VIRY.CZ

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-01-2020 01
Ran by Agent (administrator) on DESKTOP-T54QBQ1 (Gigabyte Technology Co., Ltd. To be filled by O.E.M.) (23-01-2020 20:59:33)
Running from C:\Users\Agent\Desktop
Loaded Profiles: Agent (Available Profiles: Agent)
Platform: Windows 10 Pro Version 1909 18363.592 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\SPEEDLINK\VIRTUIS Advanced Gaming Keyboard\Monitor.EXE
() [File not signed] C:\Program Files (x86)\SPEEDLINK\VIRTUIS Advanced Gaming Keyboard\OSD.exe
() [File not signed] C:\Users\Agent\AppData\Local\SmartGenius\resources\KeyboardDriver\SmartHID.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Aslain ) [File not signed] C:\Users\Agent\Downloads\Aslains_WoT_Modpack_Installer_v.1.7.0.2_19.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(KYE SYSTEMS CORP. -> ) C:\Users\Agent\AppData\Local\SmartGenius\resources\KeyboardDriver\SmartFore.exe
(KYE SYSTEMS CORP. -> GitHub, Inc.) C:\Users\Agent\AppData\Local\SmartGenius\SmartGenius.exe
(KYE SYSTEMS CORP. -> GitHub, Inc.) C:\Users\Agent\AppData\Local\SmartGenius\SmartGenius.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Agent\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12001.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a3efb8aa9e9e249a\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a3efb8aa9e9e249a\Display.NvContainer\NVDisplay.Container.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SmartGenius] => C:\Users\Agent\AppData\Local\SmartGenius\SmartGenius.exe [93723136 2019-10-26] (KYE SYSTEMS CORP. -> GitHub, Inc.)
HKLM\...\Run: [RunSmartForeFile] => C:\Users\Agent\AppData\Local\SmartGenius\resources\KeyboardDriver\SmartHIDStart.exe [524288 2019-10-16] () [File not signed]
HKLM\...\Run: [RunSmartHIDFile] => C:\Users\Agent\AppData\Local\SmartGenius\resources\KeyboardDriver\SmartHID.exe [815616 2019-10-16] () [File not signed]
HKLM-x32\...\Run: [SL-6481 Gaming Keyboard] => C:\Program Files (x86)\SPEEDLINK\VIRTUIS Advanced Gaming Keyboard\Monitor.exe [1976832 2014-06-21] () [File not signed]
HKU\S-1-5-21-357395720-4081436159-901972258-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2414456 2019-12-18] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-357395720-4081436159-901972258-1001\...\Run: [X7OscarLite] => C:\Program Files (x86)\X7OscarLite\X7OscarLite\X7OscarLite.exe [13070064 2018-05-03] (A FOUR TECH CO., LTD. -> )
HKU\S-1-5-21-357395720-4081436159-901972258-1001\...\MountPoints2: {ee9fa2ff-c576-11e8-ba2c-902b3458fe0b} - "E:\iStudio.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-17] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01B1C61D-E6B8-44FB-855B-68AA602713C4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653848 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {08FD9B59-C7D5-42EC-BE89-A0F72BB0077A} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0B6A13EC-DA89-4706-8E5A-A054501A5C2D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-10-03] (Google Inc -> Google Inc.)
Task: {11D80942-41A5-4CF1-AEB7-D2623A7C4293} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {14A6985A-7AE5-4871-9E93-70910DDECF7F} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [791232 2019-09-15] (Kaspersky Lab -> AO Kaspersky Lab)
Task: {18794D21-ADFC-4192-829A-0AEE96E427EF} - System32\Tasks\MaiSoft\QA-de_010D14EF-D5AB-41EE-ADFB-96D42EBD9150 => C:\Users\Agent\AppData\Local\QA\Helper.vbs [Argument = -run $(Arg0)]
Task: {3250A391-4BE4-466C-A72F-629AD337B853} - System32\Tasks\MaiSoft\QA_010D14EF-D5AB-41EE-ADFB-96D42EBD9150 => C:\Users\Agent\AppData\Local\QA\Helper.vbs [Argument = -run $(Arg0)]
Task: {348A80F7-DDEB-4684-86A7-A9244A5813A5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {3A75F282-C4E9-460C-A2C1-87A217E38966} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3CAA405F-1C25-4B00-8673-7604878633DC} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4342157F-F391-47FD-92C5-5E77A17D0397} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5D68FA6D-F381-4985-AFD5-BCF6C1BCBEFE} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {683EB72E-122A-4749-9754-0908AB93927A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {6A72A600-EE8F-4663-B75F-4DD816B9A78A} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {909DB51D-66C6-43A3-A0A5-0F3623D6399C} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9746180B-53A1-4072-A661-F4EBAF4B0344} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-10-03] (Google Inc -> Google Inc.)
Task: {9D90E225-8D5D-42E9-8FE3-CDF6D0ED3860} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D18269C5-9661-47E9-8D1E-974000DD40A9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {F7665A4B-6BEB-474A-BA08-DBAAE2229C68} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302880 2019-12-09] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{a6117354-5a7e-462d-b3b7-9b932c6351bd}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{dc203d49-5893-4b0d-b49d-cc9f229343f1}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2019-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> D:\Office\Office15\OCHelper.dll [2019-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> D:\Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - D:\Office\Office15\MSOSB.DLL [2018-03-14] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [light_plugin_B29D4AD94F82454BBC9215BCBD7E80AE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Ochrana Kaspersky) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\FFExt\light_plugin_firefox\addon.xpi [2019-12-19]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_B29D4AD94F82454BBC9215BCBD7E80AE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-06-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> D:\Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Notifications: Default -> hxxps://www.facebook.com; hxxps://www.knihcentrum.cz; hxxps://www.megaknihy.cz
CHR Profile: C:\Users\Agent\AppData\Local\Google\Chrome\User Data\Default [2020-01-23]
CHR Extension: (Prezentace) - C:\Users\Agent\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-10-03]
CHR Extension: (Dokumenty) - C:\Users\Agent\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-10-03]
CHR Extension: (Disk Google) - C:\Users\Agent\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-09]
CHR Extension: (Zhasnout světla) - C:\Users\Agent\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2020-01-20]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\Agent\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2019-10-08]
CHR Extension: (YouTube) - C:\Users\Agent\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-10-03]
CHR Extension: (Adobe Acrobat) - C:\Users\Agent\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-09-30]
CHR Extension: (Ochrana Kaspersky) - C:\Users\Agent\AppData\Local\Google\Chrome\User Data\Default\Extensions\elhpdacimkjpccooodognopfhbdgnpbk [2019-11-25]
CHR Extension: (Tabulky) - C:\Users\Agent\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-10-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\Agent\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-09]
CHR Extension: (Rozšíření Odběry RSS (od Googlu)) - C:\Users\Agent\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd [2018-10-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Agent\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-09-30]
CHR Extension: (Gmail) - C:\Users\Agent\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-15]
CHR Extension: (Chrome Media Router) - C:\Users\Agent\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-17]
CHR Profile: C:\Users\Agent\AppData\Local\Google\Chrome\User Data\System Profile [2019-12-04]
CHR HKLM\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps://chrome.google.com/webstore/detail/elhpdacimkjpccooodognopfhbdgnpbk
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps://chrome.google.com/webstore/detail/elhpdacimkjpccooodognopfhbdgnpbk

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AVP20.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\avp.exe [357416 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klvssbridge64_20.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\vssbridge64.exe [438928 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab)
S2 KSDE4.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 4.0\ksde.exe [619752 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\NisSrv.exe [3004048 2019-10-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MsMpEng.exe [103384 2019-10-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a3efb8aa9e9e249a\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a3efb8aa9e9e249a\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [246912 2019-02-16] (Kaspersky Lab -> AO Kaspersky Lab)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 gKbdfltr; C:\WINDOWS\System32\drivers\gKbdfltr.sys [29576 2019-10-16] (KYE SYSTEMS CORP. -> )
R3 ioFakDrv; C:\WINDOWS\System32\drivers\ioFakDrv.sys [35928 2019-10-16] (KYE Systems Corp -> KYE System Corp.)
R3 ioFakMap; C:\WINDOWS\System32\drivers\ioFakMap.sys [24664 2019-10-16] (KYE Systems Corp -> KYE System Corp.)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [79696 2019-12-19] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [145304 2019-12-19] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [93312 2019-03-12] (Kaspersky Lab -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [37816 2019-01-24] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [251512 2019-10-31] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [516216 2019-09-17] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [1123664 2019-10-17] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klids; C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\klids.sys [201280 2019-12-16] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [998016 2019-10-31] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [58192 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [79184 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [59512 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [51328 2019-03-13] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [45904 2019-03-10] (Kaspersky Lab -> AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [48592 2018-03-16] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [251256 2019-10-14] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [99152 2019-09-15] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [306248 2019-10-15] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [119744 2019-10-15] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [204520 2019-10-16] (Kaspersky Lab -> AO Kaspersky Lab)
S4 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [105600 2019-03-05] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [211048 2019-12-19] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [232272 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
R3 L1C; C:\WINDOWS\System32\drivers\L1C63x64.sys [121344 2019-03-19] (Microsoft Windows -> Qualcomm Atheros Co., Ltd.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a3efb8aa9e9e249a\nvlddmkm.sys [23231744 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-12-07] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46688 2019-10-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [350136 2019-10-02] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54200 2019-10-02] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-23 20:59 - 2020-01-23 21:00 - 000023512 _____ C:\Users\Agent\Desktop\FRST.txt
2020-01-23 20:58 - 2020-01-23 20:58 - 002580480 _____ (Farbar) C:\Users\Agent\Desktop\FRST64.exe
2020-01-23 18:37 - 2020-01-23 18:52 - 148678505 _____ (Aslain ) C:\Users\Agent\Downloads\Aslains_WoT_Modpack_Installer_v.1.7.0.2_19.exe
2020-01-23 18:15 - 2020-01-23 18:15 - 000000000 ____D C:\WINDOWS\system32\Tasks\S-1-5-21-357395720-4081436159-901972258-1001
2020-01-21 17:29 - 2020-01-21 17:35 - 147950841 _____ (Aslain ) C:\Users\Agent\Downloads\Aslains_WoT_Modpack_Installer_v.1.7.0.2_18 (1).exe
2020-01-20 16:22 - 2020-01-20 16:23 - 008237744 _____ (Malwarebytes) C:\Users\Agent\Downloads\adwcleaner_8.0.1.exe
2020-01-20 16:11 - 2020-01-20 16:11 - 000155555 _____ C:\Users\Agent\Downloads\faktura-vf1-26073-2019.pdf
2020-01-19 13:23 - 2020-01-19 13:28 - 147950841 _____ (Aslain ) C:\Users\Agent\Downloads\Aslains_WoT_Modpack_Installer_v.1.7.0.2_18.exe
2020-01-16 18:33 - 2020-01-16 18:33 - 000000000 ____D C:\Program Files (x86)\AnyMP4 Studio
2020-01-16 18:31 - 2020-01-16 18:32 - 044975864 _____ (AnyMP4 Studio ) C:\Users\Agent\Downloads\blu-ray-player.exe
2020-01-16 14:51 - 2020-01-16 14:51 - 025900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 009928208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-01-16 14:51 - 2020-01-16 14:51 - 008012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 007016448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 006520480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 005913600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-01-16 14:51 - 2020-01-16 14:51 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 002801152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-01-16 14:51 - 2020-01-16 14:51 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-01-16 14:51 - 2020-01-16 14:51 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 002494464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 002473976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 001985928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 001655880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 001399096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-01-16 14:51 - 2020-01-16 14:51 - 001330952 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 001106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-01-16 14:51 - 2020-01-16 14:51 - 001051664 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 001020032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-01-16 14:51 - 2020-01-16 14:51 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000678712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-01-16 14:51 - 2020-01-16 14:51 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-01-16 14:51 - 2020-01-16 14:51 - 000542496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000432256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-01-16 14:51 - 2020-01-16 14:51 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-01-16 14:51 - 2020-01-16 14:51 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000363840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-01-16 14:51 - 2020-01-16 14:51 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-01-16 14:51 - 2020-01-16 14:51 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-01-16 14:51 - 2020-01-16 14:51 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssrvlic.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-01-16 14:51 - 2020-01-16 14:51 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000162696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-01-16 14:51 - 2020-01-16 14:51 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tsusbhub.sys
2020-01-16 14:51 - 2020-01-16 14:51 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000127520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-01-16 14:51 - 2020-01-16 14:51 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\LSCSHostPolicy.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\lstelemetry.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiatrace.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-01-16 14:51 - 2020-01-16 14:51 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-01-16 14:45 - 2020-01-16 14:45 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-01-16 14:45 - 2020-01-16 14:45 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-01-15 19:28 - 2020-01-15 21:13 - 000013913 _____ C:\ProgramData\DisplaySessionContainer74.log_backup1
2020-01-15 17:13 - 2020-01-15 19:28 - 000013516 _____ C:\ProgramData\DisplaySessionContainer73.log_backup1
2020-01-15 16:01 - 2020-01-15 16:01 - 000155582 _____ C:\Users\Agent\Downloads\faktura-vf1-0060-2020.pdf
2020-01-15 14:59 - 2020-01-15 17:13 - 000013158 _____ C:\ProgramData\DisplaySessionContainer72.log_backup1
2020-01-14 20:45 - 2020-01-15 14:59 - 000013905 _____ C:\ProgramData\DisplaySessionContainer71.log_backup1
2020-01-14 19:58 - 2020-01-14 20:45 - 000013512 _____ C:\ProgramData\DisplaySessionContainer70.log_backup1
2020-01-14 17:23 - 2020-01-14 19:58 - 000013897 _____ C:\ProgramData\DisplaySessionContainer69.log_backup1
2020-01-14 17:13 - 2020-01-14 17:23 - 000013913 _____ C:\ProgramData\DisplaySessionContainer68.log_backup1
2020-01-14 14:45 - 2020-01-14 17:13 - 000013520 _____ C:\ProgramData\DisplaySessionContainer67.log_backup1
2020-01-13 22:26 - 2020-01-14 14:45 - 000013520 _____ C:\ProgramData\DisplaySessionContainer66.log_backup1
2020-01-12 20:53 - 2020-01-13 22:26 - 000013913 _____ C:\ProgramData\DisplaySessionContainer65.log_backup1
2020-01-12 16:59 - 2020-01-12 20:53 - 000012218 _____ C:\ProgramData\DisplaySessionContainer64.log_backup1
2020-01-12 01:37 - 2020-01-12 16:30 - 000013905 _____ C:\ProgramData\DisplaySessionContainer63.log_backup1
2020-01-11 22:38 - 2020-01-12 01:37 - 000013512 _____ C:\ProgramData\DisplaySessionContainer62.log_backup1
2020-01-11 16:28 - 2020-01-11 22:38 - 000013524 _____ C:\ProgramData\DisplaySessionContainer61.log_backup1
2020-01-11 14:20 - 2020-01-11 16:28 - 000013913 _____ C:\ProgramData\DisplaySessionContainer60.log_backup1
2020-01-11 12:18 - 2020-01-11 14:20 - 000013905 _____ C:\ProgramData\DisplaySessionContainer59.log_backup1
2020-01-11 10:20 - 2020-01-11 12:18 - 000013516 _____ C:\ProgramData\DisplaySessionContainer58.log_backup1
2020-01-11 06:37 - 2020-01-11 10:20 - 000013516 _____ C:\ProgramData\DisplaySessionContainer57.log_backup1
2020-01-11 00:27 - 2020-01-11 06:37 - 000013905 _____ C:\ProgramData\DisplaySessionContainer56.log_backup1
2020-01-10 19:03 - 2020-01-11 00:27 - 000013913 _____ C:\ProgramData\DisplaySessionContainer55.log_backup1
2020-01-10 14:38 - 2020-01-10 19:03 - 000013520 _____ C:\ProgramData\DisplaySessionContainer54.log_backup1
2020-01-09 22:00 - 2020-01-10 14:38 - 000013512 _____ C:\ProgramData\DisplaySessionContainer53.log_backup1
2020-01-09 19:19 - 2020-01-09 22:00 - 000013913 _____ C:\ProgramData\DisplaySessionContainer52.log_backup1
2020-01-09 16:32 - 2020-01-09 19:19 - 000013516 _____ C:\ProgramData\DisplaySessionContainer51.log_backup1
2020-01-08 22:54 - 2020-01-09 16:32 - 000013520 _____ C:\ProgramData\DisplaySessionContainer50.log_backup1
2020-01-08 16:46 - 2020-01-08 22:54 - 000013516 _____ C:\ProgramData\DisplaySessionContainer49.log_backup1
2020-01-08 13:41 - 2020-01-08 16:46 - 000013512 _____ C:\ProgramData\DisplaySessionContainer48.log_backup1
2020-01-08 09:29 - 2020-01-08 13:41 - 000013905 _____ C:\ProgramData\DisplaySessionContainer47.log_backup1
2020-01-07 23:12 - 2020-01-08 09:29 - 000013520 _____ C:\ProgramData\DisplaySessionContainer46.log_backup1
2020-01-07 16:36 - 2020-01-07 16:36 - 001181171 _____ C:\Users\Agent\Downloads\Návod k použití CZ.pdf
2020-01-07 07:10 - 2020-01-07 23:12 - 000013166 _____ C:\ProgramData\DisplaySessionContainer45.log_backup1
2020-01-06 22:48 - 2020-01-07 07:10 - 000013512 _____ C:\ProgramData\DisplaySessionContainer44.log_backup1
2019-12-24 10:43 - 2020-01-17 14:19 - 000001209 _____ C:\ProgramData\NvcDispCorePlugin.log_backup1
2019-12-24 10:41 - 2019-12-07 05:31 - 000047032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2019-12-24 10:39 - 2019-12-08 16:30 - 011843728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2019-12-24 10:39 - 2019-12-08 16:30 - 001729232 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2019-12-24 10:39 - 2019-12-08 16:30 - 001729232 _____ C:\WINDOWS\system32\vulkaninfo.exe
2019-12-24 10:39 - 2019-12-08 16:30 - 001329360 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-12-24 10:39 - 2019-12-08 16:30 - 001329360 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2019-12-24 10:39 - 2019-12-08 16:30 - 001078992 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2019-12-24 10:39 - 2019-12-08 16:30 - 001078992 _____ C:\WINDOWS\system32\vulkan-1.dll
2019-12-24 10:39 - 2019-12-08 16:30 - 000937680 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2019-12-24 10:39 - 2019-12-08 16:30 - 000937680 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2019-12-24 10:39 - 2019-12-08 16:30 - 000451440 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2019-12-24 10:39 - 2019-12-08 16:30 - 000352504 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2019-12-24 10:39 - 2019-12-08 16:29 - 010167744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2019-12-24 10:39 - 2019-12-08 16:29 - 001001408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2019-12-24 10:39 - 2019-12-08 16:29 - 000824256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2019-12-24 10:39 - 2019-12-08 16:29 - 000676608 _____ C:\WINDOWS\system32\nvofapi64.dll
2019-12-24 10:39 - 2019-12-08 16:29 - 000545296 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2019-12-24 10:39 - 2019-12-08 16:28 - 017462400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2019-12-24 10:39 - 2019-12-08 16:28 - 015030896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2019-12-24 10:39 - 2019-12-08 16:28 - 005382232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2019-12-24 10:39 - 2019-12-08 16:28 - 004717656 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2019-12-24 10:39 - 2019-12-08 16:28 - 002076064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2019-12-24 10:39 - 2019-12-08 16:28 - 001568504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2019-12-24 10:39 - 2019-12-08 16:28 - 001483712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2019-12-24 10:39 - 2019-12-08 16:28 - 001371648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2019-12-24 10:39 - 2019-12-08 16:28 - 001146880 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2019-12-24 10:39 - 2019-12-08 16:28 - 001064840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2019-12-24 10:39 - 2019-12-08 16:28 - 000812800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2019-12-24 10:39 - 2019-12-08 16:28 - 000684992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2019-12-24 10:39 - 2019-12-08 16:28 - 000659152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2019-12-24 10:39 - 2019-12-08 16:28 - 000573176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2019-12-24 10:39 - 2019-12-08 16:28 - 000557072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2019-12-24 10:39 - 2019-12-08 16:28 - 000452720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2019-12-24 10:39 - 2019-12-08 16:27 - 040510424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2019-12-24 10:39 - 2019-12-08 16:27 - 035380264 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2019-12-24 10:39 - 2019-12-08 16:27 - 004224176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2019-12-24 10:39 - 2019-12-08 16:27 - 000858712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2019-12-24 10:39 - 2019-12-07 05:31 - 000081581 _____ C:\WINDOWS\system32\nvidia-smi.1.pdf
2019-12-24 10:39 - 2019-12-07 05:31 - 000075706 _____ C:\WINDOWS\system32\nvinfo.pb
2019-12-24 10:30 - 2019-12-05 22:24 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2019-12-24 10:27 - 2019-12-24 10:27 - 000000000 ___HD C:\$SysReset

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-23 20:59 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-01-23 20:59 - 2019-01-23 15:44 - 000000000 ____D C:\FRST
2020-01-23 20:59 - 2018-11-21 09:09 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2020-01-23 20:55 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-23 19:10 - 2018-10-03 14:34 - 000000000 ____D C:\ProgramData\NVIDIA
2020-01-23 19:08 - 2019-09-17 15:32 - 000000880 _____ C:\Users\Agent\Desktop\Aslains WoT Logs Archiver.lnk
2020-01-23 19:05 - 2019-08-01 07:31 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-23 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-01-23 17:47 - 2018-10-04 14:06 - 000748816 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-01-23 15:38 - 2019-12-21 09:28 - 000000000 ____D C:\Users\Agent\AppData\Roaming\SmartGenius
2020-01-23 15:38 - 2019-11-09 09:54 - 000013511 _____ C:\ProgramData\DisplaySessionContainer7.log_backup1
2020-01-23 15:37 - 2018-12-11 15:09 - 000000000 ____D C:\Users\Agent\Desktop\Nová složka (2)
2020-01-22 20:05 - 2019-11-08 21:11 - 000013900 _____ C:\ProgramData\DisplaySessionContainer6.log_backup1
2020-01-22 18:03 - 2019-11-08 18:16 - 000013908 _____ C:\ProgramData\DisplaySessionContainer5.log_backup1
2020-01-22 16:23 - 2019-11-08 14:45 - 000013900 _____ C:\ProgramData\DisplaySessionContainer4.log_backup1
2020-01-22 14:54 - 2019-11-08 05:41 - 000013515 _____ C:\ProgramData\DisplaySessionContainer3.log_backup1
2020-01-22 14:23 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-01-21 19:56 - 2019-11-07 21:56 - 000013507 _____ C:\ProgramData\DisplaySessionContainer2.log_backup1
2020-01-20 21:37 - 2019-11-07 15:48 - 000012597 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2020-01-20 16:33 - 2019-08-01 07:39 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-01-20 16:33 - 2019-03-19 12:57 - 000716944 _____ C:\WINDOWS\system32\perfh005.dat
2020-01-20 16:33 - 2019-03-19 12:57 - 000145024 _____ C:\WINDOWS\system32\perfc005.dat
2020-01-20 16:27 - 2019-08-01 07:37 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-01-20 16:26 - 2019-11-07 15:48 - 000000385 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2020-01-20 16:26 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-01-20 15:36 - 2019-11-07 15:48 - 000387377 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2020-01-20 14:47 - 2019-11-10 18:03 - 000013895 _____ C:\ProgramData\DisplaySessionContainer11.log_backup1
2020-01-19 22:36 - 2019-11-10 10:20 - 000013909 _____ C:\ProgramData\DisplaySessionContainer10.log_backup1
2020-01-19 19:04 - 2019-11-09 23:30 - 000013511 _____ C:\ProgramData\DisplaySessionContainer9.log_backup1
2020-01-19 02:46 - 2019-11-09 17:57 - 000011827 _____ C:\ProgramData\DisplaySessionContainer8.log_backup1
2020-01-18 23:35 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-17 14:26 - 2018-10-03 14:42 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-17 14:26 - 2018-10-03 14:42 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-01-17 14:19 - 2019-08-01 07:37 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-357395720-4081436159-901972258-1001
2020-01-17 14:19 - 2019-08-01 07:33 - 000000000 ____D C:\Users\Agent
2020-01-17 14:19 - 2019-03-19 05:37 - 087293952 _____ C:\WINDOWS\system32\config\software.bak
2020-01-17 14:19 - 2019-03-19 05:37 - 016515072 _____ C:\WINDOWS\system32\config\system.bak
2020-01-17 14:19 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\default.bak
2020-01-17 14:18 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-01-17 14:17 - 2018-09-26 16:55 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-01-16 20:43 - 2019-03-19 05:37 - 000020480 _____ C:\WINDOWS\system32\config\ELAM
2020-01-16 14:57 - 2019-08-01 07:31 - 000458360 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-01-16 14:57 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-01-16 14:57 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-01-16 14:57 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-01-16 14:57 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-01-16 14:55 - 2018-10-04 14:10 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-01-16 14:53 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-01-16 14:53 - 2018-11-08 16:57 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2020-01-16 14:53 - 2018-10-04 14:10 - 120202352 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-01-13 17:12 - 2019-11-06 20:34 - 000000000 ____D C:\Users\Agent\AppData\Local\CrashDumps
2020-01-12 13:32 - 2018-09-27 14:08 - 000000000 ____D C:\Users\Agent\Desktop\replays
2020-01-11 22:13 - 2019-12-21 09:27 - 000000000 ____D C:\Users\Agent\AppData\Local\SmartGenius
2020-01-10 21:53 - 2019-08-01 07:33 - 000002361 _____ C:\Users\Agent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-01-10 21:53 - 2018-09-26 16:56 - 000000000 ___RD C:\Users\Agent\OneDrive
2020-01-07 18:59 - 2018-09-26 18:58 - 000000625 _____ C:\Users\Agent\Desktop\Nový textový dokument.txt
2020-01-06 22:48 - 2019-11-30 10:31 - 000013516 _____ C:\ProgramData\DisplaySessionContainer43.log_backup1
2020-01-06 21:41 - 2019-11-30 10:00 - 000013905 _____ C:\ProgramData\DisplaySessionContainer42.log_backup1
2020-01-06 17:36 - 2019-11-29 22:12 - 000013528 _____ C:\ProgramData\DisplaySessionContainer41.log_backup1
2020-01-06 15:57 - 2019-11-29 15:42 - 000013901 _____ C:\ProgramData\DisplaySessionContainer40.log_backup1
2020-01-06 12:28 - 2019-11-29 11:07 - 000013905 _____ C:\ProgramData\DisplaySessionContainer39.log_backup1
2020-01-06 07:34 - 2019-11-28 23:25 - 000013905 _____ C:\ProgramData\DisplaySessionContainer38.log_backup1
2020-01-05 19:55 - 2019-11-28 15:47 - 000013528 _____ C:\ProgramData\DisplaySessionContainer37.log_backup1
2020-01-05 15:45 - 2019-11-28 11:46 - 000013520 _____ C:\ProgramData\DisplaySessionContainer36.log_backup1
2020-01-05 04:08 - 2019-11-28 00:51 - 000013528 _____ C:\ProgramData\DisplaySessionContainer35.log_backup1
2020-01-04 22:49 - 2019-11-27 22:29 - 000013528 _____ C:\ProgramData\DisplaySessionContainer34.log_backup1
2020-01-04 19:11 - 2019-11-27 14:48 - 000013905 _____ C:\ProgramData\DisplaySessionContainer33.log_backup1
2020-01-04 17:28 - 2019-11-27 00:51 - 000013905 _____ C:\ProgramData\DisplaySessionContainer32.log_backup1
2020-01-04 12:54 - 2019-11-26 21:11 - 000013897 _____ C:\ProgramData\DisplaySessionContainer31.log_backup1
2020-01-04 02:10 - 2019-11-26 20:30 - 000013490 _____ C:\ProgramData\DisplaySessionContainer30.log_backup1
2020-01-03 14:48 - 2019-11-26 15:45 - 000013905 _____ C:\ProgramData\DisplaySessionContainer29.log_backup1
2020-01-03 03:03 - 2019-11-26 12:18 - 000013905 _____ C:\ProgramData\DisplaySessionContainer28.log_backup1
2020-01-02 12:16 - 2019-11-25 23:26 - 000013897 _____ C:\ProgramData\DisplaySessionContainer27.log_backup1
2020-01-02 10:54 - 2019-11-25 22:35 - 000013905 _____ C:\ProgramData\DisplaySessionContainer26.log_backup1
2020-01-02 04:44 - 2019-11-25 15:02 - 000013905 _____ C:\ProgramData\DisplaySessionContainer25.log_backup1
2020-01-01 15:08 - 2019-11-25 10:40 - 000013905 _____ C:\ProgramData\DisplaySessionContainer24.log_backup1
2020-01-01 12:19 - 2019-11-24 22:09 - 000013907 _____ C:\ProgramData\DisplaySessionContainer23.log_backup1
2020-01-01 00:16 - 2019-11-14 05:42 - 000013904 _____ C:\ProgramData\DisplaySessionContainer22.log_backup1
2019-12-31 15:21 - 2019-11-13 23:28 - 000013520 _____ C:\ProgramData\DisplaySessionContainer21.log_backup1
2019-12-31 14:05 - 2019-11-13 05:36 - 000013502 _____ C:\ProgramData\DisplaySessionContainer20.log_backup1
2019-12-31 13:26 - 2019-11-12 22:56 - 000013903 _____ C:\ProgramData\DisplaySessionContainer19.log_backup1
2019-12-30 18:56 - 2019-11-12 16:54 - 000013903 _____ C:\ProgramData\DisplaySessionContainer18.log_backup1
2019-12-30 16:17 - 2019-11-12 15:08 - 000013160 _____ C:\ProgramData\DisplaySessionContainer17.log_backup1
2019-12-29 20:39 - 2019-11-12 05:40 - 000013109 _____ C:\ProgramData\DisplaySessionContainer15.log_backup1
2019-12-29 11:59 - 2019-11-11 23:56 - 000013903 _____ C:\ProgramData\DisplaySessionContainer14.log_backup1
2019-12-29 02:21 - 2019-11-11 12:15 - 000013789 _____ C:\ProgramData\DisplaySessionContainer13.log_backup1
2019-12-28 12:27 - 2019-11-10 22:36 - 000012229 _____ C:\ProgramData\DisplaySessionContainer12.log_backup1
2019-12-24 10:43 - 2018-10-03 14:36 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-12-24 10:41 - 2018-10-03 14:33 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-12-24 10:30 - 2019-08-11 13:56 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-24 10:30 - 2019-08-11 13:56 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-24 10:30 - 2019-08-11 13:56 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-24 10:30 - 2019-08-11 13:56 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-24 10:30 - 2019-08-11 13:56 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-24 10:30 - 2019-08-11 13:56 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-24 10:30 - 2019-08-11 13:56 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-24 10:30 - 2019-08-11 13:56 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-24 10:30 - 2019-08-11 13:56 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-24 10:30 - 2019-08-11 13:56 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-24 10:30 - 2019-08-11 13:56 - 000001443 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2019-12-24 10:30 - 2018-10-03 14:33 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-12-24 10:24 - 2019-09-19 07:42 - 000000000 ____D C:\Program Files (x86)\FastShare

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Zdravím!
Přidejte ještě log Addition. Měl by být na ploše v souboru addition.txt. Děkuji.

Rudy píše:Zdravím!
Přidejte ještě log Addition. Měl by být na ploše v souboru addition.txt. Děkuji.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-01-2020 01
Ran by Agent (23-01-2020 21:00:31)
Running from C:\Users\Agent\Desktop
Windows 10 Pro Version 1909 18363.592 (X64) (2019-08-01 06:38:03)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-357395720-4081436159-901972258-500 - Administrator - Disabled)
Agent (S-1-5-21-357395720-4081436159-901972258-1001 - Administrator - Enabled) => C:\Users\Agent
DefaultAccount (S-1-5-21-357395720-4081436159-901972258-503 - Limited - Disabled)
Guest (S-1-5-21-357395720-4081436159-901972258-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-357395720-4081436159-901972258-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Free (Disabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Aktualizace NVIDIA 38.0.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.4.0 - NVIDIA Corporation) Hidden
Aslain's WoT Modpack verze 1.7.0.2.19 (HKLM-x32\...\Aslains_WoT_Modpack_Installer_is1) (Version: 1.7.0.2.19 - Aslain)
Bandicam (HKLM-x32\...\Bandicam) (Version: 4.0.1.1339 - Bandicam.com)
Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Kaspersky Free (HKLM-x32\...\InstallWIX_{D891550B-ACFE-4797-B368-BCFC434BBEB1}) (Version: 20.0.14.1085 - Kaspersky)
Kaspersky Internet Security (HKLM-x32\...\{D891550B-ACFE-4797-B368-BCFC434BBEB1}) (Version: 20.0.14.1085 - Kaspersky) Hidden
Kaspersky Secure Connection (HKLM-x32\...\{145AE349-477A-45E5-A57C-5F5BF2BB5775}) (Version: 20.0.14.1085 - Kaspersky) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{145AE349-477A-45E5-A57C-5F5BF2BB5775}) (Version: 20.0.14.1085 - Kaspersky)
Luxor 2 HD (HKLM-x32\...\Luxor 2 HD1.0) (Version: 1.0 - Foxy Games)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-357395720-4081436159-901972258-1001\...\OneDriveSetup.exe) (Version: 19.222.1110.0006 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM-x32\...\{90150000-001F-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM-x32\...\{90150000-001F-041B-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 441.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 441.66 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
SmartGenius (HKLM\...\{F96B1114-82A6-4348-8A84-8FD4E9D99F3B}_is1) (Version: 1.7.0.1 - KYE Systems Corp.)
Update for Skype for Business 2015 (KB4475564) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{14E2D22A-5164-4E35-8239-E2DB5D6B9A09}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4475564) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0405-0000-0000000FF1CE}_Office15.PROPLUSR_{14E2D22A-5164-4E35-8239-E2DB5D6B9A09}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4475564) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{14E2D22A-5164-4E35-8239-E2DB5D6B9A09}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
VIRTUIS ADVANCED Gaming Keyboard Driver (HKLM-x32\...\{B3CDED64-7DC2-429D-A325-BBC3CF793AA6}) (Version: 1.0 - SPEEDLINK)
Wargaming.net Game Center (HKU\S-1-5-21-357395720-4081436159-901972258-1001\...\Wargaming.net Game Center) (Version: 19.8.0.7920 - Wargaming.net)
WinASO Registry Optimizer 5.6 (HKLM-x32\...\WinASO Registry Optimizer_is1) (Version: - X.M.Y International LLC)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
World of Tanks EU (HKU\S-1-5-21-357395720-4081436159-901972258-1001\...\WOT.EU.PRODUCTION) (Version: - Wargaming.net)
World of Tanks NA (HKU\S-1-5-21-357395720-4081436159-901972258-1001\...\WOT.NA.PRODUCTION) (Version: - Wargaming.net)
World_of_Warships_NA (HKU\S-1-5-21-357395720-4081436159-901972258-1001\...\WOWS.NA.PRODUCTION) (Version: - Wargaming.net)
X7 Oscar Lite (HKLM-x32\...\X7OscarLite) (Version: 18.05.0002 - A4Tech)

Packages:
=========
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1680.3.0_x86__kgqvnymyfvs32 [2020-01-16] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.154.400.0_x86__kgqvnymyfvs32 [2019-12-12] (king.com)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.1.3842.0_x64__rz1tebttyb220 [2019-12-19] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-10-26] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-07-28] (Microsoft Corporation)
Hidden City: Hidden Object Adventure -> C:\Program Files\WindowsApps\828B5831.HiddenCityMysteryofShadows_1.32.3201.0_x86__ytsefhwckbdv6 [2020-01-03] (G5 Entertainment AB)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-05] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-05] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-12] (Microsoft Studios) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-16] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.956.0_x64__56jybvy8sckqj [2019-11-07] (NVIDIA Corp.)
World of Tanks Blitz -> C:\Program Files\WindowsApps\7458BE2C.WorldofTanksBlitz_6.7.188.0_x64__x4tje2y229k00 [2020-01-16] (Wargaming Group Limited)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\ShellEx.dll [2019-10-31] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\ShellEx.dll [2019-10-31] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\ShellEx.dll [2019-10-31] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a3efb8aa9e9e249a\nvshext.dll [2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\ShellEx.dll [2019-10-31] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.mjpg] => C:\WINDOWS\system32\bdmjpeg64.dll [75248 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\WINDOWS\system32\bdmpegv64.dll [75272 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\WINDOWS\system32\bdmpega64.acm [75784 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [71152 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [71176 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [71176 2017-01-26] (Bandicam Company -> )

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-12-21 09:27 - 2019-11-06 11:12 - 000641024 _____ () [File not signed] \\?\C:\Users\Agent\AppData\Local\SmartGenius\resources\app\backend\protocol\platform\win32\Release\x64_driverWin.node
2019-12-21 09:27 - 2019-11-06 11:12 - 000641024 _____ () [File not signed] \\?\C:\Users\Agent\AppData\Local\SmartGenius\resources\app\backend\protocol\platform\win32\Release\x64_hidWin.node
2019-12-21 09:27 - 2019-11-06 11:12 - 000265728 _____ () [File not signed] \\?\C:\Users\Agent\AppData\Local\SmartGenius\resources\app\backend\protocol\platform\win32\Release\x64_sysWin.node
2019-09-02 17:30 - 2012-11-05 07:37 - 000061440 _____ () [File not signed] C:\Program Files (x86)\SPEEDLINK\VIRTUIS Advanced Gaming Keyboard\hiddriver.dll
2019-09-02 17:30 - 2013-08-17 13:13 - 000036864 _____ () [File not signed] C:\Program Files (x86)\SPEEDLINK\VIRTUIS Advanced Gaming Keyboard\Lang\Lang_EN.dll
2019-12-21 09:27 - 2019-10-16 09:32 - 002126848 _____ () [File not signed] C:\Users\Agent\AppData\Local\SmartGenius\ffmpeg.dll
2019-12-21 09:27 - 2019-10-16 09:32 - 000109056 _____ () [File not signed] C:\Users\Agent\AppData\Local\SmartGenius\libegl.dll
2019-12-21 09:27 - 2019-10-16 09:32 - 005103616 _____ () [File not signed] C:\Users\Agent\AppData\Local\SmartGenius\libglesv2.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-10-03 15:26 - 2018-10-03 15:25 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-357395720-4081436159-901972258-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Agent\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{8CCC4D9A-3FC0-4DF1-B242-88EDBF17FA70}] => (Allow) D:\Games\World_of_Tanks_EU\WorldOfTanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{4775A5F4-8AE6-4B3D-AA34-B6E64148A20A}] => (Allow) D:\Games\World_of_Tanks_EU\WorldOfTanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{71218710-3837-41A8-8AFA-71F7FED89F10}] => (Allow) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{FEA906AA-2F07-4C93-8ED4-040AF66527DB}] => (Allow) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{A4936F38-F287-4000-9A17-C64CBFC73DCC}] => (Allow) LPort=1688
FirewallRules: [{A8E31CE1-6EA8-4EC0-A90C-C2C1E5610413}] => (Allow) D:\Office\Office15\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{23A75077-FFC8-4E90-9CFA-34E2AF001EC9}] => (Allow) D:\Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{056D2040-A3E9-4398-863B-2772E32FCC97}] => (Allow) D:\Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B8583603-0E91-4E1B-B750-C6A23C6F9208}] => (Allow) D:\Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E2E0B2D6-F89F-4552-B0FA-9ADAFDFFC96B}] => (Allow) D:\Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{FAEC7B69-3B2B-48BC-8986-A716398F2DBE}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe (Wargaming PCL -> Wargaming.net)
FirewallRules: [TCP Query User{3B69D67B-BD35-4D34-A3CC-3C4F317889DF}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe (Wargaming PCL -> Wargaming.net)
FirewallRules: [UDP Query User{D420C028-2EFA-4E1C-BC22-C9B081ED2EE1}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{4F0D0111-6BE9-4238-8C72-0BED9BC5E33D}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{5B13882A-B4A4-41EE-B441-68684B7BF4AD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D1D7EBCF-2B52-4BC6-AC0F-9FF5230B45E0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A30AA417-BDD6-491F-88F7-FF147B5224E8}] => (Allow) C:\Games\World_of_Tanks\WargamingGameUpdater.exe No File
FirewallRules: [{29DFF6E1-A909-4AD7-B0F5-D5EF219C70F2}] => (Allow) C:\Games\World_of_Tanks\WargamingGameUpdater.exe No File
FirewallRules: [{7BC94195-053E-43A1-8484-42E1159C3148}] => (Allow) C:\Games\World_of_Tanks\WargamingGameUpdater.exe No File
FirewallRules: [{F68C1820-5E78-4C73-92A3-B13850126F1B}] => (Allow) C:\Games\World_of_Tanks\WargamingGameUpdater.exe No File
FirewallRules: [TCP Query User{E79CA66E-F5CB-4FFE-A438-3702424B17CA}C:\games\world_of_tanks\win32\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{B6FD1559-C84F-4608-B1B7-66A5C064EC9A}C:\games\world_of_tanks\win32\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{07631777-EF67-4F59-8D35-A4883883C3A5}] => (Allow) C:\Users\Agent\AppData\Local\SmartGenius\SmartGenius.exe (KYE SYSTEMS CORP. -> GitHub, Inc.)
FirewallRules: [{59A6ED61-9099-4769-B3CB-2B9E8AC348F2}] => (Allow) C:\Users\Agent\AppData\Local\SmartGenius\SmartGenius.exe (KYE SYSTEMS CORP. -> GitHub, Inc.)
FirewallRules: [{0D630194-ED58-4E08-8D09-C7701CCF0934}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4024E825-027F-45C2-8159-3D8E536567C8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E57FC60C-B19B-4E0E-8583-D9D36093DBC4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2D8C9B24-D643-4AAE-AB19-22A2CA56F245}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{3DA6316E-801B-474E-8875-4DEBDB833A1C}C:\users\agent\appdata\local\smartgenius\smartgenius.exe] => (Allow) C:\users\agent\appdata\local\smartgenius\smartgenius.exe (KYE SYSTEMS CORP. -> GitHub, Inc.)
FirewallRules: [UDP Query User{C7C97F43-57A2-48DD-9903-BE98723C25C8}C:\users\agent\appdata\local\smartgenius\smartgenius.exe] => (Allow) C:\users\agent\appdata\local\smartgenius\smartgenius.exe (KYE SYSTEMS CORP. -> GitHub, Inc.)
FirewallRules: [TCP Query User{50034678-3F50-4A0D-B904-45D23D387AFA}D:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) D:\games\world_of_tanks_eu\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{A7C418F4-6BA9-4252-8C39-A0EBF83C9D3F}D:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) D:\games\world_of_tanks_eu\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{18115A65-5592-4BE0-A7A8-248E647EA35E}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{BC63AEA2-A423-446C-A9B6-7DC8982F5023}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{6471491B-A894-43D4-B73B-ECF85B9C3D7F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:111.19 GB) (Free:14.55 GB) (13%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/23/2020 09:00:40 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7744,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/23/2020 08:32:41 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (13108,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/23/2020 08:26:22 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (768,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/23/2020 07:51:00 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12240,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/23/2020 07:20:32 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (15172,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/23/2020 07:15:24 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7628,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/23/2020 06:44:44 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11692,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/23/2020 06:24:12 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (15028,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).


System errors:
=============
Error: (01/23/2020 05:51:42 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: Systém zjistil konflikt IP adresy 192.168.0.1 se systémem,
jehož síťová hardwarová adresa je 20-4E-7F-45-AB-78. Síťové operace v systému mohou
být přerušeny.

Error: (01/20/2020 04:26:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (01/20/2020 04:26:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (01/20/2020 04:26:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/16/2020 02:57:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Kaspersky Anti-Virus 20.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (01/15/2020 02:59:44 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T54QBQ1)
Description: Server Microsoft.Windows.ContentDeliveryManager_10.0.18362.449_neutral_neutral_cw5n1h2txyewy!App.AppXwdz8g2fxr36xz0tdtagygnvemf85s7gg.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/11/2020 10:20:18 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T54QBQ1)
Description: Server {3EEF301F-B596-4C0B-BD92-013BEAFCE793} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/11/2020 10:20:17 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T54QBQ1)
Description: Server {3EEF301F-B596-4C0B-BD92-013BEAFCE793} se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
===================================
Date: 2019-09-30 13:04:44.916
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {65EFDC40-1B11-42B4-9BA1-7C2D6974A77D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-09-30 12:50:08.966
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {B02D40B1-6920-45E0-9464-E9A684B8CD29}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-08-31 08:33:27.845
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {7CC42139-2F7D-43C4-9F1E-8E9C669CD86D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-08-17 08:26:43.291
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {0490FAD6-03B4-44D2-8FF8-0734F7879760}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-08-17 06:59:56.320
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {30C807BF-8BF4-475B-A706-0CC539595D3E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-09-14 15:29:06.459
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.301.1200.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16300.1
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2019-08-15 20:48:54.376
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.299.1903.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16200.1
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===================================

Date: 2020-01-23 20:27:20.978
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2020-01-23 18:33:10.357
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2020-01-23 18:33:08.113
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2020-01-23 17:59:08.593
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2020-01-23 17:58:54.131
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2020-01-23 17:47:34.162
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2020-01-23 17:47:34.144
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2020-01-23 17:46:55.810
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. F22 11/14/2013
Motherboard: Gigabyte Technology Co., Ltd. Z77-D3H
Processor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Percentage of memory in use: 18%
Total physical RAM: 16342.34 MB
Available physical RAM: 13305.63 MB
Total Virtual: 18774.34 MB
Available Virtual: 14889.89 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.19 GB) (Free:14.55 GB) NTFS
Drive d: () (Fixed) (Total:1397.26 GB) (Free:1206.32 GB) NTFS

\\?\Volume{3f59a275-5020-476d-a09d-f2810415b1b4}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.07 GB) NTFS
\\?\Volume{456068d8-eaad-4809-ad7b-7749f5ef5d8d}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 111.8 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1397.3 GB) (Disk ID: 70E5BEAB)
Partition 1: (Not Active) - (Size=1397.3 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Teď spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

# -------------------------------
# Malwarebytes AdwCleaner 8.0.1.0
# -------------------------------
# Build: 12-17-2019
# Database: 2020-01-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 01-25-2020
# Duration: 00:00:18
# OS: Windows 10 Pro
# Scanned: 34795
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [2200 octets] - [23/01/2019 17:55:10]
AdwCleaner[S01].txt - [2261 octets] - [23/01/2019 17:56:10]
AdwCleaner[C01].txt - [2335 octets] - [23/01/2019 17:56:19]
AdwCleaner[S02].txt - [1508 octets] - [20/01/2020 16:25:50]
AdwCleaner[C02].txt - [1696 octets] - [20/01/2020 16:26:44]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S03].txt ##########

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
FirewallRules: [{A30AA417-BDD6-491F-88F7-FF147B5224E8}] => (Allow) C:\Games\World_of_Tanks\WargamingGameUpdater.exe No File
FirewallRules: [{29DFF6E1-A909-4AD7-B0F5-D5EF219C70F2}] => (Allow) C:\Games\World_of_Tanks\WargamingGameUpdater.exe No File
FirewallRules: [{7BC94195-053E-43A1-8484-42E1159C3148}] => (Allow) C:\Games\World_of_Tanks\WargamingGameUpdater.exe No File
FirewallRules: [{F68C1820-5E78-4C73-92A3-B13850126F1B}] => (Allow) C:\Games\World_of_Tanks\WargamingGameUpdater.exe No File
HKU\S-1-5-21-357395720-4081436159-901972258-1001\...\MountPoints2: {ee9fa2ff-c576-11e8-ba2c-902b3458fe0b} - "E:\iStudio.exe"
Task: {0B6A13EC-DA89-4706-8E5A-A054501A5C2D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-10-03] (Google Inc -> Google Inc.)
Task: {9746180B-53A1-4072-A661-F4EBAF4B0344} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-10-03] (Google Inc -> Google Inc.)

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 25-01-2020 01
Ran by Agent (26-01-2020 10:18:39) Run:2
Running from C:\Users\Agent\Desktop
Loaded Profiles: Agent (Available Profiles: Agent)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
FirewallRules: [{A30AA417-BDD6-491F-88F7-FF147B5224E8}] => (Allow) C:\Games\World_of_Tanks\WargamingGameUpdater.exe No File
FirewallRules: [{29DFF6E1-A909-4AD7-B0F5-D5EF219C70F2}] => (Allow) C:\Games\World_of_Tanks\WargamingGameUpdater.exe No File
FirewallRules: [{7BC94195-053E-43A1-8484-42E1159C3148}] => (Allow) C:\Games\World_of_Tanks\WargamingGameUpdater.exe No File
FirewallRules: [{F68C1820-5E78-4C73-92A3-B13850126F1B}] => (Allow) C:\Games\World_of_Tanks\WargamingGameUpdater.exe No File
HKU\S-1-5-21-357395720-4081436159-901972258-1001\...\MountPoints2: {ee9fa2ff-c576-11e8-ba2c-902b3458fe0b} - "E:\iStudio.exe"
Task: {0B6A13EC-DA89-4706-8E5A-A054501A5C2D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-10-03] (Google Inc -> Google Inc.)
Task: {9746180B-53A1-4072-A661-F4EBAF4B0344} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-10-03] (Google Inc -> Google Inc.)

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A30AA417-BDD6-491F-88F7-FF147B5224E8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{29DFF6E1-A909-4AD7-B0F5-D5EF219C70F2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7BC94195-053E-43A1-8484-42E1159C3148}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F68C1820-5E78-4C73-92A3-B13850126F1B}" => removed successfully
HKU\S-1-5-21-357395720-4081436159-901972258-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ee9fa2ff-c576-11e8-ba2c-902b3458fe0b} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0B6A13EC-DA89-4706-8E5A-A054501A5C2D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0B6A13EC-DA89-4706-8E5A-A054501A5C2D}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9746180B-53A1-4072-A661-F4EBAF4B0344}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9746180B-53A1-4072-A661-F4EBAF4B0344}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 11558912 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 373590320 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 47506 B
Edge => 1965914 B
Chrome => 470958174 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 122714 B
NetworkService => 275690 B
Agent => 19732740 B

RecycleBin => 0 B
EmptyTemp: => 837.6 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 10:20:23 ====

Smazáno, log je již OK.

Rudy píše:Smazáno, log je již OK.

Díky za pomoc.

Nemáte zač!