2.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-10-03 15:26 - 2018-10-03 15:25 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-357395720-4081436159-901972258-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Agent\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{8CCC4D9A-3FC0-4DF1-B242-88EDBF17FA70}] => (Allow) D:\Games\World_of_Tanks_EU\WorldOfTanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{4775A5F4-8AE6-4B3D-AA34-B6E64148A20A}] => (Allow) D:\Games\World_of_Tanks_EU\WorldOfTanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{71218710-3837-41A8-8AFA-71F7FED89F10}] => (Allow) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{FEA906AA-2F07-4C93-8ED4-040AF66527DB}] => (Allow) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{A4936F38-F287-4000-9A17-C64CBFC73DCC}] => (Allow) LPort=1688
FirewallRules: [{A8E31CE1-6EA8-4EC0-A90C-C2C1E5610413}] => (Allow) D:\Office\Office15\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{23A75077-FFC8-4E90-9CFA-34E2AF001EC9}] => (Allow) D:\Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{056D2040-A3E9-4398-863B-2772E32FCC97}] => (Allow) D:\Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B8583603-0E91-4E1B-B750-C6A23C6F9208}] => (Allow) D:\Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E2E0B2D6-F89F-4552-B0FA-9ADAFDFFC96B}] => (Allow) D:\Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{FAEC7B69-3B2B-48BC-8986-A716398F2DBE}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe (Wargaming PCL -> Wargaming.net)
FirewallRules: [TCP Query User{3B69D67B-BD35-4D34-A3CC-3C4F317889DF}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe (Wargaming PCL -> Wargaming.net)
FirewallRules: [UDP Query User{D420C028-2EFA-4E1C-BC22-C9B081ED2EE1}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{4F0D0111-6BE9-4238-8C72-0BED9BC5E33D}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{5B13882A-B4A4-41EE-B441-68684B7BF4AD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D1D7EBCF-2B52-4BC6-AC0F-9FF5230B45E0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A30AA417-BDD6-491F-88F7-FF147B5224E8}] => (Allow) C:\Games\World_of_Tanks\WargamingGameUpdater.exe No File
FirewallRules: [{29DFF6E1-A909-4AD7-B0F5-D5EF219C70F2}] => (Allow) C:\Games\World_of_Tanks\WargamingGameUpdater.exe No File
FirewallRules: [{7BC94195-053E-43A1-8484-42E1159C3148}] => (Allow) C:\Games\World_of_Tanks\WargamingGameUpdater.exe No File
FirewallRules: [{F68C1820-5E78-4C73-92A3-B13850126F1B}] => (Allow) C:\Games\World_of_Tanks\WargamingGameUpdater.exe No File
FirewallRules: [TCP Query User{E79CA66E-F5CB-4FFE-A438-3702424B17CA}C:\games\world_of_tanks\win32\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{B6FD1559-C84F-4608-B1B7-66A5C064EC9A}C:\games\world_of_tanks\win32\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{07631777-EF67-4F59-8D35-A4883883C3A5}] => (Allow) C:\Users\Agent\AppData\Local\SmartGenius\SmartGenius.exe (KYE SYSTEMS CORP. -> GitHub, Inc.)
FirewallRules: [{59A6ED61-9099-4769-B3CB-2B9E8AC348F2}] => (Allow) C:\Users\Agent\AppData\Local\SmartGenius\SmartGenius.exe (KYE SYSTEMS CORP. -> GitHub, Inc.)
FirewallRules: [{0D630194-ED58-4E08-8D09-C7701CCF0934}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4024E825-027F-45C2-8159-3D8E536567C8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E57FC60C-B19B-4E0E-8583-D9D36093DBC4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2D8C9B24-D643-4AAE-AB19-22A2CA56F245}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{3DA6316E-801B-474E-8875-4DEBDB833A1C}C:\users\agent\appdata\local\smartgenius\smartgenius.exe] => (Allow) C:\users\agent\appdata\local\smartgenius\smartgenius.exe (KYE SYSTEMS CORP. -> GitHub, Inc.)
FirewallRules: [UDP Query User{C7C97F43-57A2-48DD-9903-BE98723C25C8}C:\users\agent\appdata\local\smartgenius\smartgenius.exe] => (Allow) C:\users\agent\appdata\local\smartgenius\smartgenius.exe (KYE SYSTEMS CORP. -> GitHub, Inc.)
FirewallRules: [TCP Query User{50034678-3F50-4A0D-B904-45D23D387AFA}D:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) D:\games\world_of_tanks_eu\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{A7C418F4-6BA9-4252-8C39-A0EBF83C9D3F}D:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) D:\games\world_of_tanks_eu\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{18115A65-5592-4BE0-A7A8-248E647EA35E}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{BC63AEA2-A423-446C-A9B6-7DC8982F5023}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{6471491B-A894-43D4-B73B-ECF85B9C3D7F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:111.19 GB) (Free:14.55 GB) (13%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/23/2020 09:00:40 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7744,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/23/2020 08:32:41 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (13108,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/23/2020 08:26:22 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (768,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/23/2020 07:51:00 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12240,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/23/2020 07:20:32 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (15172,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/23/2020 07:15:24 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7628,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/23/2020 06:44:44 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11692,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/23/2020 06:24:12 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (15028,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
System errors:
=============
Error: (01/23/2020 05:51:42 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: Systém zjistil konflikt IP adresy 192.168.0.1 se systémem,
jehož síťová hardwarová adresa je 20-4E-7F-45-AB-78. Síťové operace v systému mohou
být přerušeny.
Error: (01/20/2020 04:26:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (01/20/2020 04:26:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (01/20/2020 04:26:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (01/16/2020 02:57:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Kaspersky Anti-Virus 20.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.
Error: (01/15/2020 02:59:44 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T54QBQ1)
Description: Server Microsoft.Windows.ContentDeliveryManager_10.0.18362.449_neutral_neutral_cw5n1h2txyewy!App.AppXwdz8g2fxr36xz0tdtagygnvemf85s7gg.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/11/2020 10:20:18 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T54QBQ1)
Description: Server {3EEF301F-B596-4C0B-BD92-013BEAFCE793} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/11/2020 10:20:17 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T54QBQ1)
Description: Server {3EEF301F-B596-4C0B-BD92-013BEAFCE793} se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
===================================
Date: 2019-09-30 13:04:44.916
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {65EFDC40-1B11-42B4-9BA1-7C2D6974A77D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-09-30 12:50:08.966
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {B02D40B1-6920-45E0-9464-E9A684B8CD29}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-08-31 08:33:27.845
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {7CC42139-2F7D-43C4-9F1E-8E9C669CD86D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-08-17 08:26:43.291
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {0490FAD6-03B4-44D2-8FF8-0734F7879760}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-08-17 06:59:56.320
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {30C807BF-8BF4-475B-A706-0CC539595D3E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-09-14 15:29:06.459
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.301.1200.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16300.1
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Date: 2019-08-15 20:48:54.376
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.299.1903.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16200.1
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
CodeIntegrity:
===================================
Date: 2020-01-23 20:27:20.978
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
Date: 2020-01-23 18:33:10.357
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
Date: 2020-01-23 18:33:08.113
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
Date: 2020-01-23 17:59:08.593
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
Date: 2020-01-23 17:58:54.131
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
Date: 2020-01-23 17:47:34.162
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
Date: 2020-01-23 17:47:34.144
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
Date: 2020-01-23 17:46:55.810
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. F22 11/14/2013
Motherboard: Gigabyte Technology Co., Ltd. Z77-D3H
Processor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Percentage of memory in use: 18%
Total physical RAM: 16342.34 MB
Available physical RAM: 13305.63 MB
Total Virtual: 18774.34 MB
Available Virtual: 14889.89 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.19 GB) (Free:14.55 GB) NTFS
Drive d: () (Fixed) (Total:1397.26 GB) (Free:1206.32 GB) NTFS
\\?\Volume{3f59a275-5020-476d-a09d-f2810415b1b4}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.07 GB) NTFS
\\?\Volume{456068d8-eaad-4809-ad7b-7749f5ef5d8d}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 111.8 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1397.3 GB) (Disk ID: 70E5BEAB)
Partition 1: (Not Active) - (Size=1397.3 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu.
Teď spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
vrbickyjaroslav
- Návštěvník
- Příspěvky: 33
- Registrován: 07 led 2007 20:51
Re: Prosím o kontrolu logu.
# -------------------------------
# Malwarebytes AdwCleaner 8.0.1.0
# -------------------------------
# Build: 12-17-2019
# Database: 2020-01-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 01-25-2020
# Duration: 00:00:18
# OS: Windows 10 Pro
# Scanned: 34795
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner[S00].txt - [2200 octets] - [23/01/2019 17:55:10]
AdwCleaner[S01].txt - [2261 octets] - [23/01/2019 17:56:10]
AdwCleaner[C01].txt - [2335 octets] - [23/01/2019 17:56:19]
AdwCleaner[S02].txt - [1508 octets] - [20/01/2020 16:25:50]
AdwCleaner[C02].txt - [1696 octets] - [20/01/2020 16:26:44]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S03].txt ##########
# Malwarebytes AdwCleaner 8.0.1.0
# -------------------------------
# Build: 12-17-2019
# Database: 2020-01-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 01-25-2020
# Duration: 00:00:18
# OS: Windows 10 Pro
# Scanned: 34795
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner[S00].txt - [2200 octets] - [23/01/2019 17:55:10]
AdwCleaner[S01].txt - [2261 octets] - [23/01/2019 17:56:10]
AdwCleaner[C01].txt - [2335 octets] - [23/01/2019 17:56:19]
AdwCleaner[S02].txt - [1508 octets] - [20/01/2020 16:25:50]
AdwCleaner[C02].txt - [1696 octets] - [20/01/2020 16:26:44]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S03].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu.
Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
FirewallRules: [{A30AA417-BDD6-491F-88F7-FF147B5224E8}] => (Allow) C:\Games\World_of_Tanks\WargamingGameUpdater.exe No File
FirewallRules: [{29DFF6E1-A909-4AD7-B0F5-D5EF219C70F2}] => (Allow) C:\Games\World_of_Tanks\WargamingGameUpdater.exe No File
FirewallRules: [{7BC94195-053E-43A1-8484-42E1159C3148}] => (Allow) C:\Games\World_of_Tanks\WargamingGameUpdater.exe No File
FirewallRules: [{F68C1820-5E78-4C73-92A3-B13850126F1B}] => (Allow) C:\Games\World_of_Tanks\WargamingGameUpdater.exe No File
HKU\S-1-5-21-357395720-4081436159-901972258-1001\...\MountPoints2: {ee9fa2ff-c576-11e8-ba2c-902b3458fe0b} - "E:\iStudio.exe"
Task: {0B6A13EC-DA89-4706-8E5A-A054501A5C2D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-10-03] (Google Inc -> Google Inc.)
Task: {9746180B-53A1-4072-A661-F4EBAF4B0344} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-10-03] (Google Inc -> Google Inc.)
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
vrbickyjaroslav
- Návštěvník
- Příspěvky: 33
- Registrován: 07 led 2007 20:51
Re: Prosím o kontrolu logu.
Fix result of Farbar Recovery Scan Tool (x64) Version: 25-01-2020 01
Ran by Agent (26-01-2020 10:18:39) Run:2
Running from C:\Users\Agent\Desktop
Loaded Profiles: Agent (Available Profiles: Agent)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
FirewallRules: [{A30AA417-BDD6-491F-88F7-FF147B5224E8}] => (Allow) C:\Games\World_of_Tanks\WargamingGameUpdater.exe No File
FirewallRules: [{29DFF6E1-A909-4AD7-B0F5-D5EF219C70F2}] => (Allow) C:\Games\World_of_Tanks\WargamingGameUpdater.exe No File
FirewallRules: [{7BC94195-053E-43A1-8484-42E1159C3148}] => (Allow) C:\Games\World_of_Tanks\WargamingGameUpdater.exe No File
FirewallRules: [{F68C1820-5E78-4C73-92A3-B13850126F1B}] => (Allow) C:\Games\World_of_Tanks\WargamingGameUpdater.exe No File
HKU\S-1-5-21-357395720-4081436159-901972258-1001\...\MountPoints2: {ee9fa2ff-c576-11e8-ba2c-902b3458fe0b} - "E:\iStudio.exe"
Task: {0B6A13EC-DA89-4706-8E5A-A054501A5C2D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-10-03] (Google Inc -> Google Inc.)
Task: {9746180B-53A1-4072-A661-F4EBAF4B0344} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-10-03] (Google Inc -> Google Inc.)
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A30AA417-BDD6-491F-88F7-FF147B5224E8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{29DFF6E1-A909-4AD7-B0F5-D5EF219C70F2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7BC94195-053E-43A1-8484-42E1159C3148}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F68C1820-5E78-4C73-92A3-B13850126F1B}" => removed successfully
HKU\S-1-5-21-357395720-4081436159-901972258-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ee9fa2ff-c576-11e8-ba2c-902b3458fe0b} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0B6A13EC-DA89-4706-8E5A-A054501A5C2D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0B6A13EC-DA89-4706-8E5A-A054501A5C2D}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9746180B-53A1-4072-A661-F4EBAF4B0344}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9746180B-53A1-4072-A661-F4EBAF4B0344}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 11558912 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 373590320 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 47506 B
Edge => 1965914 B
Chrome => 470958174 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 122714 B
NetworkService => 275690 B
Agent => 19732740 B
RecycleBin => 0 B
EmptyTemp: => 837.6 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 10:20:23 ====
Ran by Agent (26-01-2020 10:18:39) Run:2
Running from C:\Users\Agent\Desktop
Loaded Profiles: Agent (Available Profiles: Agent)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
FirewallRules: [{A30AA417-BDD6-491F-88F7-FF147B5224E8}] => (Allow) C:\Games\World_of_Tanks\WargamingGameUpdater.exe No File
FirewallRules: [{29DFF6E1-A909-4AD7-B0F5-D5EF219C70F2}] => (Allow) C:\Games\World_of_Tanks\WargamingGameUpdater.exe No File
FirewallRules: [{7BC94195-053E-43A1-8484-42E1159C3148}] => (Allow) C:\Games\World_of_Tanks\WargamingGameUpdater.exe No File
FirewallRules: [{F68C1820-5E78-4C73-92A3-B13850126F1B}] => (Allow) C:\Games\World_of_Tanks\WargamingGameUpdater.exe No File
HKU\S-1-5-21-357395720-4081436159-901972258-1001\...\MountPoints2: {ee9fa2ff-c576-11e8-ba2c-902b3458fe0b} - "E:\iStudio.exe"
Task: {0B6A13EC-DA89-4706-8E5A-A054501A5C2D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-10-03] (Google Inc -> Google Inc.)
Task: {9746180B-53A1-4072-A661-F4EBAF4B0344} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-10-03] (Google Inc -> Google Inc.)
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A30AA417-BDD6-491F-88F7-FF147B5224E8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{29DFF6E1-A909-4AD7-B0F5-D5EF219C70F2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7BC94195-053E-43A1-8484-42E1159C3148}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F68C1820-5E78-4C73-92A3-B13850126F1B}" => removed successfully
HKU\S-1-5-21-357395720-4081436159-901972258-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ee9fa2ff-c576-11e8-ba2c-902b3458fe0b} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0B6A13EC-DA89-4706-8E5A-A054501A5C2D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0B6A13EC-DA89-4706-8E5A-A054501A5C2D}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9746180B-53A1-4072-A661-F4EBAF4B0344}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9746180B-53A1-4072-A661-F4EBAF4B0344}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 11558912 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 373590320 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 47506 B
Edge => 1965914 B
Chrome => 470958174 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 122714 B
NetworkService => 275690 B
Agent => 19732740 B
RecycleBin => 0 B
EmptyTemp: => 837.6 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 10:20:23 ====
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu.
Smazáno, log je již OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
vrbickyjaroslav
- Návštěvník
- Příspěvky: 33
- Registrován: 07 led 2007 20:51
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu.
Nemáte zač! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?