Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-10-2020
Ran by casyo (administrator) on DESKTOP-FOMQ4FQ (Gigabyte Technology Co., Ltd. B450 AORUS PRO) (18-10-2020 09:37:35)
Running from C:\Users\casyo\OneDrive\Počítač
Loaded Profiles: casyo
Platform: Windows 10 Pro Version 1909 18363.592 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe
() [File not signed] C:\Program Files\qBittorrent\qbittorrent.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> ) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13228.41011.0_x64__8wekyb3d8bbwe\commsapps.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13228.41011.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.8043.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.8043.0_x64__8wekyb3d8bbwe\GameBarFT.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.8043.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2009.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2009.7-0\NisSrv.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_feed726c6560f7a7\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Realtek Semiconductor Corp. -> Realtek) C:\Program Files\Realtek\WifiAutoInstall\WifiAutoInstallSrv.exe
(Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [856288 2019-10-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\RunOnce: [PreRun] => C:\Program Files (x86)\GIGABYTE\AppCenter\PreRun.exe [14632 2016-02-26] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
HKU\S-1-5-21-1237953686-2037993472-3780050099-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3416352 2020-10-07] (Valve -> Valve Corporation)
HKU\S-1-5-21-1237953686-2037993472-3780050099-1001\...\Run: [qBittorrent] => C:\Program Files\qBittorrent\qbittorrent.exe [25294848 2019-12-18] () [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\86.0.4240.75\Installer\chrmstp.exe [2020-10-14] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {08A4156B-5E0E-4D70-9006-195AAED8867E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MpCmdRun.exe [533312 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1BF441AC-B454-4E44-9A70-72647F943E6E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5137312 2020-10-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {1DDBC1B5-FD09-45D3-B578-57E7A2A5AA72} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3292984 2020-06-25] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {255DEB23-AFEF-4111-8F8C-5EEA89354CDD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MpCmdRun.exe [533312 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2BFA344E-63DC-48DC-88B6-BA6A6327B092} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2D50E658-28EA-4377-A815-B2E2275713DB} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
Task: {2ECAB010-840E-4BC4-ACE0-7809E150273C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22855048 2020-10-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {3E642F35-8921-495D-B85A-0EF42C03BE21} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4E2BC76C-8AD4-4445-90BF-88FF2A03D679} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144728 2020-10-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {5AE9D524-1D2A-4D02-ABD4-A4DE9649A5C3} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-05-07] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {65D69A19-9CA9-4555-A6FF-A72D63316B1A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22855048 2020-10-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {680FCB6C-7CEA-42CF-9DB4-61296F0AAD7F} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144728 2020-10-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {6AFA703D-BC86-42C6-A9AE-8E7FDFAC2894} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6FF6FEE6-FE46-4845-9E87-9627C179F6C4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [647656 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {76816698-D17F-4A5F-A7E8-1AEF152B6238} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MpCmdRun.exe [533312 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7E490EF9-6453-400B-AFD1-4F6E1D00AEC5} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A45AC907-21EF-4F3C-A3CA-4B66FF9F6878} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.)
Task: {BEF3092D-5F7C-446B-8ABF-E3CC482FD69E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MpCmdRun.exe [533312 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CDFA56E5-2C02-451E-A0D6-D45259DC634D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5137312 2020-10-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {E3C13C51-1ECF-4274-B9F4-A689998FA599} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-05-07] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {E3CC8CAE-3D29-40EE-AF21-CC9D172E6F04} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E742C892-0C58-4509-A609-1CEB1BB457CE} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.88.1 178.18.67.3 8.8.8.8
Tcpip\..\Interfaces\{5e9dd8cc-a698-4852-962d-1f9159a71ca7}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{5e9dd8cc-a698-4852-962d-1f9159a71ca7}: [DhcpNameServer] 192.168.88.1 178.18.67.3 8.8.8.8
Edge:
======
Edge Profile: C:\Users\casyo\AppData\Local\Microsoft\Edge\User Data\Default [2020-10-18]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-09-11] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1237953686-2037993472-3780050099-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2020-09-25] (Ubisoft Entertainment Sweden AB -> )
Chrome:
=======
CHR Profile: C:\Users\casyo\AppData\Local\Google\Chrome\User Data\Default [2020-10-18]
CHR Notifications: Default -> hxxps://chat.g2g.com; hxxps://
www.divoke-kmene.sk; hxxps://
www.divokekmeny.cz
CHR HomePage: Default -> hxxp://google.sk/
CHR StartupUrls: Default -> "hxxp://google.sk/"
CHR Extension: (Prezentácie) - C:\Users\casyo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-12-26]
CHR Extension: (Dokumenty) - C:\Users\casyo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-12-26]
CHR Extension: (Disk Google) - C:\Users\casyo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-12-26]
CHR Extension: (MEGA) - C:\Users\casyo\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2020-10-16]
CHR Extension: (YouTube) - C:\Users\casyo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-12-26]
CHR Extension: (Tampermonkey) - C:\Users\casyo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2020-10-17]
CHR Extension: (Google Apps Script) - C:\Users\casyo\AppData\Local\Google\Chrome\User Data\Default\Extensions\eoieeedlomnegifmaghhjnghhmcldobl [2020-10-13]
CHR Extension: (Tabuľky) - C:\Users\casyo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-12-26]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\casyo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-09]
CHR Extension: (AdBlock - najlepší blokovač reklám) - C:\Users\casyo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-10-16]
CHR Extension: (The West) - C:\Users\casyo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilkgeioneoemibpddeiamfgiofnpjifm [2020-10-13]
CHR Extension: (XLS Editor) - C:\Users\casyo\AppData\Local\Google\Chrome\User Data\Default\Extensions\iobjaooppmgjlgomfpaohhncpfjpigaf [2020-10-13]
CHR Extension: (Search AliExpress by Image) - C:\Users\casyo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jocnlahnjacckbiffghcopjfbifdjocj [2020-09-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\casyo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-12-26]
CHR Extension: (Equalizer for YouTube™) - C:\Users\casyo\AppData\Local\Google\Chrome\User Data\Default\Extensions\oggiagogblgafoilijjdhcmflgekfmja [2020-08-17]
CHR Extension: (Script Installation Services/Website Setup) - C:\Users\casyo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojkfkmbechelifpehnokcfhlamloapmc [2020-10-13]
CHR Extension: (Gmail) - C:\Users\casyo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-12-26]
CHR Extension: (Chrome Media Router) - C:\Users\casyo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-10-15]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-09-06] (Adobe Inc. -> Adobe Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8686928 2020-09-16] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8945512 2020-10-08] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [777856 2020-03-28] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 gadjservice; C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe [17920 2015-06-25] () [File not signed]
R2 LGHUBUpdaterService; C:\Program Files\LGHUB/lghub_updater.exe [10131080 2020-04-19] (Logitech Inc -> Logitech, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [933304 2019-12-17] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\NisSrv.exe [2372048 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WifiAutoInstallSrv; C:\Program Files\Realtek\WifiAutoInstall\WifiAutoInstallSrv.exe [124864 2017-07-31] (Realtek Semiconductor Corp. -> Realtek)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MsMpEng.exe [128376 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_feed726c6560f7a7\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_feed726c6560f7a7\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AmdTools64; C:\Windows\System32\drivers\AmdTools64.sys [58216 2018-03-23] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R1 EneTechIo; C:\Windows\system32\drivers\ene.sys [19968 2019-10-17] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 gdrv2; C:\Windows\gdrv2.sys [32600 2020-04-24] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 LGHUBTemperatureService; C:\ProgramData\LGHUB\depots\47127\driver_cpu_temperature\logi_core_temp.sys [25448 2020-04-19] (Logitech Inc. -> Logitech)
R3 logi_joy_bus_enum; C:\Windows\system32\drivers\logi_joy_bus_enum.sys [38136 2019-12-31] (Logitech Inc -> Logitech)
S3 logi_joy_vir_hid; C:\Windows\system32\drivers\logi_joy_vir_hid.sys [20624 2019-12-31] (WDKTestCert sqa,131523902232810150 -> Logitech, Inc.)
R3 logi_joy_xlcore; C:\Windows\system32\drivers\logi_joy_xlcore.sys [66808 2019-12-31] (Logitech Inc -> Logitech)
S3 tap0901; C:\Windows\System32\drivers\tap0901.sys [39920 2019-12-10] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [48536 2020-10-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [428264 2020-10-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [69864 2020-10-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-10-18 08:59 - 2020-10-18 09:36 - 000003576 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-10-18 08:59 - 2020-10-18 09:36 - 000003452 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-10-17 19:41 - 2020-10-17 19:41 - 000002127 _____ C:\Users\casyo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SnoreToast.lnk
2020-10-17 19:39 - 2020-10-17 20:20 - 000000000 ____D C:\Users\casyo\AppData\Roaming\Sirus Launcher
2020-10-17 19:39 - 2020-10-17 19:39 - 000000000 ____D C:\Users\casyo\AppData\Local\sirus-open-launcher-updater
2020-10-15 19:27 - 2020-10-15 19:27 - 000000000 ____D C:\ProgramData\Jagex
2020-10-15 18:31 - 2020-09-10 06:14 - 000492544 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2020-10-15 18:31 - 2020-09-10 06:12 - 000390656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2020-10-12 13:10 - 2020-10-12 13:11 - 000000000 ____D C:\Users\casyo\AppData\Roaming\RS2V
2020-10-09 13:44 - 2020-10-02 01:48 - 001769688 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2020-10-09 13:44 - 2020-10-02 01:48 - 001769688 _____ C:\Windows\system32\vulkaninfo.exe
2020-10-09 13:44 - 2020-10-02 01:48 - 001370328 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-10-09 13:44 - 2020-10-02 01:48 - 001370328 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2020-10-09 13:44 - 2020-10-02 01:48 - 001054944 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2020-10-09 13:44 - 2020-10-02 01:48 - 001054944 _____ C:\Windows\system32\vulkan-1.dll
2020-10-09 13:44 - 2020-10-02 01:48 - 000917728 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2020-10-09 13:44 - 2020-10-02 01:48 - 000917728 _____ C:\Windows\SysWOW64\vulkan-1.dll
2020-10-09 13:44 - 2020-10-02 01:48 - 000455408 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2020-10-09 13:44 - 2020-10-02 01:48 - 000351128 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2020-10-09 13:44 - 2020-10-02 01:46 - 001023216 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2020-10-09 13:44 - 2020-10-02 01:46 - 000816368 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll
2020-10-09 13:44 - 2020-10-02 01:46 - 000673520 _____ C:\Windows\system32\nvofapi64.dll
2020-10-09 13:44 - 2020-10-02 01:46 - 000543128 _____ C:\Windows\SysWOW64\nvofapi.dll
2020-10-09 13:44 - 2020-10-02 01:45 - 002098072 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2020-10-09 13:44 - 2020-10-02 01:45 - 001585560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2020-10-09 13:44 - 2020-10-02 01:45 - 001507224 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2020-10-09 13:44 - 2020-10-02 01:45 - 001161112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2020-10-09 13:44 - 2020-10-02 01:45 - 000813464 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2020-10-09 13:44 - 2020-10-02 01:45 - 000670616 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2020-10-09 13:44 - 2020-10-02 01:45 - 000657304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2020-10-09 13:44 - 2020-10-02 01:45 - 000589208 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2020-10-09 13:44 - 2020-10-02 01:45 - 000555248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2020-10-09 13:44 - 2020-10-02 01:44 - 007707544 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2020-10-09 13:44 - 2020-10-02 01:44 - 006860184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2020-10-09 13:44 - 2020-10-02 01:44 - 004174064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2020-10-09 13:44 - 2020-10-02 01:44 - 002508528 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2020-10-09 13:44 - 2020-10-02 01:44 - 000849648 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2020-10-09 13:44 - 2020-10-02 01:44 - 000445848 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2020-10-09 13:44 - 2020-10-02 01:43 - 005972824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2020-10-09 13:44 - 2020-10-01 09:14 - 000080930 _____ C:\Windows\system32\nvinfo.pb
2020-10-06 18:17 - 2020-10-06 18:26 - 000000000 ____D C:\Users\casyo\AppData\Local\Deployment
2020-10-06 18:17 - 2020-10-06 18:17 - 000000000 ____D C:\Users\casyo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vzum
2020-10-06 18:17 - 2020-10-06 18:17 - 000000000 ____D C:\Users\casyo\AppData\Local\Apps\2.0
2020-10-05 17:27 - 2020-10-05 17:34 - 000000000 ____D C:\Users\casyo\AppData\Roaming\TS3Client
2020-10-05 17:27 - 2020-10-05 17:27 - 000000970 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2020-10-05 17:27 - 2020-10-05 17:27 - 000000000 ____D C:\Users\casyo\AppData\Local\TeamSpeak 3
2020-10-05 17:27 - 2020-10-05 17:27 - 000000000 ____D C:\Program Files\TeamSpeak 3 Client
2020-10-01 19:02 - 2020-10-01 19:03 - 000000000 ____D C:\Users\casyo\OneDrive\Documents\RCT3
2020-10-01 19:02 - 2020-10-01 19:02 - 000000000 ____D C:\Users\casyo\AppData\Roaming\Frontier
2020-10-01 15:33 - 2020-10-01 15:45 - 000000000 ____D C:\Users\casyo\AppData\LocalLow\Heroes and Generals
2020-10-01 15:33 - 2020-10-01 15:33 - 000000000 ____D C:\Users\casyo\AppData\Roaming\Macromedia
2020-10-01 15:33 - 2020-10-01 15:33 - 000000000 ____D C:\Users\casyo\AppData\Roaming\HeroesAndGeneralsDesktop
2020-10-01 14:11 - 2020-10-01 14:11 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2020-10-01 14:11 - 2020-09-10 18:14 - 000905528 _____ (Microsoft Corporation) C:\Windows\system32\sedplugins.dll
2020-10-01 14:11 - 2020-09-10 18:14 - 000436536 _____ (Microsoft Corporation) C:\Windows\system32\QualityUpdateAssistant.dll
2020-09-25 11:00 - 2020-09-25 11:00 - 000000000 ____D C:\Users\casyo\AppData\Local\DBG
2020-09-19 09:57 - 2020-09-19 09:57 - 000000000 ____D C:\Users\defaultuser100000\AppData\Local\ConnectedDevicesPlatform
2020-09-19 09:57 - 2020-09-19 09:57 - 000000000 ____D C:\Users\defaultuser100000
2020-09-18 10:38 - 2020-09-15 02:01 - 000038632 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhdap64.dll
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-10-18 09:37 - 2020-04-24 15:49 - 000000000 ____D C:\FRST
2020-10-18 09:36 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-10-18 09:32 - 2019-12-27 11:39 - 000000000 ____D C:\Users\casyo\AppData\Roaming\qBittorrent
2020-10-18 09:05 - 2020-05-08 11:54 - 000049064 _____ C:\Windows\system32\perfh01B.dat
2020-10-18 09:05 - 2020-05-08 11:54 - 000012206 _____ C:\Windows\system32\perfc01B.dat
2020-10-18 09:05 - 2019-12-26 23:33 - 000885446 _____ C:\Windows\system32\PerfStringBackup.INI
2020-10-18 09:05 - 2019-03-19 06:50 - 000000000 ____D C:\Windows\INF
2020-10-18 09:04 - 2019-12-26 23:39 - 000000000 ____D C:\ProgramData\NVIDIA
2020-10-18 08:59 - 2019-12-26 23:27 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-10-18 08:59 - 2019-03-19 06:37 - 000524288 _____ C:\Windows\system32\config\BBI
2020-10-18 08:57 - 2020-01-26 18:32 - 000000000 ____D C:\Program Files\Microsoft Office
2020-10-17 18:38 - 2019-12-26 23:40 - 000000000 ____D C:\Program Files (x86)\Steam
2020-10-17 18:36 - 2020-06-12 12:30 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-10-17 17:37 - 2019-12-26 23:27 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-10-17 15:29 - 2020-04-24 15:48 - 000000000 ____D C:\rsit
2020-10-17 15:29 - 2020-04-24 15:48 - 000000000 ____D C:\Program Files\trend micro
2020-10-17 08:39 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\AppReadiness
2020-10-16 13:19 - 2020-05-25 17:02 - 000000000 ____D C:\Users\casyo\AppData\Roaming\vlc
2020-10-15 18:41 - 2019-03-19 06:37 - 000000000 ____D C:\Windows\CbsTemp
2020-10-15 18:29 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-10-15 13:24 - 2019-12-26 23:32 - 000000000 ____D C:\Users\casyo\AppData\Local\Packages
2020-10-15 12:21 - 2019-12-26 23:35 - 000003380 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1237953686-2037993472-3780050099-1001
2020-10-15 12:21 - 2019-12-26 23:35 - 000000000 ___RD C:\Users\casyo\OneDrive
2020-10-15 12:21 - 2019-12-26 23:30 - 000002355 _____ C:\Users\casyo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-10-14 12:49 - 2019-12-26 23:36 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-10-12 13:10 - 2019-12-27 00:51 - 000000000 ____D C:\Users\casyo\OneDrive\Documents\My Games
2020-10-09 17:32 - 2019-12-26 23:39 - 000000000 ____D C:\Users\casyo\AppData\Local\NVIDIA
2020-10-07 09:09 - 2019-12-26 23:27 - 000000000 ____D C:\Windows\system32\Drivers\wd
2020-10-06 18:33 - 2020-01-30 18:40 - 000000000 ____D C:\Users\casyo\AppData\Local\CrashDumps
2020-10-06 18:28 - 2020-09-17 08:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2020-10-06 02:13 - 2019-03-19 06:56 - 000835472 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-10-06 02:13 - 2019-03-19 06:56 - 000179608 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-10-02 13:23 - 2019-12-27 00:01 - 000000000 ____D C:\Users\casyo\AppData\Local\D3DSCache
2020-10-02 09:52 - 2020-09-16 13:23 - 000000000 ____D C:\Users\casyo\AppData\Roaming\Might & Magic Heroes VI
2020-10-02 09:52 - 2020-09-16 13:23 - 000000000 ____D C:\Users\casyo\AppData\Local\Ubisoft Game Launcher
2020-10-02 01:43 - 2019-12-26 23:33 - 007001536 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2020-10-01 15:33 - 2019-12-26 23:30 - 000000000 ____D C:\Users\casyo
2020-09-25 15:04 - 2020-01-27 18:05 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-09-25 15:04 - 2020-01-27 18:05 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-09-23 11:02 - 2020-07-19 12:45 - 000000000 ____D C:\Users\casyo\AppData\Local\NetDragon
2020-09-23 10:49 - 2020-07-19 12:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Conquer Online
2020-09-18 10:39 - 2019-12-26 23:33 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================