Dobrý den, z nějakého důvodu se mi v poslední době brutálně vytěžují paměti ram. Vlastním 8Gb. Po nějaké době, cca po 2 hodinách puštěného pc se mi vytížení pamětí zvedne na 98% a pomůže jen restart. A to i když nemám spuštěný žádný program. Prosím o radu. Přikládám výpis z logu...
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12.02.2018
Ran by Petr (administrator) on PETR-PC (12-02-2018 18:01:08)
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr & OVRLibraryService & DefaultAppPool)
Platform: Windows 10 Pro Version 1709 16299.192 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
() C:\Windows\Installer\MSI7EC5.tmp
(HTC Corporation) C:\Program Files\HTC Account\Htc.Identity.Service.exe
(Digital Care Solutions) C:\Program Files\BDServices\BitDefenderCOM.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Micron Technology, Inc.) C:\Program Files\Crucial\Crucial Storage Executive\cache\MicronCacheMonitor.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Oculus VR) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
() C:\MSI\Smart Utilities\SuperRAIDSvc.exe
() C:\Program Files\Virtual Desktop\VirtualDesktop.Service.exe
(Microsoft Corporation) C:\Windows\System32\vdsldr.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Oculus VR) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe
() C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(MSI) C:\Windows\SysWOW64\muachost.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\Pac207\Monitor.exe
(Saitek) C:\Program Files\SmartTechnology\Software\ProfilerU.exe
(Saitek) C:\Program Files\SmartTechnology\Software\SaiMfd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(IPEVO) C:\Program Files (x86)\IPEVO\Control Center\ICC\IPEVO Control Center.exe
() C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_2.2.19.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe
() C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_2.2.19.0_x64__wyx1vj98g3asy\SamsungFlow.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe
() C:\Program Files (x86)\Genius\Gila\mousehid.exe
(MICRO-STAR INT'L,.LTD.) C:\Program Files\WMIHook\WMIHookBtnFn\LEDBarController.exe
(MICRO-STAR INT'L,.LTD.) C:\Program Files\WMIHook\WMIHookBtnFn\SilentFanController.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Genius\Gila\trayicon.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer64.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
() C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
() C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginClientService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
() C:\Program Files (x86)\ViveSetup\PCClient\ViveportService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(forum.viry.cz) C:\Users\Petr\Desktop\FRSTLauncher (1).exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9181696 2016-12-09] (Realtek Semiconductor)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-23] (Intel Corporation)
HKLM\...\Run: [Monitor] => C:\WINDOWS\PixArt\PAC207\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [ProfilerU] => C:\Program Files\SmartTechnology\Software\ProfilerU.exe [454656 2016-01-21] (Saitek)
HKLM\...\Run: [SaiMfd] => C:\Program Files\SmartTechnology\Software\SaiMfd.exe [157696 2016-01-21] (Saitek)
HKLM\...\Run: [Cm108Sound] => C:\WINDOWS\syswow64\RunDll32.exe C:\WINDOWS\Syswow64\cm108.dll,CMICtrlWnd
HKLM\...\Run: [ctfmon] => c:\windows\system32\ctfmon.exe [10752 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\ecmds.exe [324352 2017-12-18] (ESET)
HKLM-x32\...\Run: [Gila] => C:\Program Files (x86)\Genius\Gila\mousehid.exe [307712 2013-01-07] ()
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Sound Blaster Cinema 2] => C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe [1442304 2014-05-29] (Creative Technology Ltd)
HKLM-x32\...\Run: [LEDBarController] => C:\Program Files\WMIHook\WMIHookBtnFn\LEDBarController.exe [43056 2015-09-18] (MICRO-STAR INT'L,.LTD.)
HKLM-x32\...\Run: [SilentFanControl] => C:\Program Files\WMIHook\WMIHookBtnFn\SilentFanController.exe [243248 2015-09-16] (MICRO-STAR INT'L,.LTD.)
HKLM-x32\...\Run: [Fast Boot] => C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [759120 2015-04-22] ()
HKLM-x32\...\Run: [HTC Store User Content Helper] => C:\Program Files (x86)\ViveSetup\PCClient\HTCVRMarketplaceUserContextHelper.exe [112464 2017-02-24] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation)
HKU\S-1-5-21-3350653476-3925414303-2360853535-1000\...\Run: [IPEVO Control Center] => C:\Program Files (x86)\IPEVO\Control Center\ICC\IPEVO Control Center.exe [1475072 2011-09-05] (IPEVO)
HKU\S-1-5-21-3350653476-3925414303-2360853535-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-3350653476-3925414303-2360853535-1000\...\Run: [SmartSwitchPDLR.exe] => C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPDLR.exe [1184928 2018-01-25] (Samsung)
HKU\S-1-5-21-3350653476-3925414303-2360853535-1000\...\RunOnce: [Application Restart #5] => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MSI)
HKU\S-1-5-21-3350653476-3925414303-2360853535-1000\...\RunOnce: [Application Restart #2] => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MSI)
HKU\S-1-5-21-3350653476-3925414303-2360853535-1000\...\Policies\system: [DisableLockWorkstation] 0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BackupRemind.lnk [2017-04-02]
ShortcutTarget: BackupRemind.lnk -> C:\Program Files (x86)\Wondershare\dr.fone toolkit for Android\Addins\AndroidBackupRestore\BackupRemind.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2017-04-16]
ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{69a1bdc8-f7e5-44bf-bc80-ac82322ce60f}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_161\bin\ssv.dll [2018-01-21] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-21] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-01-21] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-21] (Oracle Corporation)
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-05-11] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [No File]
FF Plugin: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-21] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-05-11] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-21] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3350653476-3925414303-2360853535-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Petr\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-12-17] (Unity Technologies ApS)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.facebook.com/?ref=logo
CHR StartupUrls: Default -> "hxxps://www.facebook.com/?ref=logo"
CHR NewTab: Default -> Not-active:"chrome-extension://bgjpfhpjcgdppjbgnpnjllokbmcdllig/speeddial/html/temporaryNewTab.html"
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default [2018-02-12]
CHR Extension: (Seznam pro Chrome - Email) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-01-11]
CHR Extension: (Pop up blocker for Chrome™ - Poper Blocker) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2018-01-01]
CHR Extension: (Adblock na Youtube™) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2017-06-15]
CHR Extension: (Downloads) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi [2017-09-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Televize Online) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcfeebemepipakkhapnhljbcdkagkloh [2015-07-14]
CHR Extension: (Chrome Media Router) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-06]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1404936 2017-05-10] ()
R2 BitDefenderCOM; C:\Program Files\BDServices\BitDefenderCom.exe [1027072 2016-11-10] (Digital Care Solutions) [File not signed]
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1940584 2017-12-18] (ESET)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2017-03-09] (Futuremark)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [532552 2018-01-21] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [8345672 2017-12-08] (GOG.com)
R2 HTC Account Service; C:\Program Files\HTC Account\Htc.Identity.Service.exe [20712 2016-12-15] (HTC Corporation)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
R2 HyperDeskCustomThemeEnabler; C:\Windows\Installer\MSI7EC5.tmp [102400 2014-11-28] () [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-23] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21184 2015-11-20] (Microsoft Corporation)
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-07-06] (Intel Corporation)
R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [457104 2016-12-05] (Rivet Networks)
R2 LMS; C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [415520 2015-07-06] (Intel Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
R2 MicronCacheMonitor; C:\Program Files\Crucial\Crucial Storage Executive\cache\MicronCacheMonitor.exe [689152 2016-07-26] (Micron Technology, Inc.) [File not signed]
R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [105296 2015-06-04] (MSI)
S4 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation)
R3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2154816 2018-01-20] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3024712 2018-01-20] (Electronic Arts)
S3 OVRLibraryService; C:\Program Files\Oculus\Support\oculus-librarian\OVRLibraryService.exe [135464 2018-01-22] (Oculus VR, LLC)
R2 OVRService; C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe [480208 2018-01-22] (Oculus VR)
S3 PAExec; C:\WINDOWS\PAExec.exe [189112 2016-05-05] (Power Admin LLC)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2014-12-11] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2016-11-08] ()
S3 scan; C:\Program Files\BDServices\scan.dll [627688 2016-11-10] (Bitdefender)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4329952 2017-12-10] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (DEVGURU Co., LTD.)
R2 SuperRAIDSvc; C:\MSI\Smart Utilities\SuperRAIDSvc.exe [24048 2014-04-03] ()
R2 VirtualDesktop.Service.exe; C:\Program Files\Virtual Desktop\VirtualDesktop.Service.exe [330208 2017-07-19] ()
R2 Viveport; C:\Program Files (x86)\ViveSetup\PCClient\ViveportService.exe [72016 2017-02-24] ()
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [56552 2016-03-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
S2 WMI_Hook_Service; C:\Program Files\WMIHook\WMIHookBtnFn\WMI_Hook_Service.exe [155696 2015-09-21] (MICRO-STAR INT'L,.LTD.)
S4 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [18384 2014-08-07] (Intel(R) Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\dr.fone toolkit for Android\Library\DriverInstaller\DriverInstall.exe" [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AcpiCtlDrv; C:\WINDOWS\System32\drivers\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
R1 BfLwf; C:\WINDOWS\system32\DRIVERS\bwcW10x64.sys [145736 2016-09-19] (Rivet Networks, LLC.)
R3 BTWUSB; C:\WINDOWS\System32\Drivers\btwusb.sys [66136 2016-11-14] (Broadcom Corporation.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2017-01-16] (Samsung Electronics Co., Ltd.)
R1 dokan1; C:\WINDOWS\System32\DRIVERS\dokan1.sys [108608 2016-09-24] (Dokan Project)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2015-07-30] (Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [134368 2018-01-19] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [107328 2018-01-19] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15392 2017-12-16] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [180088 2018-01-19] (ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50744 2018-01-19] (ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [81880 2018-01-19] (ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [106304 2018-01-19] (ESET)
S3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)
S3 HtcVCom32; C:\WINDOWS\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-08] (QUALCOMM Incorporated)
R3 ikbevent; C:\WINDOWS\System32\DRIVERS\ikbevent.sys [22216 2014-02-03] ()
R3 imsevent; C:\WINDOWS\System32\DRIVERS\imsevent.sys [22728 2014-02-03] ()
R2 inpoutx64; C:\WINDOWS\System32\Drivers\inpoutx64.sys [15008 2015-10-31] (Highresolution Enterprises [www.highrez.co.uk])
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [28912 2014-06-17] (Intel Corporation)
R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [145920 2017-09-29] (Qualcomm Atheros, Inc.)
R1 mtihint; C:\WINDOWS\system32\Drivers\mtihint.sys [18504 2015-07-13] (Micron Technology, Inc.) [File not signed]
S3 NTIOLib_ECO; C:\Program Files (x86)\MSI\ECO Center\NTIOLib_X64.sys [13808 2014-01-06] (MSI)
R3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
R3 NTIOLib_MSI_RAID; C:\MSI\Smart Utilities\NTIOLib_X64.sys [13808 2014-03-17] (MSI)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c791f781cd94491f\nvlddmkm.sys [16989296 2017-11-15] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-10-11] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50624 2017-10-11] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57976 2017-11-14] (NVIDIA Corporation)
R3 Oculus_ViGEmBus; C:\WINDOWS\System32\drivers\Oculus_ViGEmBus.sys [32856 2017-08-03] (Facebook Inc.)
R3 pikbd; C:\WINDOWS\System32\drivers\pikbd.sys [22880 2013-11-30] (Christian Gulden)
R3 pimou; C:\WINDOWS\System32\drivers\pimou.sys [24600 2015-09-13] (Christian Gulden)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] ()
S3 SaiK0762; C:\WINDOWS\System32\drivers\SaiK0762.sys [181920 2015-11-06] (Saitek)
R3 SaiMini; C:\WINDOWS\System32\drivers\SaiMini.sys [23968 2016-01-27] (Saitek)
R3 SaiNtBus; C:\WINDOWS\system32\drivers\SaiBus.sys [51616 2016-01-27] (Saitek)
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [259584 2017-09-29] (Microsoft Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2017-01-16] (Samsung Electronics Co., Ltd.)
S3 Trufos; C:\WINDOWS\System32\DRIVERS\Trufos.sys [485512 2016-11-10] (BitDefender S.R.L.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
U3 idsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-02-12 18:01 - 2018-02-12 18:01 - 000026716 _____ C:\Users\Petr\Desktop\FRST.txt
2018-02-12 18:00 - 2018-02-12 17:56 - 002405376 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2018-02-12 17:59 - 2018-02-12 17:58 - 000112640 _____ (forum.viry.cz) C:\Users\Petr\Desktop\FRSTLauncher (1).exe
2018-02-12 17:56 - 2018-02-12 18:01 - 000000000 ____D C:\FRST
2018-02-12 14:42 - 2018-02-12 14:42 - 000003124 _____ C:\WINDOWS\System32\Tasks\MSIAfterburner
2018-02-09 00:27 - 2018-02-10 13:47 - 000000000 ____D C:\Users\Petr\AppData\Local\WhatsApp
2018-02-09 00:27 - 2018-02-09 00:27 - 000002297 _____ C:\Users\Petr\Desktop\WhatsApp.lnk
2018-02-09 00:13 - 2018-02-11 17:07 - 000000000 ____D C:\Users\Petr\AppData\Roaming\WhatsApp
2018-02-09 00:13 - 2018-02-09 00:27 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2018-02-07 06:58 - 2018-02-07 06:58 - 000002803 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Device Recovery Tool.lnk
2018-02-07 06:58 - 2018-02-07 06:58 - 000000000 ____D C:\ProgramData\LGE
2018-02-07 06:58 - 2018-02-07 06:58 - 000000000 ____D C:\Program Files (x86)\Microsoft Care Suite
2018-02-07 06:57 - 2018-02-07 06:57 - 000000000 ____D C:\Users\Petr\AppData\Local\B2X
2018-02-07 06:56 - 2018-02-07 06:56 - 000000000 ____D C:\ProgramData\B2X
2018-02-01 19:20 - 2018-02-01 19:20 - 000002080 _____ C:\Users\Public\Desktop\ESET Ochrana bankovnictví a online plateb.lnk
2018-02-01 19:20 - 2018-02-01 19:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2018-02-01 19:20 - 2018-02-01 19:20 - 000000000 ____D C:\ProgramData\ESET
2018-02-01 19:20 - 2018-02-01 19:20 - 000000000 ____D C:\Program Files\ESET
2018-02-01 19:20 - 2018-01-19 15:32 - 000134368 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2018-02-01 19:20 - 2018-01-19 15:32 - 000106304 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2018-02-01 19:20 - 2018-01-19 15:31 - 000180088 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2018-02-01 19:20 - 2018-01-19 15:31 - 000081880 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2018-02-01 19:20 - 2018-01-19 15:31 - 000050744 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2018-01-31 18:59 - 2018-01-31 18:59 - 000003360 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3350653476-3925414303-2360853535-1000
2018-01-31 18:59 - 2018-01-31 18:59 - 000002425 _____ C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-01-30 15:29 - 2018-01-30 15:30 - 000000000 ____D C:\Program Files (x86)\Flawless Widescreen
2018-01-30 15:29 - 2018-01-30 15:29 - 000001227 _____ C:\Users\Public\Desktop\Flawless Widescreen.lnk
2018-01-30 15:29 - 2018-01-30 15:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flawless Widescreen
2018-01-30 14:02 - 2018-01-30 14:17 - 000000000 ____D C:\Users\Petr\AppData\Local\MassEffectModder
2018-01-24 22:40 - 2018-01-24 22:40 - 000001920 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-01-24 22:40 - 2018-01-24 22:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-01-24 22:40 - 2018-01-24 22:40 - 000000000 ____D C:\ProgramData\MB2Migration
2018-01-24 22:40 - 2018-01-24 22:40 - 000000000 ____D C:\Program Files\Malwarebytes
2018-01-24 22:40 - 2017-10-04 13:15 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2018-01-22 20:45 - 2018-01-22 20:45 - 000000020 ___SH C:\Users\OVRLibraryService\ntuser.ini
2018-01-21 02:14 - 2018-01-21 02:14 - 000110144 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll
2018-01-21 02:14 - 2018-01-21 02:14 - 000110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2018-01-21 02:14 - 2018-01-21 02:13 - 000097344 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-02-12 17:44 - 2017-12-11 09:34 - 003498834 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-12 17:44 - 2017-09-30 15:30 - 001390054 _____ C:\WINDOWS\system32\perfh005.dat
2018-02-12 17:44 - 2017-09-30 15:30 - 000362118 _____ C:\WINDOWS\system32\perfc005.dat
2018-02-12 17:40 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Registration
2018-02-12 17:39 - 2017-05-31 17:36 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Origin
2018-02-12 17:39 - 2017-04-12 10:52 - 000000000 ____D C:\ProgramData\NVIDIA
2018-02-12 17:39 - 2014-11-28 01:47 - 000000000 ____D C:\ProgramData\Origin
2018-02-12 17:38 - 2017-12-11 09:48 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-02-12 17:38 - 2017-12-11 09:43 - 000000000 ____D C:\Users\Petr
2018-02-12 17:38 - 2017-12-11 09:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-02-12 17:38 - 2016-12-20 00:25 - 000000000 ____D C:\Users\Petr\AppData\Local\Oculus
2018-02-12 17:38 - 2016-03-09 17:21 - 000000091 _____ C:\HaxLogs.txt
2018-02-12 17:23 - 2014-11-27 21:29 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Skype
2018-02-12 14:42 - 2017-09-29 09:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-02-12 14:15 - 2017-12-11 09:48 - 000004194 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D87F7E91-CC38-47E8-B6CA-3B4B7227B8C4}
2018-02-12 12:13 - 2017-08-01 20:51 - 000002210 _____ C:\Users\Public\Desktop\Smart Switch.lnk
2018-02-12 08:58 - 2014-11-28 11:25 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2018-02-11 12:32 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2018-02-11 12:32 - 2016-03-06 16:13 - 000000000 ____D C:\Program Files (x86)\HTC
2018-02-11 12:31 - 2017-04-02 13:24 - 000000000 ____D C:\ProgramData\Wondershare
2018-02-11 12:26 - 2017-11-12 22:05 - 000000000 ____D C:\Users\Petr\AppData\Local\JxBrowser
2018-02-11 12:26 - 2014-11-27 19:49 - 000000000 ____D C:\ProgramData\Package Cache
2018-02-10 12:28 - 2016-11-17 13:38 - 000000000 ____D C:\Program Files\BDServices
2018-02-10 12:24 - 2015-05-11 19:29 - 000000000 ____D C:\Users\Petr\AppData\Local\SquirrelTemp
2018-02-10 12:24 - 2014-11-28 17:55 - 000000000 ____D C:\Temp
2018-02-10 12:11 - 2014-12-05 11:05 - 000007652 _____ C:\Users\Petr\AppData\Local\Resmon.ResmonCfg
2018-02-10 11:20 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-02-10 08:57 - 2017-10-09 06:15 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2018-02-08 15:22 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-02-08 15:21 - 2017-12-11 09:43 - 000000000 ____D C:\Users\Petr\AppData\Local\Packages
2018-02-08 15:21 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-08 11:21 - 2017-12-19 09:38 - 000000000 ____D C:\WINDOWS\Minidump
2018-02-08 11:21 - 2017-12-11 09:33 - 000246328 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-02-07 19:56 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\rescache
2018-02-07 06:58 - 2016-01-13 22:03 - 000000000 ____D C:\ProgramData\HTC
2018-02-06 06:31 - 2014-11-27 19:54 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-06 06:31 - 2014-11-27 19:54 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-02-05 15:26 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-01-31 18:59 - 2015-07-26 17:45 - 000000000 ___RD C:\Users\Petr\OneDrive
2018-01-30 10:22 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-01-30 02:06 - 2017-11-19 23:28 - 000001068 _____ C:\Users\Public\Desktop\STAR WARS Battlefront II.lnk
2018-01-30 01:52 - 2017-05-31 17:36 - 000000000 ____D C:\Program Files (x86)\Origin
2018-01-27 13:32 - 2015-01-18 14:58 - 000000000 ____D C:\Users\Petr\AppData\Local\Adobe
2018-01-27 13:29 - 2017-12-11 09:48 - 000004716 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-01-27 13:29 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-01-27 13:28 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-01-26 00:16 - 2016-01-16 14:33 - 000000000 ____D C:\Users\Petr\Documents\The Witcher 3
2018-01-24 23:07 - 2017-05-08 16:10 - 000000000 ____D C:\Users\Petr\Documents\Deus Ex - Mankind Divided
2018-01-24 23:07 - 2016-12-20 11:05 - 000000000 ____D C:\Program Files\Oculus
2018-01-24 22:40 - 2014-12-29 00:10 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-01-22 20:45 - 2017-12-11 09:43 - 000000000 ____D C:\Users\OVRLibraryService
2018-01-21 15:15 - 2015-05-19 19:17 - 000000000 ____D C:\Program Files (x86)\GalaxyClient
2018-01-21 02:15 - 2014-12-06 14:03 - 000000000 ____D C:\ProgramData\Oracle
2018-01-21 02:14 - 2016-03-09 17:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2018-01-21 02:14 - 2016-03-09 17:16 - 000000000 ____D C:\Program Files\Java
2018-01-21 02:14 - 2015-07-30 12:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-01-21 02:14 - 2014-12-06 14:03 - 000000000 ____D C:\Program Files (x86)\Java
2018-01-21 00:56 - 2015-09-13 18:38 - 000002409 _____ C:\Users\Petr\.kdiff3rc
2018-01-20 23:36 - 2014-11-27 21:29 - 000000000 ____D C:\ProgramData\Skype
2018-01-19 15:31 - 2017-12-10 13:38 - 000107328 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
==================== Files in the root of some directories =======
2014-11-27 21:44 - 2018-02-10 12:28 - 000000115 _____ () C:\Users\Petr\AppData\Roaming\LogFile.txt
2016-06-12 12:35 - 2016-06-12 12:35 - 000000100 _____ () C:\Users\Petr\AppData\Roaming\ScriptStudioLayout.ini
2016-06-12 12:35 - 2016-06-12 12:35 - 000000046 _____ () C:\Users\Petr\AppData\Roaming\ScriptStudioOptions.ini
2017-04-16 15:56 - 2017-04-16 15:56 - 000000000 _____ () C:\Users\Petr\AppData\Local\Driver_LOM_8161Present.flag
2014-12-08 16:40 - 2017-04-06 16:33 - 002370560 _____ () C:\Users\Petr\AppData\Local\file__0.localstorage
2014-12-05 11:05 - 2018-02-10 12:11 - 000007652 _____ () C:\Users\Petr\AppData\Local\Resmon.ResmonCfg
Some files in TEMP:
====================
2018-02-12 12:13 - 2018-02-12 12:13 - 000066048 _____ () C:\Users\Petr\AppData\Local\Temp\Execute2App.exe
2018-02-12 12:13 - 2016-12-09 08:03 - 000568832 _____ (Microsoft Corporation) C:\Users\Petr\AppData\Local\Temp\msvcp90.dll
2018-02-12 12:13 - 2016-12-09 08:03 - 000655872 _____ (Microsoft Corporation) C:\Users\Petr\AppData\Local\Temp\msvcr90.dll
2018-02-11 12:26 - 2018-02-11 12:26 - 000040448 ____N () C:\Users\Petr\AppData\Local\Temp\proxy_vole4589665020546360370.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-02-09 21:04
==================== End of FRST.txt ============================
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:237.94 GB) (Free:111.07 GB) NTFS
Drive e: (Úložiště) (Fixed) (Total:931.51 GB) (Free:321.24 GB) NTFS
\\?\Volume{8993e0c4-7662-11e4-b8ae-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{3ca33780-0000-0000-0000-30823b000000}\ () (Fixed) (Total:0.44 GB) (Free:0.06 GB) NTFS
Available physical RAM: 1007.97 MB
Total physical RAM: 8140.79 MB
Percentage of memory in use: 87%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 3CA33780)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=237.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 28F75257)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\MedReminder.job => c:\programdata\{fbee48cf-4ca4-5c74-fbee-e48cf4ca233d}\skelligemostwantedupdated.exe-1437765770126.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\MSIOSDx64_Host.job => C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe
Task: C:\WINDOWS\Tasks\MSIOSDx86_Host.job => C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe
Task: C:\WINDOWS\Tasks\MSISW_Host.job => C:\WINDOWS\SysWOW64\muachost.exe
Task: C:\WINDOWS\Tasks\RegCure Pro Update.job => C:\Program Files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\RegCure Pro_sch_C99AC78E-ACC2-11E6-9ECE-448A5B9FA09A.job => C:\Program Files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe <==== ATTENTION
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Internet Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Internet Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Petr\Desktop" je 405 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\amd_dc_opt
C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Command Center
C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent
"C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Live Update
C:\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sound Blaster Cinema 2
"C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe" /r [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Petr^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Rainmeter.lnk
E:\Program Files (x86)\Rainmeter\Rainmeter.exe [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
==================== End Of Log ==============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Vysoké využití paměti ram
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Vysoké využití paměti ram
- Přílohy
-
- Addition.rar
- (25.69 KiB) Staženo 84 x
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vysoké využití paměti ram
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vysoké využití paměti ram
Log po restartu počítače:
# AdwCleaner 7.0.8.0 - Logfile created on Mon Feb 12 18:19:46 2018
# Updated on 2018/08/02 by Malwarebytes
# Running on Windows 10 Pro (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
Deleted: scan
***** [ Folders ] *****
Deleted: C:\ProgramData\SparkTrust
Deleted: C:\Users\All Users\SparkTrust
Deleted: C:\ProgramData\PARETOLOGIC
Deleted: C:\Program Files (x86)\PARETOLOGIC
Deleted: C:\Users\All Users\PARETOLOGIC
Deleted: C:\Users\Petr\AppData\Roaming\PARETOLOGIC
Deleted: C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PARETOLOGIC
Deleted: C:\Users\Petr\AppData\Roaming\UpdateMyDrivers
***** [ Files ] *****
Deleted: C:\END
Deleted: C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\RegCure Pro.lnk
Deleted: C:\Users\Petr\Desktop\RegCure Pro.lnk
Deleted: C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\REGCURE PRO.LNK
Deleted: C:\Users\Petr\Desktop\REGCURE PRO.LNK
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted: RegCure Pro Update
Deleted: RegCure Pro_sch_C99AC78E-ACC2-11E6-9ECE-448A5B9FA09A
Deleted: RegCure Pro_sch_C99AC78E-ACC2-11E6-9ECE-448A5B9FA09A
***** [ Registry ] *****
Deleted: [Key] - HKLM\SOFTWARE\ParetoLogic
Deleted: [Key] - HKU\S-1-5-21-3350653476-3925414303-2360853535-1000\Software\ParetoLogic
Deleted: [Key] - HKCU\Software\ParetoLogic
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C547F361-5750-4CD1-9FB6-BC93827CB6C1}
Deleted: [Key] - HKLM\SOFTWARE\sparktrust
Deleted: [Key] - HKU\S-1-5-21-3350653476-3925414303-2360853535-1000\Software\sparktrust
Deleted: [Key] - HKCU\Software\sparktrust
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{65416821-217D-44BD-9C61-F53398FB1B46}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{65416821-217D-44BD-9C61-F53398FB1B46}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{6DFC0DC7-FDC5-44C2-8B80-5977BA8F8ACC}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{E5AFF088-92F8-41a9-8CAB-E9CDCCE967AC}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{34F4FEAF-4921-4B5D-8BE5-CA384BFFC2CE}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{39A37965-0A96-43A3-870E-821FE5C84B0B}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{4ABDD67C-44E3-42E0-816D-D7F0E54761DF}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{4ABDD67C-44E3-42E0-816D-D7F0E54761DF}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{94915A56-4D71-4F85-B59C-CC040F5AC6F0}
Deleted: [Key] - HKLM\SOFTWARE\Conduit
Deleted: [Key] - HKU\S-1-5-21-3350653476-3925414303-2360853535-1000\Software\Conduit
Deleted: [Key] - HKCU\Software\Conduit
Deleted: [Key] - HKLM\SOFTWARE\Reimage
Deleted: [Key] - HKLM\SOFTWARE\Auslogics
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [3696 B] - [2018/2/12 18:18:54]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
# AdwCleaner 7.0.8.0 - Logfile created on Mon Feb 12 18:19:46 2018
# Updated on 2018/08/02 by Malwarebytes
# Running on Windows 10 Pro (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
Deleted: scan
***** [ Folders ] *****
Deleted: C:\ProgramData\SparkTrust
Deleted: C:\Users\All Users\SparkTrust
Deleted: C:\ProgramData\PARETOLOGIC
Deleted: C:\Program Files (x86)\PARETOLOGIC
Deleted: C:\Users\All Users\PARETOLOGIC
Deleted: C:\Users\Petr\AppData\Roaming\PARETOLOGIC
Deleted: C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PARETOLOGIC
Deleted: C:\Users\Petr\AppData\Roaming\UpdateMyDrivers
***** [ Files ] *****
Deleted: C:\END
Deleted: C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\RegCure Pro.lnk
Deleted: C:\Users\Petr\Desktop\RegCure Pro.lnk
Deleted: C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\REGCURE PRO.LNK
Deleted: C:\Users\Petr\Desktop\REGCURE PRO.LNK
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted: RegCure Pro Update
Deleted: RegCure Pro_sch_C99AC78E-ACC2-11E6-9ECE-448A5B9FA09A
Deleted: RegCure Pro_sch_C99AC78E-ACC2-11E6-9ECE-448A5B9FA09A
***** [ Registry ] *****
Deleted: [Key] - HKLM\SOFTWARE\ParetoLogic
Deleted: [Key] - HKU\S-1-5-21-3350653476-3925414303-2360853535-1000\Software\ParetoLogic
Deleted: [Key] - HKCU\Software\ParetoLogic
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C547F361-5750-4CD1-9FB6-BC93827CB6C1}
Deleted: [Key] - HKLM\SOFTWARE\sparktrust
Deleted: [Key] - HKU\S-1-5-21-3350653476-3925414303-2360853535-1000\Software\sparktrust
Deleted: [Key] - HKCU\Software\sparktrust
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{65416821-217D-44BD-9C61-F53398FB1B46}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{65416821-217D-44BD-9C61-F53398FB1B46}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{6DFC0DC7-FDC5-44C2-8B80-5977BA8F8ACC}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{E5AFF088-92F8-41a9-8CAB-E9CDCCE967AC}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{34F4FEAF-4921-4B5D-8BE5-CA384BFFC2CE}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{39A37965-0A96-43A3-870E-821FE5C84B0B}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{4ABDD67C-44E3-42E0-816D-D7F0E54761DF}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{4ABDD67C-44E3-42E0-816D-D7F0E54761DF}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{94915A56-4D71-4F85-B59C-CC040F5AC6F0}
Deleted: [Key] - HKLM\SOFTWARE\Conduit
Deleted: [Key] - HKU\S-1-5-21-3350653476-3925414303-2360853535-1000\Software\Conduit
Deleted: [Key] - HKCU\Software\Conduit
Deleted: [Key] - HKLM\SOFTWARE\Reimage
Deleted: [Key] - HKLM\SOFTWARE\Auslogics
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [3696 B] - [2018/2/12 18:18:54]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vysoké využití paměti ram
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vysoké využití paměti ram
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12.02.2018
Ran by Petr (administrator) on PETR-PC (12-02-2018 20:05:43)
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr & OVRLibraryService & DefaultAppPool)
Platform: Windows 10 Pro Version 1709 16299.192 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
() C:\Windows\Installer\MSI7EC5.tmp
(Digital Care Solutions) C:\Program Files\BDServices\BitDefenderCOM.exe
(HTC Corporation) C:\Program Files\HTC Account\Htc.Identity.Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Micron Technology, Inc.) C:\Program Files\Crucial\Crucial Storage Executive\cache\MicronCacheMonitor.exe
(Oculus VR) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\MSI\Smart Utilities\SuperRAIDSvc.exe
() C:\Program Files\Virtual Desktop\VirtualDesktop.Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\System32\vdsldr.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Oculus VR) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe
() C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(MSI) C:\Windows\SysWOW64\muachost.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\Pac207\Monitor.exe
(Saitek) C:\Program Files\SmartTechnology\Software\ProfilerU.exe
(Saitek) C:\Program Files\SmartTechnology\Software\SaiMfd.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer64.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(IPEVO) C:\Program Files (x86)\IPEVO\Control Center\ICC\IPEVO Control Center.exe
() C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_2.2.19.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe
() C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_2.2.19.0_x64__wyx1vj98g3asy\SamsungFlow.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe
() C:\Program Files (x86)\Genius\Gila\mousehid.exe
(MICRO-STAR INT'L,.LTD.) C:\Program Files\WMIHook\WMIHookBtnFn\LEDBarController.exe
(MICRO-STAR INT'L,.LTD.) C:\Program Files\WMIHook\WMIHookBtnFn\SilentFanController.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Genius\Gila\trayicon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
() C:\Program Files (x86)\ViveSetup\PCClient\ViveportService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(forum.viry.cz) C:\Users\Petr\Desktop\FRSTLauncher (1).exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9181696 2016-12-09] (Realtek Semiconductor)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-23] (Intel Corporation)
HKLM\...\Run: [Monitor] => C:\WINDOWS\PixArt\PAC207\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [ProfilerU] => C:\Program Files\SmartTechnology\Software\ProfilerU.exe [454656 2016-01-21] (Saitek)
HKLM\...\Run: [SaiMfd] => C:\Program Files\SmartTechnology\Software\SaiMfd.exe [157696 2016-01-21] (Saitek)
HKLM\...\Run: [Cm108Sound] => C:\WINDOWS\syswow64\RunDll32.exe C:\WINDOWS\Syswow64\cm108.dll,CMICtrlWnd
HKLM\...\Run: [ctfmon] => c:\windows\system32\ctfmon.exe [10752 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\ecmds.exe [324352 2017-12-18] (ESET)
HKLM-x32\...\Run: [Gila] => C:\Program Files (x86)\Genius\Gila\mousehid.exe [307712 2013-01-07] ()
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Sound Blaster Cinema 2] => C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe [1442304 2014-05-29] (Creative Technology Ltd)
HKLM-x32\...\Run: [LEDBarController] => C:\Program Files\WMIHook\WMIHookBtnFn\LEDBarController.exe [43056 2015-09-18] (MICRO-STAR INT'L,.LTD.)
HKLM-x32\...\Run: [SilentFanControl] => C:\Program Files\WMIHook\WMIHookBtnFn\SilentFanController.exe [243248 2015-09-16] (MICRO-STAR INT'L,.LTD.)
HKLM-x32\...\Run: [Fast Boot] => C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [759120 2015-04-22] ()
HKLM-x32\...\Run: [HTC Store User Content Helper] => C:\Program Files (x86)\ViveSetup\PCClient\HTCVRMarketplaceUserContextHelper.exe [112464 2017-02-24] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation)
HKU\S-1-5-21-3350653476-3925414303-2360853535-1000\...\Run: [IPEVO Control Center] => C:\Program Files (x86)\IPEVO\Control Center\ICC\IPEVO Control Center.exe [1475072 2011-09-05] (IPEVO)
HKU\S-1-5-21-3350653476-3925414303-2360853535-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-3350653476-3925414303-2360853535-1000\...\Run: [SmartSwitchPDLR.exe] => C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPDLR.exe [1184928 2018-01-25] (Samsung)
HKU\S-1-5-21-3350653476-3925414303-2360853535-1000\...\RunOnce: [Application Restart #5] => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MSI)
HKU\S-1-5-21-3350653476-3925414303-2360853535-1000\...\RunOnce: [Application Restart #2] => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MSI)
HKU\S-1-5-21-3350653476-3925414303-2360853535-1000\...\Policies\system: [DisableLockWorkstation] 0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BackupRemind.lnk [2017-04-02]
ShortcutTarget: BackupRemind.lnk -> C:\Program Files (x86)\Wondershare\dr.fone toolkit for Android\Addins\AndroidBackupRestore\BackupRemind.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2017-04-16]
ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{69a1bdc8-f7e5-44bf-bc80-ac82322ce60f}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_161\bin\ssv.dll [2018-01-21] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-21] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-01-21] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-21] (Oracle Corporation)
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-05-11] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [No File]
FF Plugin: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-21] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-05-11] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-21] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3350653476-3925414303-2360853535-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Petr\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-12-17] (Unity Technologies ApS)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.facebook.com/?ref=logo
CHR StartupUrls: Default -> "hxxps://www.facebook.com/?ref=logo"
CHR NewTab: Default -> Not-active:"chrome-extension://bgjpfhpjcgdppjbgnpnjllokbmcdllig/speeddial/html/temporaryNewTab.html"
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default [2018-02-12]
CHR Extension: (Seznam pro Chrome - Email) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-01-11]
CHR Extension: (Pop up blocker for Chrome™ - Poper Blocker) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2018-01-01]
CHR Extension: (Adblock na Youtube™) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2017-06-15]
CHR Extension: (Downloads) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi [2017-09-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Televize Online) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcfeebemepipakkhapnhljbcdkagkloh [2015-07-14]
CHR Extension: (Chrome Media Router) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-06]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1404936 2017-05-10] ()
R2 BitDefenderCOM; C:\Program Files\BDServices\BitDefenderCom.exe [1027072 2016-11-10] (Digital Care Solutions) [File not signed]
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1940584 2017-12-18] (ESET)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2017-03-09] (Futuremark)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [532552 2018-01-21] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [8345672 2017-12-08] (GOG.com)
R2 HTC Account Service; C:\Program Files\HTC Account\Htc.Identity.Service.exe [20712 2016-12-15] (HTC Corporation)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
R2 HyperDeskCustomThemeEnabler; C:\Windows\Installer\MSI7EC5.tmp [102400 2014-11-28] () [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-23] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21184 2015-11-20] (Microsoft Corporation)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-07-06] (Intel Corporation)
R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [457104 2016-12-05] (Rivet Networks)
R2 LMS; C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [415520 2015-07-06] (Intel Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
R2 MicronCacheMonitor; C:\Program Files\Crucial\Crucial Storage Executive\cache\MicronCacheMonitor.exe [689152 2016-07-26] (Micron Technology, Inc.) [File not signed]
R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [105296 2015-06-04] (MSI)
S4 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2154816 2018-01-20] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3024712 2018-01-20] (Electronic Arts)
S3 OVRLibraryService; C:\Program Files\Oculus\Support\oculus-librarian\OVRLibraryService.exe [135464 2018-01-22] (Oculus VR, LLC)
R2 OVRService; C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe [480208 2018-01-22] (Oculus VR)
S3 PAExec; C:\WINDOWS\PAExec.exe [189112 2016-05-05] (Power Admin LLC)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2014-12-11] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2016-11-08] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4329952 2017-12-10] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (DEVGURU Co., LTD.)
R2 SuperRAIDSvc; C:\MSI\Smart Utilities\SuperRAIDSvc.exe [24048 2014-04-03] ()
R2 VirtualDesktop.Service.exe; C:\Program Files\Virtual Desktop\VirtualDesktop.Service.exe [330208 2017-07-19] ()
R2 Viveport; C:\Program Files (x86)\ViveSetup\PCClient\ViveportService.exe [72016 2017-02-24] ()
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [56552 2016-03-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
S2 WMI_Hook_Service; C:\Program Files\WMIHook\WMIHookBtnFn\WMI_Hook_Service.exe [155696 2015-09-21] (MICRO-STAR INT'L,.LTD.)
S4 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [18384 2014-08-07] (Intel(R) Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\dr.fone toolkit for Android\Library\DriverInstaller\DriverInstall.exe" [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AcpiCtlDrv; C:\WINDOWS\System32\drivers\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
R1 BfLwf; C:\WINDOWS\system32\DRIVERS\bwcW10x64.sys [145736 2016-09-19] (Rivet Networks, LLC.)
R3 BTWUSB; C:\WINDOWS\System32\Drivers\btwusb.sys [66136 2016-11-14] (Broadcom Corporation.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2017-01-16] (Samsung Electronics Co., Ltd.)
R1 dokan1; C:\WINDOWS\System32\DRIVERS\dokan1.sys [108608 2016-09-24] (Dokan Project)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2015-07-30] (Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [134368 2018-01-19] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [107328 2018-01-19] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15392 2017-12-16] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [180088 2018-01-19] (ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50744 2018-01-19] (ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [81880 2018-01-19] (ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [106304 2018-01-19] (ESET)
S3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)
S3 HtcVCom32; C:\WINDOWS\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-08] (QUALCOMM Incorporated)
R3 ikbevent; C:\WINDOWS\System32\DRIVERS\ikbevent.sys [22216 2014-02-03] ()
R3 imsevent; C:\WINDOWS\System32\DRIVERS\imsevent.sys [22728 2014-02-03] ()
R2 inpoutx64; C:\WINDOWS\System32\Drivers\inpoutx64.sys [15008 2015-10-31] (Highresolution Enterprises [www.highrez.co.uk])
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [28912 2014-06-17] (Intel Corporation)
R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [145920 2017-09-29] (Qualcomm Atheros, Inc.)
R1 mtihint; C:\WINDOWS\system32\Drivers\mtihint.sys [18504 2015-07-13] (Micron Technology, Inc.) [File not signed]
S3 NTIOLib_ECO; C:\Program Files (x86)\MSI\ECO Center\NTIOLib_X64.sys [13808 2014-01-06] (MSI)
R3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
R3 NTIOLib_MSI_RAID; C:\MSI\Smart Utilities\NTIOLib_X64.sys [13808 2014-03-17] (MSI)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c791f781cd94491f\nvlddmkm.sys [16989296 2017-11-15] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-10-11] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50624 2017-10-11] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57976 2017-11-14] (NVIDIA Corporation)
R3 Oculus_ViGEmBus; C:\WINDOWS\System32\drivers\Oculus_ViGEmBus.sys [32856 2017-08-03] (Facebook Inc.)
R3 pikbd; C:\WINDOWS\System32\drivers\pikbd.sys [22880 2013-11-30] (Christian Gulden)
R3 pimou; C:\WINDOWS\System32\drivers\pimou.sys [24600 2015-09-13] (Christian Gulden)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] ()
S3 SaiK0762; C:\WINDOWS\System32\drivers\SaiK0762.sys [181920 2015-11-06] (Saitek)
R3 SaiMini; C:\WINDOWS\System32\drivers\SaiMini.sys [23968 2016-01-27] (Saitek)
R3 SaiNtBus; C:\WINDOWS\system32\drivers\SaiBus.sys [51616 2016-01-27] (Saitek)
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [259584 2017-09-29] (Microsoft Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2017-01-16] (Samsung Electronics Co., Ltd.)
S3 Trufos; C:\WINDOWS\System32\DRIVERS\Trufos.sys [485512 2016-11-10] (BitDefender S.R.L.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
U3 idsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-02-12 20:05 - 2018-02-12 20:05 - 000025705 _____ C:\Users\Petr\Desktop\FRST.txt
2018-02-12 19:17 - 2018-02-12 19:18 - 000000000 ____D C:\AdwCleaner
2018-02-12 18:02 - 2018-02-12 18:02 - 000026309 _____ C:\Users\Petr\Desktop\Addition.rar
2018-02-12 18:00 - 2018-02-12 17:56 - 002405376 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2018-02-12 17:59 - 2018-02-12 17:58 - 000112640 _____ (forum.viry.cz) C:\Users\Petr\Desktop\FRSTLauncher (1).exe
2018-02-12 17:56 - 2018-02-12 20:05 - 000000000 ____D C:\FRST
2018-02-12 14:42 - 2018-02-12 14:42 - 000003124 _____ C:\WINDOWS\System32\Tasks\MSIAfterburner
2018-02-09 00:27 - 2018-02-10 13:47 - 000000000 ____D C:\Users\Petr\AppData\Local\WhatsApp
2018-02-09 00:27 - 2018-02-09 00:27 - 000002297 _____ C:\Users\Petr\Desktop\WhatsApp.lnk
2018-02-09 00:13 - 2018-02-11 17:07 - 000000000 ____D C:\Users\Petr\AppData\Roaming\WhatsApp
2018-02-09 00:13 - 2018-02-09 00:27 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2018-02-07 06:58 - 2018-02-07 06:58 - 000002803 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Device Recovery Tool.lnk
2018-02-07 06:58 - 2018-02-07 06:58 - 000000000 ____D C:\ProgramData\LGE
2018-02-07 06:58 - 2018-02-07 06:58 - 000000000 ____D C:\Program Files (x86)\Microsoft Care Suite
2018-02-07 06:57 - 2018-02-07 06:57 - 000000000 ____D C:\Users\Petr\AppData\Local\B2X
2018-02-07 06:56 - 2018-02-07 06:56 - 000000000 ____D C:\ProgramData\B2X
2018-02-01 19:20 - 2018-02-01 19:20 - 000002080 _____ C:\Users\Public\Desktop\ESET Ochrana bankovnictví a online plateb.lnk
2018-02-01 19:20 - 2018-02-01 19:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2018-02-01 19:20 - 2018-02-01 19:20 - 000000000 ____D C:\ProgramData\ESET
2018-02-01 19:20 - 2018-02-01 19:20 - 000000000 ____D C:\Program Files\ESET
2018-02-01 19:20 - 2018-01-19 15:32 - 000134368 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2018-02-01 19:20 - 2018-01-19 15:32 - 000106304 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2018-02-01 19:20 - 2018-01-19 15:31 - 000180088 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2018-02-01 19:20 - 2018-01-19 15:31 - 000081880 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2018-02-01 19:20 - 2018-01-19 15:31 - 000050744 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2018-01-31 18:59 - 2018-01-31 18:59 - 000003360 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3350653476-3925414303-2360853535-1000
2018-01-31 18:59 - 2018-01-31 18:59 - 000002425 _____ C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-01-30 15:29 - 2018-01-30 15:30 - 000000000 ____D C:\Program Files (x86)\Flawless Widescreen
2018-01-30 15:29 - 2018-01-30 15:29 - 000001227 _____ C:\Users\Public\Desktop\Flawless Widescreen.lnk
2018-01-30 15:29 - 2018-01-30 15:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flawless Widescreen
2018-01-30 14:02 - 2018-01-30 14:17 - 000000000 ____D C:\Users\Petr\AppData\Local\MassEffectModder
2018-01-24 22:40 - 2018-01-24 22:40 - 000001920 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-01-24 22:40 - 2018-01-24 22:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-01-24 22:40 - 2018-01-24 22:40 - 000000000 ____D C:\ProgramData\MB2Migration
2018-01-24 22:40 - 2018-01-24 22:40 - 000000000 ____D C:\Program Files\Malwarebytes
2018-01-24 22:40 - 2017-10-04 13:15 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2018-01-22 20:45 - 2018-01-22 20:45 - 000000020 ___SH C:\Users\OVRLibraryService\ntuser.ini
2018-01-21 02:14 - 2018-01-21 02:14 - 000110144 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll
2018-01-21 02:14 - 2018-01-21 02:14 - 000110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2018-01-21 02:14 - 2018-01-21 02:13 - 000097344 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-02-12 19:26 - 2017-12-11 09:34 - 003571034 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-12 19:26 - 2017-09-30 15:30 - 001417110 _____ C:\WINDOWS\system32\perfh005.dat
2018-02-12 19:26 - 2017-09-30 15:30 - 000370490 _____ C:\WINDOWS\system32\perfc005.dat
2018-02-12 19:22 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Registration
2018-02-12 19:20 - 2017-12-11 09:48 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-02-12 19:20 - 2017-09-29 09:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-02-12 19:20 - 2017-04-12 10:52 - 000000000 ____D C:\ProgramData\NVIDIA
2018-02-12 19:20 - 2016-12-20 00:25 - 000000000 ____D C:\Users\Petr\AppData\Local\Oculus
2018-02-12 19:20 - 2016-03-09 17:21 - 000000091 _____ C:\HaxLogs.txt
2018-02-12 19:19 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2018-02-12 19:16 - 2017-12-11 09:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-02-12 18:14 - 2017-03-31 10:06 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2018-02-12 17:39 - 2017-05-31 17:36 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Origin
2018-02-12 17:39 - 2014-11-28 01:47 - 000000000 ____D C:\ProgramData\Origin
2018-02-12 17:38 - 2017-12-11 09:43 - 000000000 ____D C:\Users\Petr
2018-02-12 17:23 - 2014-11-27 21:29 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Skype
2018-02-12 14:15 - 2017-12-11 09:48 - 000004194 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D87F7E91-CC38-47E8-B6CA-3B4B7227B8C4}
2018-02-12 12:13 - 2017-08-01 20:51 - 000002210 _____ C:\Users\Public\Desktop\Smart Switch.lnk
2018-02-12 08:58 - 2014-11-28 11:25 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2018-02-11 12:32 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2018-02-11 12:32 - 2016-03-06 16:13 - 000000000 ____D C:\Program Files (x86)\HTC
2018-02-11 12:31 - 2017-04-02 13:24 - 000000000 ____D C:\ProgramData\Wondershare
2018-02-11 12:26 - 2017-11-12 22:05 - 000000000 ____D C:\Users\Petr\AppData\Local\JxBrowser
2018-02-11 12:26 - 2014-11-27 19:49 - 000000000 ____D C:\ProgramData\Package Cache
2018-02-10 12:28 - 2016-11-17 13:38 - 000000000 ____D C:\Program Files\BDServices
2018-02-10 12:24 - 2015-05-11 19:29 - 000000000 ____D C:\Users\Petr\AppData\Local\SquirrelTemp
2018-02-10 12:24 - 2014-11-28 17:55 - 000000000 ____D C:\Temp
2018-02-10 12:11 - 2014-12-05 11:05 - 000007652 _____ C:\Users\Petr\AppData\Local\Resmon.ResmonCfg
2018-02-10 11:20 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-02-10 08:57 - 2017-10-09 06:15 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2018-02-08 15:22 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-02-08 15:21 - 2017-12-11 09:43 - 000000000 ____D C:\Users\Petr\AppData\Local\Packages
2018-02-08 15:21 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-08 11:21 - 2017-12-19 09:38 - 000000000 ____D C:\WINDOWS\Minidump
2018-02-08 11:21 - 2017-12-11 09:33 - 000246328 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-02-07 19:56 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\rescache
2018-02-07 06:58 - 2016-01-13 22:03 - 000000000 ____D C:\ProgramData\HTC
2018-02-06 06:31 - 2014-11-27 19:54 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-06 06:31 - 2014-11-27 19:54 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-02-05 15:26 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-01-31 18:59 - 2015-07-26 17:45 - 000000000 ___RD C:\Users\Petr\OneDrive
2018-01-30 10:22 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-01-30 02:06 - 2017-11-19 23:28 - 000001068 _____ C:\Users\Public\Desktop\STAR WARS Battlefront II.lnk
2018-01-30 01:52 - 2017-05-31 17:36 - 000000000 ____D C:\Program Files (x86)\Origin
2018-01-27 13:32 - 2015-01-18 14:58 - 000000000 ____D C:\Users\Petr\AppData\Local\Adobe
2018-01-27 13:29 - 2017-12-11 09:48 - 000004716 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-01-27 13:29 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-01-27 13:28 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-01-26 00:16 - 2016-01-16 14:33 - 000000000 ____D C:\Users\Petr\Documents\The Witcher 3
2018-01-24 23:07 - 2017-05-08 16:10 - 000000000 ____D C:\Users\Petr\Documents\Deus Ex - Mankind Divided
2018-01-24 23:07 - 2016-12-20 11:05 - 000000000 ____D C:\Program Files\Oculus
2018-01-24 22:40 - 2014-12-29 00:10 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-01-22 20:45 - 2017-12-11 09:43 - 000000000 ____D C:\Users\OVRLibraryService
2018-01-21 15:15 - 2015-05-19 19:17 - 000000000 ____D C:\Program Files (x86)\GalaxyClient
2018-01-21 02:15 - 2014-12-06 14:03 - 000000000 ____D C:\ProgramData\Oracle
2018-01-21 02:14 - 2016-03-09 17:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2018-01-21 02:14 - 2016-03-09 17:16 - 000000000 ____D C:\Program Files\Java
2018-01-21 02:14 - 2015-07-30 12:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-01-21 02:14 - 2014-12-06 14:03 - 000000000 ____D C:\Program Files (x86)\Java
2018-01-21 00:56 - 2015-09-13 18:38 - 000002409 _____ C:\Users\Petr\.kdiff3rc
2018-01-20 23:36 - 2014-11-27 21:29 - 000000000 ____D C:\ProgramData\Skype
2018-01-19 15:31 - 2017-12-10 13:38 - 000107328 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
==================== Files in the root of some directories =======
2014-11-27 21:44 - 2018-02-10 12:28 - 000000115 _____ () C:\Users\Petr\AppData\Roaming\LogFile.txt
2016-06-12 12:35 - 2016-06-12 12:35 - 000000100 _____ () C:\Users\Petr\AppData\Roaming\ScriptStudioLayout.ini
2016-06-12 12:35 - 2016-06-12 12:35 - 000000046 _____ () C:\Users\Petr\AppData\Roaming\ScriptStudioOptions.ini
2017-04-16 15:56 - 2017-04-16 15:56 - 000000000 _____ () C:\Users\Petr\AppData\Local\Driver_LOM_8161Present.flag
2014-12-08 16:40 - 2017-04-06 16:33 - 002370560 _____ () C:\Users\Petr\AppData\Local\file__0.localstorage
2014-12-05 11:05 - 2018-02-10 12:11 - 000007652 _____ () C:\Users\Petr\AppData\Local\Resmon.ResmonCfg
Some files in TEMP:
====================
2018-02-12 12:13 - 2018-02-12 12:13 - 000066048 _____ () C:\Users\Petr\AppData\Local\Temp\Execute2App.exe
2018-02-12 12:13 - 2016-12-09 08:03 - 000568832 _____ (Microsoft Corporation) C:\Users\Petr\AppData\Local\Temp\msvcp90.dll
2018-02-12 12:13 - 2016-12-09 08:03 - 000655872 _____ (Microsoft Corporation) C:\Users\Petr\AppData\Local\Temp\msvcr90.dll
2018-02-11 12:26 - 2018-02-11 12:26 - 000040448 ____N () C:\Users\Petr\AppData\Local\Temp\proxy_vole4589665020546360370.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-02-09 21:04
==================== End of FRST.txt ============================
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:237.94 GB) (Free:110.67 GB) NTFS
Drive e: (Úložiště) (Fixed) (Total:931.51 GB) (Free:310.55 GB) NTFS
\\?\Volume{8993e0c4-7662-11e4-b8ae-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{3ca33780-0000-0000-0000-30823b000000}\ () (Fixed) (Total:0.44 GB) (Free:0.06 GB) NTFS
Available physical RAM: 5702.19 MB
Total physical RAM: 8140.79 MB
Percentage of memory in use: 29%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 3CA33780)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=237.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 28F75257)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\MedReminder.job => c:\programdata\{fbee48cf-4ca4-5c74-fbee-e48cf4ca233d}\skelligemostwantedupdated.exe-1437765770126.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\MSIOSDx64_Host.job => C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe
Task: C:\WINDOWS\Tasks\MSIOSDx86_Host.job => C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe
Task: C:\WINDOWS\Tasks\MSISW_Host.job => C:\WINDOWS\SysWOW64\muachost.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Internet Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Internet Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Petr\Desktop" je 405 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\amd_dc_opt
C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Command Center
C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent
"C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Live Update
C:\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sound Blaster Cinema 2
"C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe" /r [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Petr^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Rainmeter.lnk
E:\Program Files (x86)\Rainmeter\Rainmeter.exe [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
==================== End Of Log ==============================
Ran by Petr (administrator) on PETR-PC (12-02-2018 20:05:43)
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr & OVRLibraryService & DefaultAppPool)
Platform: Windows 10 Pro Version 1709 16299.192 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
() C:\Windows\Installer\MSI7EC5.tmp
(Digital Care Solutions) C:\Program Files\BDServices\BitDefenderCOM.exe
(HTC Corporation) C:\Program Files\HTC Account\Htc.Identity.Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Micron Technology, Inc.) C:\Program Files\Crucial\Crucial Storage Executive\cache\MicronCacheMonitor.exe
(Oculus VR) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\MSI\Smart Utilities\SuperRAIDSvc.exe
() C:\Program Files\Virtual Desktop\VirtualDesktop.Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\System32\vdsldr.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Oculus VR) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe
() C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(MSI) C:\Windows\SysWOW64\muachost.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\Pac207\Monitor.exe
(Saitek) C:\Program Files\SmartTechnology\Software\ProfilerU.exe
(Saitek) C:\Program Files\SmartTechnology\Software\SaiMfd.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer64.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(IPEVO) C:\Program Files (x86)\IPEVO\Control Center\ICC\IPEVO Control Center.exe
() C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_2.2.19.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe
() C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_2.2.19.0_x64__wyx1vj98g3asy\SamsungFlow.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe
() C:\Program Files (x86)\Genius\Gila\mousehid.exe
(MICRO-STAR INT'L,.LTD.) C:\Program Files\WMIHook\WMIHookBtnFn\LEDBarController.exe
(MICRO-STAR INT'L,.LTD.) C:\Program Files\WMIHook\WMIHookBtnFn\SilentFanController.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Genius\Gila\trayicon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
() C:\Program Files (x86)\ViveSetup\PCClient\ViveportService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(forum.viry.cz) C:\Users\Petr\Desktop\FRSTLauncher (1).exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9181696 2016-12-09] (Realtek Semiconductor)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-23] (Intel Corporation)
HKLM\...\Run: [Monitor] => C:\WINDOWS\PixArt\PAC207\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [ProfilerU] => C:\Program Files\SmartTechnology\Software\ProfilerU.exe [454656 2016-01-21] (Saitek)
HKLM\...\Run: [SaiMfd] => C:\Program Files\SmartTechnology\Software\SaiMfd.exe [157696 2016-01-21] (Saitek)
HKLM\...\Run: [Cm108Sound] => C:\WINDOWS\syswow64\RunDll32.exe C:\WINDOWS\Syswow64\cm108.dll,CMICtrlWnd
HKLM\...\Run: [ctfmon] => c:\windows\system32\ctfmon.exe [10752 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\ecmds.exe [324352 2017-12-18] (ESET)
HKLM-x32\...\Run: [Gila] => C:\Program Files (x86)\Genius\Gila\mousehid.exe [307712 2013-01-07] ()
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Sound Blaster Cinema 2] => C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe [1442304 2014-05-29] (Creative Technology Ltd)
HKLM-x32\...\Run: [LEDBarController] => C:\Program Files\WMIHook\WMIHookBtnFn\LEDBarController.exe [43056 2015-09-18] (MICRO-STAR INT'L,.LTD.)
HKLM-x32\...\Run: [SilentFanControl] => C:\Program Files\WMIHook\WMIHookBtnFn\SilentFanController.exe [243248 2015-09-16] (MICRO-STAR INT'L,.LTD.)
HKLM-x32\...\Run: [Fast Boot] => C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [759120 2015-04-22] ()
HKLM-x32\...\Run: [HTC Store User Content Helper] => C:\Program Files (x86)\ViveSetup\PCClient\HTCVRMarketplaceUserContextHelper.exe [112464 2017-02-24] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation)
HKU\S-1-5-21-3350653476-3925414303-2360853535-1000\...\Run: [IPEVO Control Center] => C:\Program Files (x86)\IPEVO\Control Center\ICC\IPEVO Control Center.exe [1475072 2011-09-05] (IPEVO)
HKU\S-1-5-21-3350653476-3925414303-2360853535-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-3350653476-3925414303-2360853535-1000\...\Run: [SmartSwitchPDLR.exe] => C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPDLR.exe [1184928 2018-01-25] (Samsung)
HKU\S-1-5-21-3350653476-3925414303-2360853535-1000\...\RunOnce: [Application Restart #5] => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MSI)
HKU\S-1-5-21-3350653476-3925414303-2360853535-1000\...\RunOnce: [Application Restart #2] => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MSI)
HKU\S-1-5-21-3350653476-3925414303-2360853535-1000\...\Policies\system: [DisableLockWorkstation] 0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BackupRemind.lnk [2017-04-02]
ShortcutTarget: BackupRemind.lnk -> C:\Program Files (x86)\Wondershare\dr.fone toolkit for Android\Addins\AndroidBackupRestore\BackupRemind.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2017-04-16]
ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{69a1bdc8-f7e5-44bf-bc80-ac82322ce60f}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_161\bin\ssv.dll [2018-01-21] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-21] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-01-21] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-21] (Oracle Corporation)
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-05-11] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [No File]
FF Plugin: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-21] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-05-11] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-21] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3350653476-3925414303-2360853535-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Petr\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-12-17] (Unity Technologies ApS)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.facebook.com/?ref=logo
CHR StartupUrls: Default -> "hxxps://www.facebook.com/?ref=logo"
CHR NewTab: Default -> Not-active:"chrome-extension://bgjpfhpjcgdppjbgnpnjllokbmcdllig/speeddial/html/temporaryNewTab.html"
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default [2018-02-12]
CHR Extension: (Seznam pro Chrome - Email) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-01-11]
CHR Extension: (Pop up blocker for Chrome™ - Poper Blocker) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2018-01-01]
CHR Extension: (Adblock na Youtube™) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2017-06-15]
CHR Extension: (Downloads) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi [2017-09-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Televize Online) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcfeebemepipakkhapnhljbcdkagkloh [2015-07-14]
CHR Extension: (Chrome Media Router) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-06]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1404936 2017-05-10] ()
R2 BitDefenderCOM; C:\Program Files\BDServices\BitDefenderCom.exe [1027072 2016-11-10] (Digital Care Solutions) [File not signed]
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1940584 2017-12-18] (ESET)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2017-03-09] (Futuremark)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [532552 2018-01-21] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [8345672 2017-12-08] (GOG.com)
R2 HTC Account Service; C:\Program Files\HTC Account\Htc.Identity.Service.exe [20712 2016-12-15] (HTC Corporation)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
R2 HyperDeskCustomThemeEnabler; C:\Windows\Installer\MSI7EC5.tmp [102400 2014-11-28] () [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-23] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21184 2015-11-20] (Microsoft Corporation)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-07-06] (Intel Corporation)
R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [457104 2016-12-05] (Rivet Networks)
R2 LMS; C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [415520 2015-07-06] (Intel Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
R2 MicronCacheMonitor; C:\Program Files\Crucial\Crucial Storage Executive\cache\MicronCacheMonitor.exe [689152 2016-07-26] (Micron Technology, Inc.) [File not signed]
R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [105296 2015-06-04] (MSI)
S4 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2154816 2018-01-20] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3024712 2018-01-20] (Electronic Arts)
S3 OVRLibraryService; C:\Program Files\Oculus\Support\oculus-librarian\OVRLibraryService.exe [135464 2018-01-22] (Oculus VR, LLC)
R2 OVRService; C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe [480208 2018-01-22] (Oculus VR)
S3 PAExec; C:\WINDOWS\PAExec.exe [189112 2016-05-05] (Power Admin LLC)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2014-12-11] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2016-11-08] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4329952 2017-12-10] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (DEVGURU Co., LTD.)
R2 SuperRAIDSvc; C:\MSI\Smart Utilities\SuperRAIDSvc.exe [24048 2014-04-03] ()
R2 VirtualDesktop.Service.exe; C:\Program Files\Virtual Desktop\VirtualDesktop.Service.exe [330208 2017-07-19] ()
R2 Viveport; C:\Program Files (x86)\ViveSetup\PCClient\ViveportService.exe [72016 2017-02-24] ()
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [56552 2016-03-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
S2 WMI_Hook_Service; C:\Program Files\WMIHook\WMIHookBtnFn\WMI_Hook_Service.exe [155696 2015-09-21] (MICRO-STAR INT'L,.LTD.)
S4 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [18384 2014-08-07] (Intel(R) Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\dr.fone toolkit for Android\Library\DriverInstaller\DriverInstall.exe" [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AcpiCtlDrv; C:\WINDOWS\System32\drivers\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
R1 BfLwf; C:\WINDOWS\system32\DRIVERS\bwcW10x64.sys [145736 2016-09-19] (Rivet Networks, LLC.)
R3 BTWUSB; C:\WINDOWS\System32\Drivers\btwusb.sys [66136 2016-11-14] (Broadcom Corporation.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2017-01-16] (Samsung Electronics Co., Ltd.)
R1 dokan1; C:\WINDOWS\System32\DRIVERS\dokan1.sys [108608 2016-09-24] (Dokan Project)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2015-07-30] (Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [134368 2018-01-19] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [107328 2018-01-19] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15392 2017-12-16] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [180088 2018-01-19] (ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50744 2018-01-19] (ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [81880 2018-01-19] (ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [106304 2018-01-19] (ESET)
S3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)
S3 HtcVCom32; C:\WINDOWS\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-08] (QUALCOMM Incorporated)
R3 ikbevent; C:\WINDOWS\System32\DRIVERS\ikbevent.sys [22216 2014-02-03] ()
R3 imsevent; C:\WINDOWS\System32\DRIVERS\imsevent.sys [22728 2014-02-03] ()
R2 inpoutx64; C:\WINDOWS\System32\Drivers\inpoutx64.sys [15008 2015-10-31] (Highresolution Enterprises [www.highrez.co.uk])
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [28912 2014-06-17] (Intel Corporation)
R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [145920 2017-09-29] (Qualcomm Atheros, Inc.)
R1 mtihint; C:\WINDOWS\system32\Drivers\mtihint.sys [18504 2015-07-13] (Micron Technology, Inc.) [File not signed]
S3 NTIOLib_ECO; C:\Program Files (x86)\MSI\ECO Center\NTIOLib_X64.sys [13808 2014-01-06] (MSI)
R3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
R3 NTIOLib_MSI_RAID; C:\MSI\Smart Utilities\NTIOLib_X64.sys [13808 2014-03-17] (MSI)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c791f781cd94491f\nvlddmkm.sys [16989296 2017-11-15] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-10-11] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50624 2017-10-11] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57976 2017-11-14] (NVIDIA Corporation)
R3 Oculus_ViGEmBus; C:\WINDOWS\System32\drivers\Oculus_ViGEmBus.sys [32856 2017-08-03] (Facebook Inc.)
R3 pikbd; C:\WINDOWS\System32\drivers\pikbd.sys [22880 2013-11-30] (Christian Gulden)
R3 pimou; C:\WINDOWS\System32\drivers\pimou.sys [24600 2015-09-13] (Christian Gulden)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] ()
S3 SaiK0762; C:\WINDOWS\System32\drivers\SaiK0762.sys [181920 2015-11-06] (Saitek)
R3 SaiMini; C:\WINDOWS\System32\drivers\SaiMini.sys [23968 2016-01-27] (Saitek)
R3 SaiNtBus; C:\WINDOWS\system32\drivers\SaiBus.sys [51616 2016-01-27] (Saitek)
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [259584 2017-09-29] (Microsoft Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2017-01-16] (Samsung Electronics Co., Ltd.)
S3 Trufos; C:\WINDOWS\System32\DRIVERS\Trufos.sys [485512 2016-11-10] (BitDefender S.R.L.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
U3 idsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-02-12 20:05 - 2018-02-12 20:05 - 000025705 _____ C:\Users\Petr\Desktop\FRST.txt
2018-02-12 19:17 - 2018-02-12 19:18 - 000000000 ____D C:\AdwCleaner
2018-02-12 18:02 - 2018-02-12 18:02 - 000026309 _____ C:\Users\Petr\Desktop\Addition.rar
2018-02-12 18:00 - 2018-02-12 17:56 - 002405376 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2018-02-12 17:59 - 2018-02-12 17:58 - 000112640 _____ (forum.viry.cz) C:\Users\Petr\Desktop\FRSTLauncher (1).exe
2018-02-12 17:56 - 2018-02-12 20:05 - 000000000 ____D C:\FRST
2018-02-12 14:42 - 2018-02-12 14:42 - 000003124 _____ C:\WINDOWS\System32\Tasks\MSIAfterburner
2018-02-09 00:27 - 2018-02-10 13:47 - 000000000 ____D C:\Users\Petr\AppData\Local\WhatsApp
2018-02-09 00:27 - 2018-02-09 00:27 - 000002297 _____ C:\Users\Petr\Desktop\WhatsApp.lnk
2018-02-09 00:13 - 2018-02-11 17:07 - 000000000 ____D C:\Users\Petr\AppData\Roaming\WhatsApp
2018-02-09 00:13 - 2018-02-09 00:27 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2018-02-07 06:58 - 2018-02-07 06:58 - 000002803 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Device Recovery Tool.lnk
2018-02-07 06:58 - 2018-02-07 06:58 - 000000000 ____D C:\ProgramData\LGE
2018-02-07 06:58 - 2018-02-07 06:58 - 000000000 ____D C:\Program Files (x86)\Microsoft Care Suite
2018-02-07 06:57 - 2018-02-07 06:57 - 000000000 ____D C:\Users\Petr\AppData\Local\B2X
2018-02-07 06:56 - 2018-02-07 06:56 - 000000000 ____D C:\ProgramData\B2X
2018-02-01 19:20 - 2018-02-01 19:20 - 000002080 _____ C:\Users\Public\Desktop\ESET Ochrana bankovnictví a online plateb.lnk
2018-02-01 19:20 - 2018-02-01 19:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2018-02-01 19:20 - 2018-02-01 19:20 - 000000000 ____D C:\ProgramData\ESET
2018-02-01 19:20 - 2018-02-01 19:20 - 000000000 ____D C:\Program Files\ESET
2018-02-01 19:20 - 2018-01-19 15:32 - 000134368 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2018-02-01 19:20 - 2018-01-19 15:32 - 000106304 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2018-02-01 19:20 - 2018-01-19 15:31 - 000180088 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2018-02-01 19:20 - 2018-01-19 15:31 - 000081880 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2018-02-01 19:20 - 2018-01-19 15:31 - 000050744 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2018-01-31 18:59 - 2018-01-31 18:59 - 000003360 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3350653476-3925414303-2360853535-1000
2018-01-31 18:59 - 2018-01-31 18:59 - 000002425 _____ C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-01-30 15:29 - 2018-01-30 15:30 - 000000000 ____D C:\Program Files (x86)\Flawless Widescreen
2018-01-30 15:29 - 2018-01-30 15:29 - 000001227 _____ C:\Users\Public\Desktop\Flawless Widescreen.lnk
2018-01-30 15:29 - 2018-01-30 15:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flawless Widescreen
2018-01-30 14:02 - 2018-01-30 14:17 - 000000000 ____D C:\Users\Petr\AppData\Local\MassEffectModder
2018-01-24 22:40 - 2018-01-24 22:40 - 000001920 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-01-24 22:40 - 2018-01-24 22:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-01-24 22:40 - 2018-01-24 22:40 - 000000000 ____D C:\ProgramData\MB2Migration
2018-01-24 22:40 - 2018-01-24 22:40 - 000000000 ____D C:\Program Files\Malwarebytes
2018-01-24 22:40 - 2017-10-04 13:15 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2018-01-22 20:45 - 2018-01-22 20:45 - 000000020 ___SH C:\Users\OVRLibraryService\ntuser.ini
2018-01-21 02:14 - 2018-01-21 02:14 - 000110144 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll
2018-01-21 02:14 - 2018-01-21 02:14 - 000110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2018-01-21 02:14 - 2018-01-21 02:13 - 000097344 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-02-12 19:26 - 2017-12-11 09:34 - 003571034 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-12 19:26 - 2017-09-30 15:30 - 001417110 _____ C:\WINDOWS\system32\perfh005.dat
2018-02-12 19:26 - 2017-09-30 15:30 - 000370490 _____ C:\WINDOWS\system32\perfc005.dat
2018-02-12 19:22 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Registration
2018-02-12 19:20 - 2017-12-11 09:48 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-02-12 19:20 - 2017-09-29 09:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-02-12 19:20 - 2017-04-12 10:52 - 000000000 ____D C:\ProgramData\NVIDIA
2018-02-12 19:20 - 2016-12-20 00:25 - 000000000 ____D C:\Users\Petr\AppData\Local\Oculus
2018-02-12 19:20 - 2016-03-09 17:21 - 000000091 _____ C:\HaxLogs.txt
2018-02-12 19:19 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2018-02-12 19:16 - 2017-12-11 09:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-02-12 18:14 - 2017-03-31 10:06 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2018-02-12 17:39 - 2017-05-31 17:36 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Origin
2018-02-12 17:39 - 2014-11-28 01:47 - 000000000 ____D C:\ProgramData\Origin
2018-02-12 17:38 - 2017-12-11 09:43 - 000000000 ____D C:\Users\Petr
2018-02-12 17:23 - 2014-11-27 21:29 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Skype
2018-02-12 14:15 - 2017-12-11 09:48 - 000004194 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D87F7E91-CC38-47E8-B6CA-3B4B7227B8C4}
2018-02-12 12:13 - 2017-08-01 20:51 - 000002210 _____ C:\Users\Public\Desktop\Smart Switch.lnk
2018-02-12 08:58 - 2014-11-28 11:25 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2018-02-11 12:32 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2018-02-11 12:32 - 2016-03-06 16:13 - 000000000 ____D C:\Program Files (x86)\HTC
2018-02-11 12:31 - 2017-04-02 13:24 - 000000000 ____D C:\ProgramData\Wondershare
2018-02-11 12:26 - 2017-11-12 22:05 - 000000000 ____D C:\Users\Petr\AppData\Local\JxBrowser
2018-02-11 12:26 - 2014-11-27 19:49 - 000000000 ____D C:\ProgramData\Package Cache
2018-02-10 12:28 - 2016-11-17 13:38 - 000000000 ____D C:\Program Files\BDServices
2018-02-10 12:24 - 2015-05-11 19:29 - 000000000 ____D C:\Users\Petr\AppData\Local\SquirrelTemp
2018-02-10 12:24 - 2014-11-28 17:55 - 000000000 ____D C:\Temp
2018-02-10 12:11 - 2014-12-05 11:05 - 000007652 _____ C:\Users\Petr\AppData\Local\Resmon.ResmonCfg
2018-02-10 11:20 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-02-10 08:57 - 2017-10-09 06:15 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2018-02-08 15:22 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-02-08 15:21 - 2017-12-11 09:43 - 000000000 ____D C:\Users\Petr\AppData\Local\Packages
2018-02-08 15:21 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-08 11:21 - 2017-12-19 09:38 - 000000000 ____D C:\WINDOWS\Minidump
2018-02-08 11:21 - 2017-12-11 09:33 - 000246328 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-02-07 19:56 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\rescache
2018-02-07 06:58 - 2016-01-13 22:03 - 000000000 ____D C:\ProgramData\HTC
2018-02-06 06:31 - 2014-11-27 19:54 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-06 06:31 - 2014-11-27 19:54 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-02-05 15:26 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-01-31 18:59 - 2015-07-26 17:45 - 000000000 ___RD C:\Users\Petr\OneDrive
2018-01-30 10:22 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-01-30 02:06 - 2017-11-19 23:28 - 000001068 _____ C:\Users\Public\Desktop\STAR WARS Battlefront II.lnk
2018-01-30 01:52 - 2017-05-31 17:36 - 000000000 ____D C:\Program Files (x86)\Origin
2018-01-27 13:32 - 2015-01-18 14:58 - 000000000 ____D C:\Users\Petr\AppData\Local\Adobe
2018-01-27 13:29 - 2017-12-11 09:48 - 000004716 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-01-27 13:29 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-01-27 13:28 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-01-26 00:16 - 2016-01-16 14:33 - 000000000 ____D C:\Users\Petr\Documents\The Witcher 3
2018-01-24 23:07 - 2017-05-08 16:10 - 000000000 ____D C:\Users\Petr\Documents\Deus Ex - Mankind Divided
2018-01-24 23:07 - 2016-12-20 11:05 - 000000000 ____D C:\Program Files\Oculus
2018-01-24 22:40 - 2014-12-29 00:10 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-01-22 20:45 - 2017-12-11 09:43 - 000000000 ____D C:\Users\OVRLibraryService
2018-01-21 15:15 - 2015-05-19 19:17 - 000000000 ____D C:\Program Files (x86)\GalaxyClient
2018-01-21 02:15 - 2014-12-06 14:03 - 000000000 ____D C:\ProgramData\Oracle
2018-01-21 02:14 - 2016-03-09 17:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2018-01-21 02:14 - 2016-03-09 17:16 - 000000000 ____D C:\Program Files\Java
2018-01-21 02:14 - 2015-07-30 12:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-01-21 02:14 - 2014-12-06 14:03 - 000000000 ____D C:\Program Files (x86)\Java
2018-01-21 00:56 - 2015-09-13 18:38 - 000002409 _____ C:\Users\Petr\.kdiff3rc
2018-01-20 23:36 - 2014-11-27 21:29 - 000000000 ____D C:\ProgramData\Skype
2018-01-19 15:31 - 2017-12-10 13:38 - 000107328 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
==================== Files in the root of some directories =======
2014-11-27 21:44 - 2018-02-10 12:28 - 000000115 _____ () C:\Users\Petr\AppData\Roaming\LogFile.txt
2016-06-12 12:35 - 2016-06-12 12:35 - 000000100 _____ () C:\Users\Petr\AppData\Roaming\ScriptStudioLayout.ini
2016-06-12 12:35 - 2016-06-12 12:35 - 000000046 _____ () C:\Users\Petr\AppData\Roaming\ScriptStudioOptions.ini
2017-04-16 15:56 - 2017-04-16 15:56 - 000000000 _____ () C:\Users\Petr\AppData\Local\Driver_LOM_8161Present.flag
2014-12-08 16:40 - 2017-04-06 16:33 - 002370560 _____ () C:\Users\Petr\AppData\Local\file__0.localstorage
2014-12-05 11:05 - 2018-02-10 12:11 - 000007652 _____ () C:\Users\Petr\AppData\Local\Resmon.ResmonCfg
Some files in TEMP:
====================
2018-02-12 12:13 - 2018-02-12 12:13 - 000066048 _____ () C:\Users\Petr\AppData\Local\Temp\Execute2App.exe
2018-02-12 12:13 - 2016-12-09 08:03 - 000568832 _____ (Microsoft Corporation) C:\Users\Petr\AppData\Local\Temp\msvcp90.dll
2018-02-12 12:13 - 2016-12-09 08:03 - 000655872 _____ (Microsoft Corporation) C:\Users\Petr\AppData\Local\Temp\msvcr90.dll
2018-02-11 12:26 - 2018-02-11 12:26 - 000040448 ____N () C:\Users\Petr\AppData\Local\Temp\proxy_vole4589665020546360370.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-02-09 21:04
==================== End of FRST.txt ============================
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:237.94 GB) (Free:110.67 GB) NTFS
Drive e: (Úložiště) (Fixed) (Total:931.51 GB) (Free:310.55 GB) NTFS
\\?\Volume{8993e0c4-7662-11e4-b8ae-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{3ca33780-0000-0000-0000-30823b000000}\ () (Fixed) (Total:0.44 GB) (Free:0.06 GB) NTFS
Available physical RAM: 5702.19 MB
Total physical RAM: 8140.79 MB
Percentage of memory in use: 29%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 3CA33780)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=237.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 28F75257)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\MedReminder.job => c:\programdata\{fbee48cf-4ca4-5c74-fbee-e48cf4ca233d}\skelligemostwantedupdated.exe-1437765770126.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\MSIOSDx64_Host.job => C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe
Task: C:\WINDOWS\Tasks\MSIOSDx86_Host.job => C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe
Task: C:\WINDOWS\Tasks\MSISW_Host.job => C:\WINDOWS\SysWOW64\muachost.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Internet Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Internet Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Petr\Desktop" je 405 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\amd_dc_opt
C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Command Center
C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent
"C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Live Update
C:\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sound Blaster Cinema 2
"C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe" /r [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Petr^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Rainmeter.lnk
E:\Program Files (x86)\Rainmeter\Rainmeter.exe [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
==================== End Of Log ==============================
- Přílohy
-
- Addition.rar
- (25.51 KiB) Staženo 81 x
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vysoké využití paměti ram
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
U3 idsvc; no ImagePath
HKU\S-1-5-21-3350653476-3925414303-2360853535-1000\...\ChromeHTML: -> <==== ATTENTION
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers6: [Fast Explorer] -> {693BE9C0-BEC3-11D2-B4C1-C33BBD3AD64B} => -> No File
Task: {4EB7C617-4AF9-4B9F-BBB5-3A92094CB70F} - \Microsoft\Windows\Setup\GWXTriggers\Time-3xd -> No File <==== ATTENTION
Task: {79F37A51-120D-417D-A19B-7B3868675204} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {7B55DECD-4FED-44D1-BA85-8BF89DEE8888} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {6C8C7C23-1C5D-4D62-A293-76D2AB50E120} - System32\Tasks\MedReminder => c:\programdata\{fbee48cf-4ca4-5c74-fbee-e48cf4ca233d}\skelligemostwantedupdated.exe <==== ATTENTION
Task: {BEB3E16D-F72D-443F-885B-89A75A7FB9B7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {C819CD04-445B-46FE-8F88-405572B4F5AB} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {DDC88311-9393-4A41-AD75-9E65331F5317} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\MedReminder.job => c:\programdata\{fbee48cf-4ca4-5c74-fbee-e48cf4ca233d}\skelligemostwantedupdated.exe-1437765770126.exe <==== ATTENTION
C:\Windows\Installer\MSI7EC5.tmp
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vysoké využití paměti ram
Fix result of Farbar Recovery Scan Tool (x64) Version: 12.02.2018
Ran by Petr (12-02-2018 21:16:54) Run:1
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr & OVRLibraryService & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
U3 idsvc; no ImagePath
HKU\S-1-5-21-3350653476-3925414303-2360853535-1000\...\ChromeHTML: -> <==== ATTENTION
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers6: [Fast Explorer] -> {693BE9C0-BEC3-11D2-B4C1-C33BBD3AD64B} => -> No File
Task: {4EB7C617-4AF9-4B9F-BBB5-3A92094CB70F} - \Microsoft\Windows\Setup\GWXTriggers\Time-3xd -> No File <==== ATTENTION
Task: {79F37A51-120D-417D-A19B-7B3868675204} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {7B55DECD-4FED-44D1-BA85-8BF89DEE8888} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {6C8C7C23-1C5D-4D62-A293-76D2AB50E120} - System32\Tasks\MedReminder => c:\programdata\{fbee48cf-4ca4-5c74-fbee-e48cf4ca233d}\skelligemostwantedupdated.exe <==== ATTENTION
Task: {BEB3E16D-F72D-443F-885B-89A75A7FB9B7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {C819CD04-445B-46FE-8F88-405572B4F5AB} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {DDC88311-9393-4A41-AD75-9E65331F5317} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\MedReminder.job => c:\programdata\{fbee48cf-4ca4-5c74-fbee-e48cf4ca233d}\skelligemostwantedupdated.exe-1437765770126.exe <==== ATTENTION
C:\Windows\Installer\MSI7EC5.tmp
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\System\CurrentControlSet\Services\idsvc" => removed successfully
idsvc => service removed successfully
"HKU\S-1-5-21-3350653476-3925414303-2360853535-1000_Classes\ChromeHTML" => removed successfully
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip" => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => key not found
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64" => removed successfully
HKLM\Software\Classes\CLSID\{B298D29A-A6ED-11DE-BA8C-A68E55D89593} => key not found
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C}" => removed successfully
HKLM\Software\Classes\CLSID\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => key not found
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip" => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => key not found
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Fast Explorer" => removed successfully
HKLM\Software\Classes\CLSID\{693BE9C0-BEC3-11D2-B4C1-C33BBD3AD64B} => key not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4EB7C617-4AF9-4B9F-BBB5-3A92094CB70F} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4EB7C617-4AF9-4B9F-BBB5-3A92094CB70F} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-3xd => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{79F37A51-120D-417D-A19B-7B3868675204} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{79F37A51-120D-417D-A19B-7B3868675204} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7B55DECD-4FED-44D1-BA85-8BF89DEE8888} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7B55DECD-4FED-44D1-BA85-8BF89DEE8888} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6C8C7C23-1C5D-4D62-A293-76D2AB50E120} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C8C7C23-1C5D-4D62-A293-76D2AB50E120} => could not remove key. ErrorCode1: 0x00000002
C:\WINDOWS\System32\Tasks\MedReminder => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MedReminder => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BEB3E16D-F72D-443F-885B-89A75A7FB9B7} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BEB3E16D-F72D-443F-885B-89A75A7FB9B7} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C819CD04-445B-46FE-8F88-405572B4F5AB} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C819CD04-445B-46FE-8F88-405572B4F5AB} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DDC88311-9393-4A41-AD75-9E65331F5317} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DDC88311-9393-4A41-AD75-9E65331F5317} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => could not remove key. ErrorCode1: 0x00000002
C:\WINDOWS\Tasks\MedReminder.job => moved successfully
C:\Windows\Installer\MSI7EC5.tmp => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 43107402 B
Java, Flash, Steam htmlcache => 472935044 B
Windows/system/drivers => 91875792 B
Edge => 0 B
Chrome => 906773192 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 39202 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 7346 B
NetworkService => 0 B
Petr => 203676168 B
OVRLibraryService => 39202 B
DefaultAppPool => 39202 B
RecycleBin => 0 B
EmptyTemp: => 1.6 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 12-02-2018 21:17:59)
Result of scheduled keys to remove after reboot:
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4EB7C617-4AF9-4B9F-BBB5-3A92094CB70F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4EB7C617-4AF9-4B9F-BBB5-3A92094CB70F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-3xd" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{79F37A51-120D-417D-A19B-7B3868675204}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{79F37A51-120D-417D-A19B-7B3868675204}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7B55DECD-4FED-44D1-BA85-8BF89DEE8888}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7B55DECD-4FED-44D1-BA85-8BF89DEE8888}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6C8C7C23-1C5D-4D62-A293-76D2AB50E120}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C8C7C23-1C5D-4D62-A293-76D2AB50E120}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MedReminder" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BEB3E16D-F72D-443F-885B-89A75A7FB9B7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BEB3E16D-F72D-443F-885B-89A75A7FB9B7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C819CD04-445B-46FE-8F88-405572B4F5AB}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C819CD04-445B-46FE-8F88-405572B4F5AB}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DDC88311-9393-4A41-AD75-9E65331F5317}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DDC88311-9393-4A41-AD75-9E65331F5317}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
==== End of Fixlog 21:17:59 ====
Ran by Petr (12-02-2018 21:16:54) Run:1
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr & OVRLibraryService & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
U3 idsvc; no ImagePath
HKU\S-1-5-21-3350653476-3925414303-2360853535-1000\...\ChromeHTML: -> <==== ATTENTION
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers6: [Fast Explorer] -> {693BE9C0-BEC3-11D2-B4C1-C33BBD3AD64B} => -> No File
Task: {4EB7C617-4AF9-4B9F-BBB5-3A92094CB70F} - \Microsoft\Windows\Setup\GWXTriggers\Time-3xd -> No File <==== ATTENTION
Task: {79F37A51-120D-417D-A19B-7B3868675204} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {7B55DECD-4FED-44D1-BA85-8BF89DEE8888} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {6C8C7C23-1C5D-4D62-A293-76D2AB50E120} - System32\Tasks\MedReminder => c:\programdata\{fbee48cf-4ca4-5c74-fbee-e48cf4ca233d}\skelligemostwantedupdated.exe <==== ATTENTION
Task: {BEB3E16D-F72D-443F-885B-89A75A7FB9B7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {C819CD04-445B-46FE-8F88-405572B4F5AB} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {DDC88311-9393-4A41-AD75-9E65331F5317} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\MedReminder.job => c:\programdata\{fbee48cf-4ca4-5c74-fbee-e48cf4ca233d}\skelligemostwantedupdated.exe-1437765770126.exe <==== ATTENTION
C:\Windows\Installer\MSI7EC5.tmp
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\System\CurrentControlSet\Services\idsvc" => removed successfully
idsvc => service removed successfully
"HKU\S-1-5-21-3350653476-3925414303-2360853535-1000_Classes\ChromeHTML" => removed successfully
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip" => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => key not found
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64" => removed successfully
HKLM\Software\Classes\CLSID\{B298D29A-A6ED-11DE-BA8C-A68E55D89593} => key not found
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C}" => removed successfully
HKLM\Software\Classes\CLSID\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => key not found
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip" => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => key not found
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Fast Explorer" => removed successfully
HKLM\Software\Classes\CLSID\{693BE9C0-BEC3-11D2-B4C1-C33BBD3AD64B} => key not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4EB7C617-4AF9-4B9F-BBB5-3A92094CB70F} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4EB7C617-4AF9-4B9F-BBB5-3A92094CB70F} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-3xd => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{79F37A51-120D-417D-A19B-7B3868675204} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{79F37A51-120D-417D-A19B-7B3868675204} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7B55DECD-4FED-44D1-BA85-8BF89DEE8888} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7B55DECD-4FED-44D1-BA85-8BF89DEE8888} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6C8C7C23-1C5D-4D62-A293-76D2AB50E120} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C8C7C23-1C5D-4D62-A293-76D2AB50E120} => could not remove key. ErrorCode1: 0x00000002
C:\WINDOWS\System32\Tasks\MedReminder => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MedReminder => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BEB3E16D-F72D-443F-885B-89A75A7FB9B7} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BEB3E16D-F72D-443F-885B-89A75A7FB9B7} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C819CD04-445B-46FE-8F88-405572B4F5AB} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C819CD04-445B-46FE-8F88-405572B4F5AB} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DDC88311-9393-4A41-AD75-9E65331F5317} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DDC88311-9393-4A41-AD75-9E65331F5317} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => could not remove key. ErrorCode1: 0x00000002
C:\WINDOWS\Tasks\MedReminder.job => moved successfully
C:\Windows\Installer\MSI7EC5.tmp => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 43107402 B
Java, Flash, Steam htmlcache => 472935044 B
Windows/system/drivers => 91875792 B
Edge => 0 B
Chrome => 906773192 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 39202 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 7346 B
NetworkService => 0 B
Petr => 203676168 B
OVRLibraryService => 39202 B
DefaultAppPool => 39202 B
RecycleBin => 0 B
EmptyTemp: => 1.6 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 12-02-2018 21:17:59)
Result of scheduled keys to remove after reboot:
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4EB7C617-4AF9-4B9F-BBB5-3A92094CB70F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4EB7C617-4AF9-4B9F-BBB5-3A92094CB70F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-3xd" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{79F37A51-120D-417D-A19B-7B3868675204}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{79F37A51-120D-417D-A19B-7B3868675204}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7B55DECD-4FED-44D1-BA85-8BF89DEE8888}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7B55DECD-4FED-44D1-BA85-8BF89DEE8888}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6C8C7C23-1C5D-4D62-A293-76D2AB50E120}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C8C7C23-1C5D-4D62-A293-76D2AB50E120}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MedReminder" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BEB3E16D-F72D-443F-885B-89A75A7FB9B7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BEB3E16D-F72D-443F-885B-89A75A7FB9B7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C819CD04-445B-46FE-8F88-405572B4F5AB}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C819CD04-445B-46FE-8F88-405572B4F5AB}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DDC88311-9393-4A41-AD75-9E65331F5317}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DDC88311-9393-4A41-AD75-9E65331F5317}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
==== End of Fixlog 21:17:59 ====
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vysoké využití paměti ram
OK. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vysoké využití paměti ram
Zatím pozoruji využití ram mezi 35%, když zapnu Chrome tak kolem 37% a nejde nad 40%. Zatím dobré, ale chce to více hodin testování. Vyzkouším pár her, pustím nějaký film a během pár dnů se ozvu. Prozatím nechte prosím vlákno odemčené. Mohu se zeptat, v čem byla chyba? Nějaký balast? Zatím předem děkuji 
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vysoké využití paměti ram
Ano, balast a pár AdWarů.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vysoké využití paměti ram
Zdravím, bohužel po delším puštění prohlížeče, otevřených pár záložek a puštěné hudbě vytížení ram 78%. To se mi zdá při 8Gb ram celkem hodně. Pokud bych počkal pár hodin¨, dostal bych se opět k 98% vytížení a pc by se začalo sekat.
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vysoké využití paměti ram
Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vysoké využití paměti ram
Malwarebytes
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 13.02.18
Čas skenování: 13:29
Logovací soubor: 989a65ae-10b9-11e8-8e03-448a5b9fa09a.json
Správce: Ano
-Informace o softwaru-
Verze: 3.2.2.2029
Verze komponentů: 1.0.212
Aktualizovat verzi balíku komponent: 1.0.3932
Licence: Vypršelo
-Systémová informace-
OS: Windows 10 (Build 16299.192)
CPU: x64
Systém souborů: NTFS
Uživatel: PETR-PC\Petr
-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 422209
Zjištěné hrozby: 6
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 1 min, 35 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Varovat
Potenciálně nežádoucí modifikace: Varovat
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 3
PUP.Optional.Wondershare1ClickPCCare, C:\Users\Petr\AppData\Roaming\spotmau\WinCare2010\Startup Baks, Žádná uživatelská akce, [8140], [449885],1.0.3932
PUP.Optional.Wondershare1ClickPCCare, C:\USERS\PETR\APPDATA\ROAMING\SPOTMAU\WINCARE2010, Žádná uživatelská akce, [8140], [449885],1.0.3932
PUP.Optional.TuneUp360, C:\PROGRAMDATA\TUNEUP360, Žádná uživatelská akce, [14386], [452044],1.0.3932
Soubor: 3
PUP.Optional.BuenoSearch, C:\USERS\PETR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\Web Data, Žádná uživatelská akce, [3131], [455061],1.0.3932
PUP.Optional.BuenoSearch, C:\USERS\PETR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\Web Data, Žádná uživatelská akce, [3131], [455061],1.0.3932
PUP.Optional.BuenoSearch, C:\USERS\PETR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\Web Data, Žádná uživatelská akce, [3131], [455061],1.0.3932
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 13.02.18
Čas skenování: 13:29
Logovací soubor: 989a65ae-10b9-11e8-8e03-448a5b9fa09a.json
Správce: Ano
-Informace o softwaru-
Verze: 3.2.2.2029
Verze komponentů: 1.0.212
Aktualizovat verzi balíku komponent: 1.0.3932
Licence: Vypršelo
-Systémová informace-
OS: Windows 10 (Build 16299.192)
CPU: x64
Systém souborů: NTFS
Uživatel: PETR-PC\Petr
-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 422209
Zjištěné hrozby: 6
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 1 min, 35 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Varovat
Potenciálně nežádoucí modifikace: Varovat
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 3
PUP.Optional.Wondershare1ClickPCCare, C:\Users\Petr\AppData\Roaming\spotmau\WinCare2010\Startup Baks, Žádná uživatelská akce, [8140], [449885],1.0.3932
PUP.Optional.Wondershare1ClickPCCare, C:\USERS\PETR\APPDATA\ROAMING\SPOTMAU\WINCARE2010, Žádná uživatelská akce, [8140], [449885],1.0.3932
PUP.Optional.TuneUp360, C:\PROGRAMDATA\TUNEUP360, Žádná uživatelská akce, [14386], [452044],1.0.3932
Soubor: 3
PUP.Optional.BuenoSearch, C:\USERS\PETR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\Web Data, Žádná uživatelská akce, [3131], [455061],1.0.3932
PUP.Optional.BuenoSearch, C:\USERS\PETR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\Web Data, Žádná uživatelská akce, [3131], [455061],1.0.3932
PUP.Optional.BuenoSearch, C:\USERS\PETR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\Web Data, Žádná uživatelská akce, [3131], [455061],1.0.3932
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vysoké využití paměti ram
Všechny nálezy MBAM smažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?