Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-02-2020 Ran by Dawid (administrator) on DESKTOP-0590AED (LENOVO 81Q4) (14-02-2020 23:05:01) Running from D:\Pulpit Loaded Profiles: Dawid (Available Profiles: Dawid) Platform: Windows 10 Pro Version 1809 17763.107 (X64) Language: Angielski (Stany Zjednoczone) Default browser: Chrome Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe (AVG Technologies USA, Inc. -> AVG Technologies) C:\Program Files (x86)\AVG\Browser\Update\1.5.169.0\AVGBrowserCrashHandler.exe (AVG Technologies USA, Inc. -> AVG Technologies) C:\Program Files (x86)\AVG\Browser\Update\1.5.169.0\AVGBrowserCrashHandler64.exe (Dolby Laboratories, Inc. -> ) C:\Program Files\Common Files\Dolby\DAX3\RADARHOST\DSRHost.exe (Dolby Laboratories, Inc. -> ) C:\Windows\System32\dolbyaposvc\DAX3API.exe (Dolby Laboratories, Inc. -> ) C:\Windows\System32\dolbyaposvc\DAX3API.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.442\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.442\GoogleCrashHandler64.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_0a3294d3216a4a83\jhi_service.exe (LAVASOFT SOFTWARE CANADA INC -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe (Lenovo (Beijing) Limited -> Lenovo Group Limited) C:\Users\Dawid\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe (LENOVO -> Lenovo(beijing) Limited) C:\Program Files\Lenovo\LenovoUtility\utility.exe (LENOVO -> Lenovo(beijing) Limited) C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenterUpdateAgent.exe (LENOVO -> Lenovo(beijing) Limited) C:\Program Files\Lenovo\Nerve Center\bin\x64\PluginLoaderSvc.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11909.1001.7.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.32.20003.0_x64__8wekyb3d8bbwe\GameBar.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.32.20003.0_x64__8wekyb3d8bbwe\GameBarFT.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wuapihost.exe (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_b09f6e5feb96a93a\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_b09f6e5feb96a93a\Display.NvContainer\NVDisplay.Container.exe (Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe (TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [878584 2019-05-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [316336 2020-01-06] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [914344 2017-06-13] (LENOVO -> Lenovo(beijing) Limited) HKLM-x32\...\Run: [Adobe Creative Cloud] => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true HKLM-x32\...\Run: [CheckNDISPort54ac01] => C:\Program Files (x86)\LTE Mobile Hotspot\CheckNDISPort_df.exe [474504 2016-07-28] (ZTE CORPORATION -> ) HKLM-x32\...\Run: [CancelAutoPlay_df] => C:\Program Files (x86)\LTE Mobile Hotspot\CancelAutoPlay_df.exe [446344 2016-07-28] (ZTE CORPORATION -> ) HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.) [File not signed] HKLM-x32\...\Run: [BrStsInd00] => C:\Program Files (x86)\BrownyInd\Brother\BrIndicator.exe [1885184 2012-12-18] (Brother Industries, Ltd.) [File not signed] HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.) [File not signed] HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-05-14] (Brother Industries, Ltd.) [File not signed] HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.) [File not signed] HKLM\...\Policies\Explorer: [HideSCAHealth] 1 HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-3209356975-1440663221-436767862-1002\...\Run: [ALLUpdate] => D:\Aplikacje\ALLPlayer\ALLUpdate.exe [3930344 2018-11-10] (ALLPlayer Group sp. z o.o. -> ALLPlayer.org) HKU\S-1-5-21-3209356975-1440663221-436767862-1002\...\Run: [Napisy24Update] => C:\Program Files (x86)\Napisy24\Napisy24Update.exe [3990528 2018-02-02] (Napisy24.pl) [File not signed] HKU\S-1-5-21-3209356975-1440663221-436767862-1002\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [7511384 2019-08-16] (LAVASOFT SOFTWARE CANADA INC -> Lavasoft) HKU\S-1-5-21-3209356975-1440663221-436767862-1002\...\Run: [AVGBrowserAutoLaunch_6D87105484E0D2244BEF0F6396F68F2C] => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [1881256 2020-01-09] (AVG Technologies USA, Inc. -> AVG Technologies) HKU\S-1-5-21-3209356975-1440663221-436767862-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.106\Installer\chrmstp.exe [2020-02-13] (Google LLC -> Google LLC) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{48F69C39-1356-4A7B-A899-70E3539D4982}] -> C:\Program Files (x86)\AVG\Browser\Application\79.0.3064.81\Installer\chrmstp.exe [2020-02-12] (AVG Technologies USA, Inc. -> AVG Technologies) GroupPolicy: Restriction ? <==== ATTENTION FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {07BF9857-8D6A-4C7D-932E-7E86C21C34DA} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {12A6D433-50E7-4429-8EFE-76E020980595} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd) Task: {1551F2B4-1F1B-41D3-AE6B-5A01F1735D67} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24568904 2020-02-09] (Microsoft Corporation -> Microsoft Corporation) Task: {192F0562-0872-4F2F-803A-7224D6438A01} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4297536 2020-02-05] (Microsoft Corporation -> Microsoft Corporation) Task: {1CE0A3B6-2E8B-4D38-87DF-D564DCDEFE05} - System32\Tasks\AVG Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [1881256 2020-01-09] (AVG Technologies USA, Inc. -> AVG Technologies) Task: {224A6AEF-5525-4A60-9725-093935F4092D} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {259A71BC-75B5-43AD-A121-E5289FD50890} - System32\Tasks\Red Giant Link => C:\Program Files\Red Giant Link\Red Giant Link.exe Task: {2E3761AF-0EBA-49B1-A51E-20430FD5287D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24568904 2020-02-09] (Microsoft Corporation -> Microsoft Corporation) Task: {32641002-2F8C-40C9-BC5B-92EA18FA6951} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1353616 2020-02-14] (Microsoft Corporation -> Microsoft Corporation) Task: {3881B91C-54EB-42E4-88D1-18C943F9D869} - System32\Tasks\NerveCenterUpdate => C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenterUpdateAgent.exe [744800 2017-04-28] (LENOVO -> Lenovo(beijing) Limited) Task: {39BC8F35-495A-4FFA-9A7E-74A1FD92F279} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-16] (Google Inc -> Google LLC) Task: {4066224E-AE10-4D74-BDEA-775C1AE8DEA1} - System32\Tasks\Microsoft\Windows\WDI\SrvHost => rundll32.exe winscomrssrv.dll,SrvMainHost <==== ATTENTION Task: {44FB101E-5315-4ADD-8440-238879FE97E0} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758984 2020-01-08] (Lenovo -> ) Task: {4650B68B-D982-41EF-A2D3-A22D4D186397} - System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => rundll32.exe StartupCheckLibrary.dll,DllMainRunLibrary <==== ATTENTION Task: {4A8B08D3-7202-4FAC-8C80-03D76B2889F0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4297536 2020-02-05] (Microsoft Corporation -> Microsoft Corporation) Task: {4D028B14-4C3C-4AED-B318-B90AF48DC23F} - System32\Tasks\AVG Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [1881256 2020-01-09] (AVG Technologies USA, Inc. -> AVG Technologies) Task: {4F29B688-194A-4F56-824B-6EF0E9B53B11} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {702BE535-D2BF-4269-A19D-F6E48AB23BF9} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302880 2019-12-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {7176849C-F988-484D-A575-0666A261ECEC} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653848 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {752D277B-11D6-4F9C-91D8-EC86DB04DE6C} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758984 2020-01-08] (Lenovo -> ) Task: {77BDF9D6-3037-41AF-A60A-F77D8637D809} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [3981232 2020-01-06] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) Task: {8D22D268-3903-4798-8163-5955AB1A3C1A} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {98CE5E08-5626-4A6B-B38D-69FDFDF6014C} - System32\Tasks\AVGUpdateTaskMachineUA => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [210240 2019-08-16] (AVG Technologies USA, Inc. -> AVG Technologies) Task: {9B61B127-3E00-4A14-9FAC-561750297332} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation) Task: {9DFA7BF9-BC62-41B3-88DB-2FE312952CEE} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {AA995CEE-92E0-4A9A-BDBA-47B7477DC395} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation) Task: {B5C02185-8798-4C3E-8162-F2F782141513} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1353616 2020-02-14] (Microsoft Corporation -> Microsoft Corporation) Task: {B7058A36-5821-44FA-9E43-18CD43F81C1A} - System32\Tasks\AVGUpdateTaskMachineCore => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [210240 2019-08-16] (AVG Technologies USA, Inc. -> AVG Technologies) Task: {B86D8D7C-B196-4383-AADB-F30B6F04D475} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115016 2020-02-14] (Microsoft Corporation -> Microsoft Corporation) Task: {C3ED4BA8-FAA0-468F-8666-50CB9F7D5386} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-3209356975-1440663221-436767862-1002 => C:\Users\Dawid\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [86824 2019-12-18] (Lenovo (Beijing) Limited -> Lenovo Group Limited) Task: {C4D84C2F-00D0-43C9-B688-80EE6BF2356C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems) Task: {C9C5B2C9-D2FB-438A-B060-F0873808AC91} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {D50741F9-8800-47D2-94FA-1556FCC4F613} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115016 2020-02-14] (Microsoft Corporation -> Microsoft Corporation) Task: {E75942E9-CBF9-4977-9DC2-04106F408D92} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1905072 2019-09-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) Task: {EFDE8631-B0EC-4FDD-A0E7-3C5662B08750} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {F613A6C2-ED7A-4568-8664-D8D3CC08FDE7} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd) Task: {F7A4D4D3-43C3-4634-B413-C932826C9374} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-16] (Google Inc -> Google LLC) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 Tcpip\..\Interfaces\{ce3457c2-783b-4f6b-8c1a-14e8d34c7a09}: [DhcpNameServer] 192.168.8.1 Internet Explorer: ================== HKU\S-1-5-21-3209356975-1440663221-436767862-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10454__190816 SearchScopes: HKU\S-1-5-21-3209356975-1440663221-436767862-1002 -> {993F5746-4C15-42BC-99C1-064A1764271B} URL = hxxps://securesearch.org?q={searchTerms} BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-12] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2020-01-12] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-05] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-05] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-05] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-05] (Microsoft Corporation -> Microsoft Corporation) FireFox: ======== FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-07-05] (Adobe Inc. -> Adobe Systems) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-12-06] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-12] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-07-05] (Adobe Inc. -> Adobe Systems) Chrome: ======= CHR Profile: C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default [2020-02-14] CHR DownloadDir: D:\Pulpit CHR HomePage: Default -> hxxp://www.gazeta.pl/0,0.html?p=189 CHR StartupUrls: Default -> "hxxp://www.gazeta.pl/0,0.html?p=189","hxxp://www.gazeta.pl/0,0.html?p=190" CHR Session Restore: Default -> is enabled. CHR Extension: (Slides) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-08-16] CHR Extension: (Docs) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-08-16] CHR Extension: (Google Drive) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-08-16] CHR Extension: (YouTube) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-08-16] CHR Extension: (Sheets) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-08-16] CHR Extension: (Google Docs Offline) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-08] CHR Extension: (AdBlock — best ad blocker) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-02-05] CHR Extension: (Betaflight - Configurator) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdaghagfopacdngbohiknlhcocjccjao [2019-08-16] CHR Extension: (Chrome Web Store Payments) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04] CHR Extension: (Gmail) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-08-16] CHR Extension: (Chrome Media Router) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-02-09] CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [816184 2019-07-05] (Adobe Inc. -> Adobe Inc.) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated) S2 avg; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [210240 2019-08-16] (AVG Technologies USA, Inc. -> AVG Technologies) R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [996928 2020-01-06] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [6307248 2020-01-06] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) S3 avgm; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [210240 2019-08-16] (AVG Technologies USA, Inc. -> AVG Technologies) S3 AVGSecureBrowserElevationService; C:\Program Files (x86)\AVG\Browser\Application\79.0.3064.81\elevation_service.exe [983440 2020-01-09] (AVG Technologies USA, Inc. -> AVG Technologies) R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [110560 2020-01-06] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [File not signed] R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11096432 2020-02-09] (Microsoft Corporation -> Microsoft Corporation) R2 DolbyDAXAPI; C:\Windows\system32\dolbyaposvc\DAX3API.exe [647792 2019-05-26] (Dolby Laboratories, Inc. -> ) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2019-11-12] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) R2 esifsvc; C:\Windows\System32\Intel\DPTF\esif_uf.exe [1883104 2019-01-05] (Intel Corporation -> Intel Corporation) R2 FMAPOService; C:\Windows\System32\FMService64.exe [339096 2019-04-11] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) S3 GameRecorderSVC; C:\Program Files\Lenovo\Nerve Center\bin\x86\GameRecorderSVC.exe [392032 2017-04-28] (LENOVO -> Lenovo(beijing) Limited) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Windows\System32\Intel\iCLS Client\lib\SocketHeciServer.exe [780600 2019-01-07] (Intel(R) Trust Services -> Intel(R) Corporation) S2 Intel(R) TPM Provisioning Service; C:\Windows\System32\Intel\iCLS Client\lib\TPMProvisioningService.exe [718656 2019-01-07] (Intel(R) Trust Services -> Intel(R) Corporation) R2 jhi_service; C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_0a3294d3216a4a83\jhi_service.exe [578752 2019-01-07] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2475312 2019-12-19] (Electronic Arts, Inc. -> Electronic Arts) S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3352376 2019-12-19] (Electronic Arts, Inc. -> Electronic Arts) R2 PluginLoaderSvc; C:\Program Files\Lenovo\Nerve Center\bin\x64\PluginLoaderSvc.exe [966496 2017-04-28] (LENOVO -> Lenovo(beijing) Limited) R2 RtkAudioUniversalService; C:\Windows\System32\RtkAudUService64.exe [878584 2019-05-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11969880 2019-07-03] (TeamViewer GmbH -> TeamViewer GmbH) S3 tscmon; C:\Program Files (x86)\Advanced System Repair Pro 1.9.1.6.0\tscmon.exe [1402168 2020-01-06] (Advanced System Repair, Inc. -> Advanced System Repair Inc.) R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [25944 2019-08-16] (LAVASOFT SOFTWARE CANADA INC -> ) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\NisSrv.exe [2552416 2019-08-16] (Microsoft Windows Publisher -> Microsoft Corporation) S2 wuauserv; C:\Windows\system32\svchost.exe [51696 2018-09-15] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL) S2 wuauserv; C:\Windows\SysWOW64\svchost.exe [45448 2018-09-15] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL) R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_b09f6e5feb96a93a\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_b09f6e5feb96a93a\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S1 asrdmon; C:\Windows\system32\drivers\asrdmon.sys [19608 2020-01-06] (Advanced System Repair, Inc. -> Advanced System Repair Inc.) R0 avgArDisk; C:\Windows\System32\drivers\avgArDisk.sys [37880 2020-01-06] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [205600 2020-01-06] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdriver.sys [275232 2020-01-06] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R0 avgbidsh; C:\Windows\System32\drivers\avgbidsh.sys [210328 2020-01-06] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R0 avgbuniv; C:\Windows\System32\drivers\avgbuniv.sys [65376 2020-01-06] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R0 avgElam; C:\Windows\System32\drivers\avgElam.sys [16520 2020-01-06] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.) R1 avgKbd; C:\Windows\System32\drivers\avgKbd.sys [43512 2020-01-06] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [171640 2020-01-06] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [111096 2020-01-06] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [84560 2020-01-06] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [848688 2020-01-06] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [461216 2020-01-06] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [236288 2020-01-06] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [317304 2020-01-06] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [78832 2018-12-14] (Intel Corporation -> Intel Corporation) R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [75248 2018-12-14] (Intel Corporation -> Intel Corporation) R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [403440 2018-12-14] (Intel Corporation -> Intel Corporation) S3 FBNetFilter; C:\Windows\system32\Drivers\FBNetFlt.sys [46576 2017-04-28] (Lenovo (Beijing) Co., Ltd. -> Lenovo(beijing) Limited) R3 iaLPSS2_GPIO2; C:\Windows\System32\drivers\iaLPSS2_GPIO2.sys [128608 2019-05-22] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) R0 iaStorAC; C:\Windows\System32\drivers\iaStorAC.sys [1042072 2019-06-12] (Intel(R) Rapid Storage Technology -> Intel Corporation) R3 ibtusb; C:\Windows\System32\DriverStore\FileRepository\ibtusb.inf_amd64_1a0a783a9fea936d\ibtusb.sys [15095584 2019-05-28] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) S3 Netwtw06; C:\Windows\System32\drivers\Netwtw06.sys [8723968 2018-09-15] (Microsoft Windows -> Intel Corporation) R3 Netwtw08; C:\Windows\System32\drivers\Netwtw08.sys [9019152 2018-12-12] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_b09f6e5feb96a93a\nvlddmkm.sys [23231744 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-12-07] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [69840 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [75600 2019-08-22] (NVIDIA Corporation -> NVIDIA Corporation) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [1131024 2018-10-23] (Realtek Semiconductor Corp. -> Realtek ) R3 UcmCxUcsiNvppc; C:\Windows\System32\drivers\UcmCxUcsiNvppc.sys [715680 2019-12-07] (NVIDIA Corporation -> NVIDIA Corporation) S3 usbrndis6; C:\Windows\System32\drivers\usb80236.sys [24576 2018-09-15] (Microsoft Windows -> Microsoft Corporation) S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [47496 2019-08-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [344288 2019-08-16] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [54496 2019-08-16] (Microsoft Windows -> Microsoft Corporation) S3 H2OFFT; \SystemRoot\System32\drivers\H2OFFT64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) =================== (If an entry is included in the fixlist, the file/folder will be moved.) 2020-02-14 22:52 - 2020-02-14 22:52 - 000000000 ____D C:\b772c6d39a2362a89ff72a9cfc7c7cb6 2020-02-14 22:48 - 2020-02-14 22:48 - 000000000 ____D C:\333f48f535b55d70151d91eb 2020-02-14 22:46 - 2020-02-14 22:46 - 000000000 ____D C:\Users\Dawid\AppData\Local\Tvsukernel 2020-01-27 17:23 - 2020-01-27 17:23 - 000000000 ____D C:\Premiere pro pluginy 2020-01-26 13:01 - 2020-01-26 13:01 - 000000000 ____D C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KGŻW - OOM - RW 2020-01-26 13:01 - 2020-01-26 13:01 - 000000000 ____D C:\Users\Dawid\AppData\Local\Deployment 2020-01-26 13:01 - 2020-01-26 13:01 - 000000000 ____D C:\Users\Dawid\AppData\Local\Apps\2.0 2020-01-22 18:30 - 2020-01-22 18:30 - 000000000 ____D C:\Program Files (x86)\Lenovo 2020-01-22 18:29 - 2020-01-22 18:30 - 000000000 ____D C:\Windows\TempInst ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2020-02-14 23:05 - 2020-01-06 11:13 - 000000000 ____D C:\FRST 2020-02-14 23:03 - 2018-09-15 08:31 - 000000000 ____D C:\Windows\INF 2020-02-14 23:00 - 2019-08-17 00:00 - 000787220 _____ C:\Windows\system32\perfh015.dat 2020-02-14 23:00 - 2019-08-17 00:00 - 000152992 _____ C:\Windows\system32\perfc015.dat 2020-02-14 23:00 - 2018-11-14 18:16 - 001768512 _____ C:\Windows\system32\PerfStringBackup.INI 2020-02-14 22:58 - 2019-12-15 14:56 - 000000000 ____D C:\Users\Dawid\AppData\LocalLow\BitTorrent 2020-02-14 22:58 - 2019-08-16 20:57 - 000000000 ____D C:\Users\Dawid\AppData\Roaming\BitTorrent 2020-02-14 22:56 - 2020-01-06 10:59 - 000000000 ____D C:\ProgramData\NVIDIA 2020-02-14 22:54 - 2020-01-06 11:21 - 000018031 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1 2020-02-14 22:54 - 2020-01-06 11:21 - 000017089 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1 2020-02-14 22:54 - 2019-08-16 20:55 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2020-02-14 22:54 - 2019-08-16 17:57 - 000000134 _____ C:\Windows\system32\regtest.txt 2020-02-14 22:54 - 2019-08-16 17:41 - 000000000 ____D C:\Users\Dawid 2020-02-14 22:54 - 2018-11-14 18:07 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2020-02-14 22:54 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2020-02-14 22:54 - 2018-09-15 07:09 - 000524288 _____ C:\Windows\system32\config\BBI 2020-02-14 22:53 - 2020-01-06 11:21 - 000012143 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1 2020-02-14 22:51 - 2020-01-06 11:21 - 000001206 _____ C:\ProgramData\NvcDispCorePlugin.log_backup1 2020-02-14 22:51 - 2018-11-14 18:06 - 000000000 ____D C:\Windows\system32\SleepStudy 2020-02-14 22:43 - 2019-08-16 20:57 - 000004266 _____ C:\Windows\system32\Tasks\Antivirus Emergency Update 2020-02-14 22:43 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\AppReadiness 2020-02-14 22:40 - 2018-11-14 18:06 - 000436592 _____ C:\Windows\system32\FNTCACHE.DAT 2020-02-14 22:39 - 2018-09-15 10:11 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2020-02-14 22:39 - 2018-09-15 10:11 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2020-02-14 22:39 - 2018-09-15 10:11 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2020-02-14 22:39 - 2018-09-15 08:33 - 000000000 ___SD C:\Windows\system32\UNP 2020-02-14 22:39 - 2018-09-15 08:33 - 000000000 ___SD C:\Windows\system32\DiagSvcs 2020-02-14 22:39 - 2018-09-15 08:33 - 000000000 ___RD C:\Program Files\Windows Defender 2020-02-14 22:39 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\TextInput 2020-02-14 22:39 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\SysWOW64\oobe 2020-02-14 22:39 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\SysWOW64\Dism 2020-02-14 22:39 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\system32\oobe 2020-02-14 22:39 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\system32\migwiz 2020-02-14 22:39 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\system32\appraiser 2020-02-14 22:39 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\ShellExperiences 2020-02-14 22:39 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\ShellComponents 2020-02-14 22:39 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\Provisioning 2020-02-14 22:39 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\PolicyDefinitions 2020-02-14 22:39 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\bcastdvr 2020-02-14 22:39 - 2018-09-15 08:23 - 000000000 ____D C:\Windows\CbsTemp 2020-02-14 22:39 - 2018-09-15 07:09 - 000000000 ____D C:\Windows\system32\Dism 2020-02-14 22:21 - 2019-08-16 20:45 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2020-02-13 21:51 - 2020-01-06 10:59 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-02-13 21:51 - 2020-01-06 10:59 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-02-13 21:51 - 2020-01-06 10:59 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-02-13 21:51 - 2020-01-06 10:59 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-02-13 21:51 - 2020-01-06 09:42 - 000002988 _____ C:\Windows\system32\Tasks\CCleaner Update 2020-02-13 21:51 - 2020-01-06 09:42 - 000002236 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC 2020-02-13 21:51 - 2019-10-03 20:19 - 000002608 _____ C:\Windows\system32\Tasks\AdobeGCInvoker-1.0 2020-02-13 21:51 - 2019-09-07 14:49 - 000002872 _____ C:\Windows\system32\Tasks\Red Giant Link 2020-02-13 21:51 - 2019-08-16 23:56 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software 2020-02-13 21:51 - 2019-08-16 20:54 - 000003482 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task 2020-02-13 21:51 - 2019-08-16 18:46 - 000002404 _____ C:\Windows\system32\Tasks\NerveCenterUpdate 2020-02-13 21:51 - 2019-08-16 18:01 - 000003348 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2020-02-13 21:51 - 2019-08-16 18:01 - 000003124 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2020-02-13 21:51 - 2019-08-16 17:57 - 000003398 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-02-13 21:51 - 2019-08-16 17:57 - 000003196 _____ C:\Windows\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-02-13 21:51 - 2019-08-16 17:57 - 000003152 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-02-13 21:51 - 2019-08-16 17:57 - 000002914 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-02-13 21:51 - 2019-08-16 17:56 - 000002984 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-02-13 21:51 - 2019-08-16 17:56 - 000002744 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-02-13 21:51 - 2019-08-16 17:44 - 000002858 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3209356975-1440663221-436767862-1002 2020-02-13 21:51 - 2019-08-16 17:36 - 000002852 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3209356975-1440663221-436767862-500 2020-02-13 20:30 - 2019-08-16 18:01 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-02-12 17:22 - 2019-08-16 21:00 - 000003826 _____ C:\Windows\system32\Tasks\AVG Secure Browser Heartbeat Task (Hourly) 2020-02-12 17:22 - 2019-08-16 21:00 - 000003242 _____ C:\Windows\system32\Tasks\AVG Secure Browser Heartbeat Task (Logon) 2020-02-12 17:22 - 2019-08-16 21:00 - 000002375 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Secure Browser.lnk 2020-02-11 20:13 - 2019-08-16 17:44 - 000000000 ___RD C:\Users\Dawid\OneDrive 2020-02-11 20:13 - 2019-08-16 17:41 - 000002407 _____ C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2020-02-08 17:33 - 2019-10-03 20:19 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData 2020-02-08 17:33 - 2019-10-03 20:19 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData 2020-02-04 20:20 - 2019-11-08 10:54 - 000007887 _____ C:\Windows\BRRBCOM.INI 2020-02-03 20:39 - 2019-08-16 20:08 - 000000000 ____D C:\Users\Dawid\AppData\Local\CrashDumps 2020-01-30 19:38 - 2019-08-16 17:42 - 000000000 ____D C:\Users\Dawid\AppData\Local\Packages 2020-01-26 14:35 - 2019-08-16 20:54 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2020-01-23 17:31 - 2019-08-16 18:46 - 000000000 ____D C:\ProgramData\Lenovo 2020-01-22 18:30 - 2019-10-02 17:26 - 000000579 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog 2020-01-22 18:30 - 2019-10-02 17:15 - 000000000 ____D C:\Windows\system32\Tasks\TVT 2020-01-22 18:30 - 2019-08-16 18:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ==================== Files in the root of some directories ======== 2019-09-07 14:49 - 2019-09-07 16:09 - 000000081 _____ () C:\Users\Dawid\AppData\Local\FILM_AE_LogFile.txt 2020-01-11 18:33 - 2020-01-11 18:33 - 000000000 _____ () C:\Users\Dawid\AppData\Local\oobelibMkey.log 2019-10-11 18:25 - 2019-10-11 18:25 - 000005508 _____ () C:\Users\Dawid\AppData\Local\recently-used.xbel ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================