Právě je 15 pro 2017 17:05

Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Všechny časy jsou v UTC + 1 hodina


Pravidla fóra


Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní: viewtopic.php?f=12&t=123975 . Děkujeme za pochopení.



Odeslat nové téma Odpovědět na téma  [ Příspěvků: 20 ]  Přejít na stránku 1, 2  Další
Autor Zpráva
 Předmět příspěvku: Nový hardware v PC = sekání myši
PříspěvekNapsal: 16 lis 2017 19:13 
Offline
Návštěvník
Návštěvník

Registrován: 16 lis 2017 19:01
Příspěvky: 10
Dobrý den,

mám jeden a ten samej PC už 9 let. Nyní jsem se rozhodl pro upgrade a vyměnil jsem základní desku, procesor a RAMky za nový. Vše ostatní zůstalo při starým.

Od té doby pociťuji sekání myši, ale pouze v případech, kdy výkon CPU vyskočí na 99 až 100 procent. To znamená, že stačí otevřít např. prohlížeč a po dobu co načítá (např. 5-10sec), tak se myš seká (jak kdyby místo 150 FPS měla najednou jen 3 FPS). Jakmile procesor ustane, myš se vrátí do normálu.

Tento jev se projevuje stejně i ve hrách. Například, když spustím playerunknown's battlegrounds, tak CPU je vytíženo po celou dobu na cca 80 procent, ale v určitých chvílých, či lokacích je vytížení na 100 procent a v tyto momenty nemůžu myší pohybovat ani ve hře.

Ovladače pokud je mi známo, mám všechny aktualizované a PC bez virů apod.

Zkoušel jsem myš zapojit i do jiných USB portů, jak 2.0 tak 3.0. Ale to se mi zdá, že taky nepomohlo.

Problém v myši též není. To jsem taky vyloučil.

Už vážně nevim, jak tomu přijít na zub. Ani jsem nic nevygooglil. Jste moje poslední šance.

Děkuji :!:


Nahoru
 Profil  
Odpovědět s citací  
PříspěvekNapsal: 16 lis 2017 19:24 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 101529
Bydliště: Plzeň
Zdravím!

Hecker3 píše:
Vše ostatní zůstalo při starým.


Pokud jste s novou desko nepřeinstaloval oper. systém, viděl bych problém tam.

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
Odpovědět s citací  
PříspěvekNapsal: 17 lis 2017 16:24 
Offline
Návštěvník
Návštěvník

Registrován: 16 lis 2017 19:01
Příspěvky: 10
Windows jsem nepřeinstaloval, ale odstranil jsem všechna data spojená se základní deskou a procesorem (tj. řadiče, chipset apod.) a po té nainstaloval odpovídající drivery.

Já už tuhle změnu párkrát prováděl (výměnu zákl. desky, bez reinstalace Win) a nikdy právě nebyl problém se sekající se myší i na mnohem slabších PC.

Netušíte kde jinde by mohl být problém? Do reinstalace se mi opravdu nechce a bojím se, že bych si musel koupit novou licenci, takže bych to nechal jako poslední možnost.

Díky :(


Nahoru
 Profil  
Odpovědět s citací  
PříspěvekNapsal: 17 lis 2017 17:15 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 101529
Bydliště: Plzeň
Hecker3 píše:
..ale odstranil jsem všechna data spojená se základní deskou a procesorem...


To bych rád věděl jak, když tyhle ovladače jsou zažrané hluboko v jádru systému. Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=24&t=132509 .

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
Odpovědět s citací  
PříspěvekNapsal: 17 lis 2017 17:28 
Offline
Návštěvník
Návštěvník

Registrován: 16 lis 2017 19:01
Příspěvky: 10
Citace:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-11-2017
Ran by McDan (administrator) on MCDANPC (17-11-2017 17:24:02)
Running from C:\Users\McDan\Desktop
Loaded Profiles: McDan (Available Profiles: McDan)
Platform: Windows 10 Pro Version 1703 15063.674 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
() C:\Windows\SysWOW64\XSrvSetup.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper\ABService.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
() C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Micro-Star Int'l Co., Ltd.) D:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
(Micro-Star INT'L CO., LTD.) D:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe
(MSI) C:\Windows\SysWOW64\muachost.exe
(Micro-Star Int'l Co., Ltd.) D:\Program Files (x86)\MSI\Gaming APP\MSI_LED.exe
(Micro-Star INT'L CO., LTD.) D:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe
(Micro-Star INT'L CO., LTD.) D:\Program Files (x86)\MSI\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe
(Micro-Star INT'L CO., LTD.) D:\Program Files (x86)\MSI\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\VideoCardMonitorII.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\EyeRest.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\TriggerModeMonitor.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Valve Corporation) D:\Games\Steam\Steam.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngine.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Vivaldi Technologies AS) D:\Program Files (x86)\Vivaldi\Application\update_notifier.exe
(Stardock) C:\Program Files (x86)\ObjectDock\ObjectDock.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Stardock) C:\Program Files (x86)\ObjectDock\Dock64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\AOMEI Backupper\ABNotify.exe
(Valve Corporation) D:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Valve Corporation) D:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\wpCtrl.exe
() C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Floater.exe
(Microsoft) C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(BitTorrent Inc.) E:\uTorrent\uTorrent\uTorrent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) D:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.5906\Agent.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.9526\Battle.net.exe
() C:\Program Files (x86)\Battle.net\Battle.net.9526\Battle.net Helper.exe
() C:\Program Files (x86)\Battle.net\Battle.net.9526\Battle.net Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Discord Inc.) C:\Users\McDan\AppData\Local\Discord\app-0.0.298\Discord.exe
(Discord Inc.) C:\Users\McDan\AppData\Local\Discord\app-0.0.298\Discord.exe
(Discord Inc.) C:\Users\McDan\AppData\Local\Discord\app-0.0.298\Discord.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17988216 2017-08-18] (Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => D:\Program Files\iTunes\iTunesHelper.exe [176440 2017-01-19] (Apple Inc.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9072128 2016-11-17] (Realtek Semiconductor)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\WINDOWS\RaidTool\xInsIDE.exe [43608 2010-09-07] ()
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PivotSoftware] => C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe [112424 2013-06-18] ()
HKLM-x32\...\Run: [DT BEN] => C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [122336 2016-12-15] (Portrait Displays, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKLM-x32\...\Run: [ABNotify] => C:\Program Files (x86)\AOMEI Backupper\ABNotify.exe [89968 2016-12-30] ()
HKLM-x32\...\RunOnce: [DualBiosRescue] => C:\Program Files (x86)\GIGABYTE\GigabyteFirmwareUpdateUtility\dbrro.exe [12096 2015-08-19] ()
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-387887694-3816885906-4219055421-1001\...\Run: [Steam] => D:\Games\Steam\steam.exe [3102496 2017-10-31] (Valve Corporation)
HKU\S-1-5-21-387887694-3816885906-4219055421-1001\...\Run: [f.lux] => C:\Users\McDan\AppData\Local\FluxSoftware\Flux\flux.exe [1678840 2017-10-10] (f.lux Software LLC)
HKU\S-1-5-21-387887694-3816885906-4219055421-1001\...\Run: [Hearthstone Deck Tracker] => C:\Users\McDan\AppData\Local\HearthstoneDeckTracker\Update.exe [1522464 2017-01-12] (GitHub)
HKU\S-1-5-21-387887694-3816885906-4219055421-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-01-17] (Apple Inc.)
HKU\S-1-5-21-387887694-3816885906-4219055421-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1091384 2016-12-20] (Apple Inc.)
HKU\S-1-5-21-387887694-3816885906-4219055421-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2017-01-17] (Apple Inc.)
HKU\S-1-5-21-387887694-3816885906-4219055421-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2017-01-17] (Apple Inc.)
HKU\S-1-5-21-387887694-3816885906-4219055421-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2017-01-17] (Apple Inc.)
HKU\S-1-5-21-387887694-3816885906-4219055421-1001\...\Run: [Discord] => C:\Users\McDan\AppData\Local\Discord\app-0.0.298\Discord.exe [57477112 2017-08-08] (Discord Inc.)
HKU\S-1-5-21-387887694-3816885906-4219055421-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-387887694-3816885906-4219055421-1001\...\Run: [Innkeeper] => C:\Users\McDan\AppData\Local\Innkeeper\Update.exe [1888136 2017-01-23] (Innkeeper)
HKU\S-1-5-21-387887694-3816885906-4219055421-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1052488 2017-10-23] ()
HKU\S-1-5-21-387887694-3816885906-4219055421-1001\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe [17606656 2017-08-25] ()
HKU\S-1-5-21-387887694-3816885906-4219055421-1001\...\Run: [Vivaldi Update Notifier] => D:\Program Files (x86)\Vivaldi\Application\update_notifier.exe [4717688 2017-10-27] (Vivaldi Technologies AS)
Startup: C:\Users\McDan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk [2017-02-13]
ShortcutTarget: Stardock ObjectDock.lnk -> C:\Program Files (x86)\ObjectDock\ObjectDock.exe (Stardock)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{40671168-f9d8-45a6-95d8-573e29a6b257}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{4ece8911-8f0f-45e9-90b1-0ae3eafea030}: [DhcpNameServer] 213.46.172.37 213.46.172.36

Internet Explorer:
==================
HKU\S-1-5-21-387887694-3816885906-4219055421-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.cz/
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-02-21] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-02-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-10-17] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-02-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-17] (Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-02-21] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-02-21] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-02-21] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-02-21] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-02-21] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-02-21] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-02-21] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-02-21] (Microsoft Corporation)

Edge:
======
Edge Session Restore: HKU\S-1-5-21-387887694-3816885906-4219055421-1001 -> is enabled.
Edge Extension: (Adblock Plus) -> 10_EyeoGmbHAdblockPlus_d55gg7py3s0m0 => C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.9.0_neutral__d55gg7py3s0m0 [2017-05-19]
Edge Extension: (BetterTTV) -> EdgeExtension_NightDevLLCBetterTTV_em2bntgxg4wdp => C:\Program Files\WindowsApps\NightDevLLC.BetterTTV_7.2.0.0_neutral__em2bntgxg4wdp [2017-08-12]

FireFox:
========
FF DefaultProfile: glb3s4lh.default
FF ProfilePath: C:\Users\McDan\AppData\Roaming\Mozilla\Firefox\Profiles\glb3s4lh.default [2017-11-17]
FF Homepage: Mozilla\Firefox\Profiles\glb3s4lh.default -> google.cz
FF Session Restore: Mozilla\Firefox\Profiles\glb3s4lh.default -> is enabled.
FF Extension: (AutoAuth) - C:\Users\McDan\AppData\Roaming\Mozilla\Firefox\Profiles\glb3s4lh.default\Extensions\autoauth@efinke.com.xpi [2017-01-23] [Lagacy]
FF Extension: (BetterTTV) - C:\Users\McDan\AppData\Roaming\Mozilla\Firefox\Profiles\glb3s4lh.default\Extensions\firefox@betterttv.net.xpi [2017-09-11]
FF Extension: (Ghostery) - C:\Users\McDan\AppData\Roaming\Mozilla\Firefox\Profiles\glb3s4lh.default\Extensions\firefox@ghostery.com.xpi [2017-10-30]
FF Extension: (Bezpečné přihlášení) - C:\Users\McDan\AppData\Roaming\Mozilla\Firefox\Profiles\glb3s4lh.default\Extensions\secureLogin@blueimp.net.xpi [2017-02-25] [Lagacy]
FF Extension: (Prosím vložte své heslo) - C:\Users\McDan\AppData\Roaming\Mozilla\Firefox\Profiles\glb3s4lh.default\Extensions\stefanvandamme@stefanvd.net.xpi [2017-09-29]
FF Extension: (uBlock Origin) - C:\Users\McDan\AppData\Roaming\Mozilla\Firefox\Profiles\glb3s4lh.default\Extensions\uBlock0@raymondhill.net.xpi [2017-11-09]
FF Extension: (Adblock Plus) - C:\Users\McDan\AppData\Roaming\Mozilla\Firefox\Profiles\glb3s4lh.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-11-08]
FF Extension: (Greasemonkey) - C:\Users\McDan\AppData\Roaming\Mozilla\Firefox\Profiles\glb3s4lh.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2017-11-02]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-23] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-02-21] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-12] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-23] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-17] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-02-21] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-09-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-09-16] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-12] (Adobe Systems)

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\McDan\AppData\Local\Google\Chrome\User Data\Default [2017-11-17]
CHR Extension: (Prezentace) - C:\Users\McDan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-15]
CHR Extension: (BetterTTV) - C:\Users\McDan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2017-04-21]
CHR Extension: (Dokumenty) - C:\Users\McDan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-15]
CHR Extension: (Disk Google) - C:\Users\McDan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-22]
CHR Extension: (Dark Skin for Youtube™) - C:\Users\McDan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfeknfgchonpnofdjokchhdhdnddhglm [2017-08-31]
CHR Extension: (Pop up blocker for Chrome™ - Poper Blocker) - C:\Users\McDan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2017-11-07]
CHR Extension: (YouTube) - C:\Users\McDan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-22]
CHR Extension: (Chrome IG Story) - C:\Users\McDan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bojgejgifofondahckoaahkilneffhmf [2017-10-12]
CHR Extension: (Steam Inventory Helper) - C:\Users\McDan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2017-11-17]
CHR Extension: (Who Deleted Me - Unfriend Finder) - C:\Users\McDan\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiepnnbjenknnjgabbodaihlnkkpkgll [2017-08-09]
CHR Extension: (FrankerFaceZ) - C:\Users\McDan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2017-10-07]
CHR Extension: (Tabulky) - C:\Users\McDan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\McDan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-22]
CHR Extension: (AdBlock) - C:\Users\McDan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-11-14]
CHR Extension: (Mauf - Custom Messenger Colors) - C:\Users\McDan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfjnmganegfpajpgchndgfjbljnehink [2017-04-28]
CHR Extension: (Twitter unfollow) - C:\Users\McDan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmbbkpclbfmdacknjehonbfcilcfnkmb [2017-01-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\McDan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-24]
CHR Extension: (Unfriend Finder) - C:\Users\McDan\AppData\Local\Google\Chrome\User Data\Default\Extensions\olljnkilmblncgcghhaodkpdcnokhpah [2017-01-22]
CHR Extension: (Gmail) - C:\Users\McDan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-22]
CHR Extension: (Chrome Media Router) - C:\Users\McDan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-24]
CHR Extension: (Google Drive) - C:\Users\McDan\AppData\Roaming\Microsoft\Explorer\Libraries [2017-02-04]

Opera:
=======
StartMenuInternet: (HKLM) Operadeveloper - C:\Program Files\Opera developer\Launcher.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-12] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [122728 2016-12-30] (AOMEI Tech Co., Ltd.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6971400 2017-11-10] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3702472 2017-01-29] (Microsoft Corporation)
R2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [142816 2016-12-15] (Portrait Displays, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [529056 2017-11-10] (EasyAntiCheat Ltd)
R2 EasyTuneEngineService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe [144816 2017-03-27] (GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2770312 2017-01-22] (ESET)
R2 gadjservice; C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe [17920 2015-06-25] () [File not signed]
R2 GamingApp_Service; D:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe [47056 2017-02-17] (Micro-Star Int'l Co., Ltd.)
R2 GamingHotkey_Service; D:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe [2019792 2016-10-13] (Micro-Star INT'L CO., LTD.)
R2 Gservice; C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe [19888 2016-12-02] (Microsoft)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-26] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-10-05] (Intel Corporation)
R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [72280 2010-09-07] ()
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-08-18] (Logitech Inc.)
R2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [75192 2017-04-05] (Micro-Star INT'L CO., LTD.)
S2 MxService; D:\Program Files (x86)\Maxthon5\Bin\MxService.exe [143648 2017-09-28] (Maxthon International ltd.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-09-16] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [460736 2017-10-11] (NVIDIA Corporation)
S2 OcButtonService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\OcButtonService.exe [123312 2017-03-27] (GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1451336 2017-10-23] (Overwolf LTD)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [147792 2017-04-18] (Razer Inc)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [183680 2017-04-14] (Razer Inc.)
S3 RzKLService; D:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [252176 2017-04-28] (Razer Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18264 2017-05-11] (Intel(R) Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2016-12-22] ()
R2 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [171952 2016-12-22] ()
R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [38320 2016-12-22] ()
R3 e1dexpress; C:\WINDOWS\system32\DRIVERS\e1d65x64.sys [544744 2017-09-01] (Intel Corporation)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [262792 2017-01-22] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15488 2017-01-22] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [197248 2017-01-22] (ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [153216 2017-01-22] (ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [208520 2017-01-22] (ESET)
R1 EpfwLWF; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [61568 2017-01-22] (ESET)
R0 epfwwfp; C:\WINDOWS\System32\DRIVERS\epfwwfp.sys [84616 2017-01-22] (ESET)
S3 FairplayKD; C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [78856 2017-03-06] (Multi Theft Auto)
S3 GVTDrv64; C:\WINDOWS\GVTDrv64.sys [30528 2017-07-14] ()
R3 I2cHkBurn; C:\WINDOWS\system32\drivers\I2cHkBurn.sys [41760 2015-07-27] (FINTEK Corp.)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [37912 2017-04-18] (Intel Corporation)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2016-12-20] (Logitech Inc.)
S3 LGSHidFilt; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [64280 2016-12-20] (Logitech Inc.)
S3 LGSUsbFilt; C:\WINDOWS\system32\DRIVERS\LGSUsbFilt.Sys [41752 2016-12-20] (Logitech Inc.)
R3 NTIOLib_ACTIVE_X; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\NTIOLib_X64.sys [13776 2016-04-12] (MSI)
S3 NTIOLib_MBAPI; D:\Program Files (x86)\MSI\Gaming APP\Lib\NTIOLib_X64.sys [14288 2017-03-08] (MSI)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_63f40b686fe9309f\nvlddmkm.sys [15619320 2017-09-18] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-10-11] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50624 2017-10-11] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-10-11] (NVIDIA Corporation)
S3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek )
S3 RTCore64; D:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13512 2015-12-09] ()
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [137840 2016-10-08] (Razer, Inc.)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2016-10-18] ()
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [220672 2017-03-18] (Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 AODDriver; \??\C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver.sys [X]
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-17 17:24 - 2017-11-17 17:24 - 000112640 _____ (forum.viry.cz) C:\Users\McDan\Desktop\Nepotvrzeno 579549.crdownload
2017-11-17 17:24 - 2017-11-17 17:24 - 000036869 _____ C:\Users\McDan\Desktop\FRST.txt
2017-11-17 17:23 - 2017-11-17 17:24 - 000000000 ____D C:\FRST
2017-11-17 17:23 - 2017-11-17 17:23 - 002392576 _____ (Farbar) C:\Users\McDan\Desktop\FRST64.exe
2017-11-17 17:23 - 2017-11-17 17:23 - 000112640 _____ (forum.viry.cz) C:\Users\McDan\Desktop\Nepotvrzeno 694297.crdownload
2017-11-15 17:22 - 2017-11-15 17:22 - 000000000 ____D C:\WINDOWS\Panther
2017-11-15 17:19 - 2017-11-15 17:19 - 000001314 _____ C:\Users\McDan\Desktop\Marvels Daredevil S02 Season 2 Complete 720p WEBRip x265 AAC E-Subs [GWC] – zástupce.lnk
2017-11-15 14:20 - 2017-11-15 14:20 - 000000208 _____ C:\Users\McDan\Desktop\Rust.url
2017-11-15 14:18 - 2017-11-15 14:18 - 000000000 ____D C:\Users\McDan\AppData\Roaming\EasyAntiCheat
2017-11-15 14:18 - 2017-11-15 14:18 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2017-11-14 17:09 - 2017-11-14 17:09 - 000000208 _____ C:\Users\McDan\Desktop\PLAYERUNKNOWN'S BATTLEGROUNDS (Test Server).url
2017-11-12 14:46 - 2017-11-12 14:47 - 000000082 _____ C:\Users\McDan\Desktop\IKEA family karty.txt
2017-11-12 14:46 - 2017-11-12 14:46 - 000057865 _____ C:\Users\McDan\Desktop\ikea-family-card-6275980254607296000.pdf
2017-11-10 04:27 - 2017-01-23 02:49 - 000000185 _____ C:\Users\McDan\Desktop\Heroes of Newerth.url
2017-11-08 23:56 - 2017-11-09 21:23 - 000000164 _____ C:\Users\McDan\Desktop\prime.txt
2017-10-30 14:19 - 2017-10-30 14:19 - 001620438 _____ C:\Users\McDan\Desktop\V Pražském hudebním after klubu Ateliér .mp4
2017-10-28 14:31 - 2017-10-28 14:31 - 000000208 _____ C:\Users\McDan\Desktop\PLAYERUNKNOWN'S BATTLEGROUNDS.url
2017-10-22 03:29 - 2017-10-22 03:29 - 000000000 ____D C:\Users\McDan\AppData\Local\Tempzxpsign556ae5d7bf06d93e
2017-10-22 03:29 - 2017-10-22 03:29 - 000000000 ____D C:\Users\McDan\AppData\Local\Tempzxpsign4f2357ab5e30be60

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-17 17:19 - 2017-01-23 00:05 - 000000000 ____D C:\Users\McDan\AppData\Roaming\vlc
2017-11-17 17:17 - 2017-01-23 03:01 - 000000000 ____D C:\Users\McDan\AppData\Local\Battle.net
2017-11-17 16:25 - 2017-05-22 12:20 - 000000000 ____D C:\Users\McDan
2017-11-17 16:25 - 2017-01-23 03:01 - 000000000 ____D C:\Program Files (x86)\Battle.net
2017-11-17 16:03 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-11-17 15:55 - 2017-01-22 22:43 - 000000000 ____D C:\Users\McDan\AppData\Local\ElevatedDiagnostics
2017-11-17 15:39 - 2017-05-22 12:37 - 003023026 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-17 15:39 - 2017-03-20 05:39 - 001382604 _____ C:\WINDOWS\system32\perfh005.dat
2017-11-17 15:39 - 2017-03-20 05:39 - 000345276 _____ C:\WINDOWS\system32\perfc005.dat
2017-11-17 15:34 - 2017-05-22 12:20 - 000000000 ____D C:\ProgramData\NVIDIA
2017-11-17 15:34 - 2017-01-23 17:17 - 000000000 ____D C:\Users\McDan\AppData\Local\Overwolf
2017-11-17 15:33 - 2017-07-14 05:10 - 000026192 ____N (Windows (R) Server 2003 DDK provider) C:\WINDOWS\gdrv.sys
2017-11-17 15:33 - 2017-05-22 12:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-11-17 15:33 - 2017-03-18 12:40 - 001572864 _____ C:\WINDOWS\system32\config\BBI
2017-11-17 15:33 - 2017-03-04 00:29 - 000000000 ___RD C:\Users\McDan\iCloudDrive
2017-11-17 15:33 - 2017-02-03 15:57 - 000000082 _____ C:\WINDOWS\SysWOW64\winsevr.dat
2017-11-17 15:33 - 2017-02-03 15:56 - 000000000 ____D C:\Program Files (x86)\AOMEI Backupper
2017-11-17 15:33 - 2017-01-23 00:33 - 000000000 ____D C:\Users\McDan\Documents\Soubory aplikace Outlook
2017-11-17 14:54 - 2017-05-22 12:19 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-11-17 13:54 - 2017-01-23 00:07 - 000000000 ____D C:\Users\McDan\AppData\LocalLow\Mozilla
2017-11-17 13:46 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-11-17 13:46 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-11-17 02:00 - 2017-01-23 15:08 - 000000000 ____D C:\Users\McDan\AppData\Local\Adobe
2017-11-16 17:55 - 2017-05-22 12:20 - 000018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2017-11-15 17:27 - 2017-05-22 12:33 - 000003962 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1487686086
2017-11-15 17:27 - 2017-02-21 15:08 - 000001152 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera developer.lnk
2017-11-15 17:27 - 2017-02-21 15:07 - 000000000 ____D C:\Program Files\Opera developer
2017-11-14 00:26 - 2017-01-22 22:28 - 000002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-14 00:19 - 2017-05-22 12:33 - 000003470 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-11-14 00:19 - 2017-05-22 12:33 - 000003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-11-12 13:27 - 2017-01-22 21:57 - 000000000 ____D C:\Users\McDan\AppData\Local\Comms
2017-11-12 01:26 - 2017-01-24 21:58 - 000000000 ____D C:\Users\McDan\AppData\Roaming\TS3Client
2017-11-11 22:51 - 2017-08-11 19:36 - 000000000 ____D C:\Users\McDan\AppData\Roaming\Twitch
2017-11-11 21:18 - 2017-09-28 08:29 - 000001135 _____ C:\Users\McDan\Desktop\Vivaldi.lnk
2017-11-11 21:18 - 2017-09-28 08:29 - 000001135 _____ C:\Users\McDan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vivaldi.lnk
2017-11-08 14:55 - 2017-08-02 22:00 - 000000000 ____D C:\Users\McDan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Innkeeper
2017-11-08 14:55 - 2017-08-02 22:00 - 000000000 ____D C:\Users\McDan\AppData\Local\Innkeeper
2017-11-08 14:55 - 2017-01-29 14:31 - 000000000 ____D C:\Users\McDan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HearthSim
2017-11-08 14:55 - 2017-01-29 14:31 - 000000000 ____D C:\Users\McDan\AppData\Local\SquirrelTemp
2017-11-08 14:55 - 2017-01-29 14:31 - 000000000 ____D C:\Users\McDan\AppData\Local\HearthstoneDeckTracker
2017-11-07 14:45 - 2017-09-09 00:51 - 000003360 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-387887694-3816885906-4219055421-1001
2017-11-07 14:45 - 2017-01-22 21:42 - 000002424 _____ C:\Users\McDan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-11-06 23:46 - 2017-01-22 23:03 - 000000000 ____D C:\Users\McDan\AppData\Local\CrashDumps
2017-11-06 19:35 - 2017-01-23 03:06 - 000000000 ____D C:\Program Files (x86)\Hearthstone
2017-11-05 22:49 - 2017-01-24 11:29 - 000000000 ____D C:\Program Files (x86)\BSPlayer
2017-10-27 19:38 - 2017-01-24 21:58 - 000000000 ____D C:\Program Files (x86)\Overwolf
2017-10-24 16:44 - 2017-05-22 12:19 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-10-19 15:42 - 2017-01-22 21:41 - 000000000 ____D C:\Users\McDan\AppData\Local\Packages
2017-10-19 11:45 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\rescache
2017-10-18 11:03 - 2017-03-04 00:29 - 000000000 ____D C:\Users\McDan\AppData\Local\5E1464E1-6945-4005-9B60-CAC69BAF6076.aplzod

==================== Files in the root of some directories =======

2017-01-31 16:34 - 2017-09-28 13:48 - 000000033 _____ () C:\Users\McDan\AppData\Roaming\AdobeWLCMCache.dat
2017-01-31 14:20 - 2017-01-31 14:22 - 000000028 _____ () C:\Users\McDan\AppData\Roaming\kulerdata.json
2017-07-16 02:52 - 2017-07-17 00:32 - 000728064 _____ () C:\Users\McDan\AppData\Local\file__0.localstorage
2017-01-23 00:54 - 2017-07-25 04:19 - 000007615 _____ () C:\Users\McDan\AppData\Local\resmon.resmoncfg

Some files in TEMP:
====================
2017-11-14 03:40 - 2017-11-16 00:52 - 000000000 _____ () C:\Users\McDan\AppData\Local\Temp\00e481b5e22dbe1f649fcddd505d3eb7.dll
2017-11-14 03:40 - 2017-11-16 00:52 - 000000016 _____ () C:\Users\McDan\AppData\Local\Temp\0415d8a817eefb9fcf90b70dba9072c2.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-11-09 14:26

==================== End of FRST.txt ============================


Nahoru
 Profil  
Odpovědět s citací  
PříspěvekNapsal: 17 lis 2017 18:09 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 101529
Bydliště: Plzeň
OK. Teď spusťte tuto utilitu:

Citace:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
Odpovědět s citací  
PříspěvekNapsal: 17 lis 2017 23:42 
Offline
Návštěvník
Návštěvník

Registrován: 16 lis 2017 19:01
Příspěvky: 10
Citace:
# AdwCleaner 7.0.4.0 - Logfile created on Fri Nov 17 22:35:53 2017
# Updated on 2017/27/10 by Malwarebytes
# Running on Windows 10 Pro (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\ProgramData\IObit\Advanced SystemCare
Deleted: C:\Windows\System32\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
Deleted: C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
Deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
Deleted: C:\Users\All Users\IObit\Advanced SystemCare
Deleted: C:\Users\McDan\AppData\LocalLow\IObit\Advanced SystemCare
Deleted: C:\Users\McDan\AppData\Roaming\IObit\Advanced SystemCare
Deleted: C:\ProgramData\IObit\ASCDownloader
Deleted: C:\Users\All Users\IObit\ASCDownloader


***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\IOBIT\ASC
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{CA76D6E3-8A09-4FCF-B68D-A3B072ACD7A0}
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{224D3F04-CDDD-461A-A4BB-B37F76897B02}
Deleted: [Value] - HKU\S-1-5-21-387887694-3816885906-4219055421-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Advanced SystemCare 10
Deleted: [Key] - HKLM\SOFTWARE\Conduit
Deleted: [Key] - HKU\S-1-5-21-387887694-3816885906-4219055421-1001\Software\Conduit
Deleted: [Key] - HKCU\Software\Conduit


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

SearchProvider deleted: torrentz.colorask.com - torrentz.colorask.com
SearchProvider deleted: Slunečnice - slunecnice.cz


*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [2713 B] - [2017/11/17 22:35:30]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########


Nahoru
 Profil  
Odpovědět s citací  
PříspěvekNapsal: 18 lis 2017 18:01 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 101529
Bydliště: Plzeň
Dejte nový log FRST.

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
Odpovědět s citací  
PříspěvekNapsal: 21 lis 2017 19:51 
Offline
Návštěvník
Návštěvník

Registrován: 16 lis 2017 19:01
Příspěvky: 10
Omlouvam se, za pozdni odpoved.

Citace:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-11-2017
Ran by McDan (administrator) on MCDANPC (21-11-2017 19:49:15)
Running from C:\Users\McDan\Desktop
Loaded Profiles: McDan (Available Profiles: McDan)
Platform: Windows 10 Pro Version 1703 15063.674 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper\ABService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
() C:\Windows\SysWOW64\XSrvSetup.exe
() C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Micro-Star Int'l Co., Ltd.) D:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
(Micro-Star INT'L CO., LTD.) D:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\VideoCardMonitorII.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\EyeRest.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\TriggerModeMonitor.exe
(GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(MSI) C:\Windows\SysWOW64\muachost.exe
(Micro-Star INT'L CO., LTD.) D:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe
(Micro-Star INT'L CO., LTD.) D:\Program Files (x86)\MSI\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe
(Micro-Star INT'L CO., LTD.) D:\Program Files (x86)\MSI\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe
(Micro-Star Int'l Co., Ltd.) D:\Program Files (x86)\MSI\Gaming APP\MSI_LED.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft) C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Stardock) C:\Program Files (x86)\ObjectDock\ObjectDock.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Stardock) C:\Program Files (x86)\ObjectDock\Dock64.exe
() C:\Program Files (x86)\AOMEI Backupper\ABNotify.exe
() C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\wpCtrl.exe
() C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Floater.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11710.1001.27.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8700.40675.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8700.40675.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.OneNote_17.8730.20741.0_x64__8wekyb3d8bbwe\onenoteim.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1709.2703.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17988216 2017-08-18] (Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => D:\Program Files\iTunes\iTunesHelper.exe [176440 2017-01-19] (Apple Inc.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9072128 2016-11-17] (Realtek Semiconductor)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\WINDOWS\RaidTool\xInsIDE.exe [43608 2010-09-07] ()
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PivotSoftware] => C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe [112424 2013-06-18] ()
HKLM-x32\...\Run: [DT BEN] => C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [122336 2016-12-15] (Portrait Displays, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKLM-x32\...\Run: [ABNotify] => C:\Program Files (x86)\AOMEI Backupper\ABNotify.exe [89968 2016-12-30] ()
HKLM-x32\...\RunOnce: [DualBiosRescue] => C:\Program Files (x86)\GIGABYTE\GigabyteFirmwareUpdateUtility\dbrro.exe [12096 2015-08-19] ()
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-387887694-3816885906-4219055421-1001\...\Run: [Steam] => D:\Games\Steam\steam.exe [3102496 2017-10-31] (Valve Corporation)
HKU\S-1-5-21-387887694-3816885906-4219055421-1001\...\Run: [f.lux] => C:\Users\McDan\AppData\Local\FluxSoftware\Flux\flux.exe [1678840 2017-10-10] (f.lux Software LLC)
HKU\S-1-5-21-387887694-3816885906-4219055421-1001\...\Run: [Hearthstone Deck Tracker] => C:\Users\McDan\AppData\Local\HearthstoneDeckTracker\Update.exe [1522464 2017-01-12] (GitHub)
HKU\S-1-5-21-387887694-3816885906-4219055421-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-01-17] (Apple Inc.)
HKU\S-1-5-21-387887694-3816885906-4219055421-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1091384 2016-12-20] (Apple Inc.)
HKU\S-1-5-21-387887694-3816885906-4219055421-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2017-01-17] (Apple Inc.)
HKU\S-1-5-21-387887694-3816885906-4219055421-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2017-01-17] (Apple Inc.)
HKU\S-1-5-21-387887694-3816885906-4219055421-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2017-01-17] (Apple Inc.)
HKU\S-1-5-21-387887694-3816885906-4219055421-1001\...\Run: [Discord] => C:\Users\McDan\AppData\Local\Discord\app-0.0.298\Discord.exe [57477112 2017-08-08] (Discord Inc.)
HKU\S-1-5-21-387887694-3816885906-4219055421-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-387887694-3816885906-4219055421-1001\...\Run: [Innkeeper] => C:\Users\McDan\AppData\Local\Innkeeper\Update.exe [1888136 2017-01-23] (Innkeeper)
HKU\S-1-5-21-387887694-3816885906-4219055421-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1052488 2017-11-12] ()
HKU\S-1-5-21-387887694-3816885906-4219055421-1001\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe [17606656 2017-08-25] ()
HKU\S-1-5-21-387887694-3816885906-4219055421-1001\...\Run: [Vivaldi Update Notifier] => D:\Program Files (x86)\Vivaldi\Application\update_notifier.exe [4717688 2017-10-27] (Vivaldi Technologies AS)
Startup: C:\Users\McDan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk [2017-02-13]
ShortcutTarget: Stardock ObjectDock.lnk -> C:\Program Files (x86)\ObjectDock\ObjectDock.exe (Stardock)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{40671168-f9d8-45a6-95d8-573e29a6b257}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{4ece8911-8f0f-45e9-90b1-0ae3eafea030}: [DhcpNameServer] 213.46.172.37 213.46.172.36

Internet Explorer:
==================
HKU\S-1-5-21-387887694-3816885906-4219055421-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.cz/
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-02-21] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-02-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-10-17] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-02-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-17] (Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-02-21] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-02-21] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-02-21] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-02-21] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-02-21] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-02-21] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-02-21] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-02-21] (Microsoft Corporation)

Edge:
======
Edge Session Restore: HKU\S-1-5-21-387887694-3816885906-4219055421-1001 -> is enabled.
Edge Extension: (Adblock Plus) -> 10_EyeoGmbHAdblockPlus_d55gg7py3s0m0 => C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.9.0_neutral__d55gg7py3s0m0 [2017-05-19]
Edge Extension: (BetterTTV) -> EdgeExtension_NightDevLLCBetterTTV_em2bntgxg4wdp => C:\Program Files\WindowsApps\NightDevLLC.BetterTTV_7.2.0.0_neutral__em2bntgxg4wdp [2017-08-12]

FireFox:
========
FF DefaultProfile: glb3s4lh.default
FF ProfilePath: C:\Users\McDan\AppData\Roaming\Mozilla\Firefox\Profiles\glb3s4lh.default [2017-11-21]
FF Homepage: Mozilla\Firefox\Profiles\glb3s4lh.default -> google.cz
FF Session Restore: Mozilla\Firefox\Profiles\glb3s4lh.default -> is enabled.
FF Extension: (AutoAuth) - C:\Users\McDan\AppData\Roaming\Mozilla\Firefox\Profiles\glb3s4lh.default\Extensions\autoauth@efinke.com.xpi [2017-11-21]
FF Extension: (BetterTTV) - C:\Users\McDan\AppData\Roaming\Mozilla\Firefox\Profiles\glb3s4lh.default\Extensions\firefox@betterttv.net.xpi [2017-09-11]
FF Extension: (Ghostery) - C:\Users\McDan\AppData\Roaming\Mozilla\Firefox\Profiles\glb3s4lh.default\Extensions\firefox@ghostery.com.xpi [2017-10-30]
FF Extension: (Bezpečné přihlášení) - C:\Users\McDan\AppData\Roaming\Mozilla\Firefox\Profiles\glb3s4lh.default\Extensions\secureLogin@blueimp.net.xpi [2017-02-25] [Lagacy]
FF Extension: (Prosím vložte své heslo) - C:\Users\McDan\AppData\Roaming\Mozilla\Firefox\Profiles\glb3s4lh.default\Extensions\stefanvandamme@stefanvd.net.xpi [2017-09-29]
FF Extension: (uBlock Origin) - C:\Users\McDan\AppData\Roaming\Mozilla\Firefox\Profiles\glb3s4lh.default\Extensions\uBlock0@raymondhill.net.xpi [2017-11-09]
FF Extension: (Adblock Plus) - C:\Users\McDan\AppData\Roaming\Mozilla\Firefox\Profiles\glb3s4lh.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-11-08]
FF Extension: (Greasemonkey) - C:\Users\McDan\AppData\Roaming\Mozilla\Firefox\Profiles\glb3s4lh.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2017-11-02]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-23] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-02-21] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-12] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-23] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-17] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-02-21] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-09-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-09-16] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-12] (Adobe Systems)

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR DefaultSearchURL: Default -> hxxp://www.google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8&aq=t
CHR DefaultSuggestURL: Default -> hxxp://suggestqueries.google.com/complete/search?q={searchTerms}
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\McDan\AppData\Local\Google\Chrome\User Data\Default [2017-11-21]
CHR Extension: (Prezentace) - C:\Users\McDan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-15]
CHR Extension: (BetterTTV) - C:\Users\McDan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2017-11-19]
CHR Extension: (Dokumenty) - C:\Users\McDan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-15]
CHR Extension: (Disk Google) - C:\Users\McDan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-22]
CHR Extension: (Dark Skin for Youtube™) - C:\Users\McDan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfeknfgchonpnofdjokchhdhdnddhglm [2017-08-31]
CHR Extension: (Pop up blocker for Chrome™ - Poper Blocker) - C:\Users\McDan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2017-11-07]
CHR Extension: (YouTube) - C:\Users\McDan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-22]
CHR Extension: (Chrome IG Story) - C:\Users\McDan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bojgejgifofondahckoaahkilneffhmf [2017-10-12]
CHR Extension: (Steam Inventory Helper) - C:\Users\McDan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2017-11-17]
CHR Extension: (Who Deleted Me - Unfriend Finder) - C:\Users\McDan\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiepnnbjenknnjgabbodaihlnkkpkgll [2017-08-09]
CHR Extension: (FrankerFaceZ) - C:\Users\McDan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2017-10-07]
CHR Extension: (Tabulky) - C:\Users\McDan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\McDan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-22]
CHR Extension: (AdBlock) - C:\Users\McDan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-11-14]
CHR Extension: (Mauf - Custom Messenger Colors) - C:\Users\McDan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfjnmganegfpajpgchndgfjbljnehink [2017-04-28]
CHR Extension: (Twitter unfollow) - C:\Users\McDan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmbbkpclbfmdacknjehonbfcilcfnkmb [2017-01-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\McDan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-24]
CHR Extension: (Unfriend Finder) - C:\Users\McDan\AppData\Local\Google\Chrome\User Data\Default\Extensions\olljnkilmblncgcghhaodkpdcnokhpah [2017-01-22]
CHR Extension: (Gmail) - C:\Users\McDan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-22]
CHR Extension: (Chrome Media Router) - C:\Users\McDan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-24]
CHR Extension: (Google Drive) - C:\Users\McDan\AppData\Roaming\Microsoft\Explorer\Libraries [2017-02-04]

Opera:
=======
StartMenuInternet: (HKLM) Operadeveloper - C:\Program Files\Opera developer\Launcher.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-12] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [122728 2016-12-30] (AOMEI Tech Co., Ltd.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6971400 2017-11-10] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3702472 2017-01-29] (Microsoft Corporation)
R2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [142816 2016-12-15] (Portrait Displays, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [529056 2017-11-10] (EasyAntiCheat Ltd)
R2 EasyTuneEngineService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe [144816 2017-03-27] (GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2770312 2017-01-22] (ESET)
R2 gadjservice; C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe [17920 2015-06-25] () [File not signed]
R2 GamingApp_Service; D:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe [47056 2017-02-17] (Micro-Star Int'l Co., Ltd.)
R2 GamingHotkey_Service; D:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe [2019792 2016-10-13] (Micro-Star INT'L CO., LTD.)
R2 Gservice; C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe [19888 2016-12-02] (Microsoft)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-26] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-10-05] (Intel Corporation)
R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [72280 2010-09-07] ()
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-08-18] (Logitech Inc.)
R2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [75192 2017-04-05] (Micro-Star INT'L CO., LTD.)
S2 MxService; D:\Program Files (x86)\Maxthon5\Bin\MxService.exe [143648 2017-09-28] (Maxthon International ltd.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-09-16] (NVIDIA Corporation)
S2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [460736 2017-10-11] (NVIDIA Corporation)
S2 OcButtonService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\OcButtonService.exe [123312 2017-03-27] (GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1451336 2017-11-12] (Overwolf LTD)
S2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [147792 2017-04-18] (Razer Inc)
S2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [183680 2017-04-14] (Razer Inc.)
S3 RzKLService; D:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [252176 2017-04-28] (Razer Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18264 2017-05-11] (Intel(R) Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2016-12-22] ()
R2 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [171952 2016-12-22] ()
R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [38320 2016-12-22] ()
R3 e1dexpress; C:\WINDOWS\system32\DRIVERS\e1d65x64.sys [544744 2017-09-01] (Intel Corporation)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [262792 2017-01-22] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15488 2017-01-22] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [197248 2017-01-22] (ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [153216 2017-01-22] (ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [208520 2017-01-22] (ESET)
R1 EpfwLWF; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [61568 2017-01-22] (ESET)
R0 epfwwfp; C:\WINDOWS\System32\DRIVERS\epfwwfp.sys [84616 2017-01-22] (ESET)
S3 FairplayKD; C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [78856 2017-03-06] (Multi Theft Auto)
S3 GVTDrv64; C:\WINDOWS\GVTDrv64.sys [30528 2017-07-14] ()
R3 I2cHkBurn; C:\WINDOWS\system32\drivers\I2cHkBurn.sys [41760 2015-07-27] (FINTEK Corp.)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [37912 2017-04-18] (Intel Corporation)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2016-12-20] (Logitech Inc.)
S3 LGSHidFilt; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [64280 2016-12-20] (Logitech Inc.)
S3 LGSUsbFilt; C:\WINDOWS\system32\DRIVERS\LGSUsbFilt.Sys [41752 2016-12-20] (Logitech Inc.)
R3 NTIOLib_ACTIVE_X; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\NTIOLib_X64.sys [13776 2016-04-12] (MSI)
R3 NTIOLib_MBAPI; D:\Program Files (x86)\MSI\Gaming APP\Lib\NTIOLib_X64.sys [14288 2017-03-08] (MSI)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_63f40b686fe9309f\nvlddmkm.sys [15619320 2017-09-18] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-10-11] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50624 2017-10-11] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-10-11] (NVIDIA Corporation)
S3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek )
S3 RTCore64; D:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13512 2015-12-09] ()
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [137840 2016-10-08] (Razer, Inc.)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2016-10-18] ()
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [220672 2017-03-18] (Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 AODDriver; \??\C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver.sys [X]
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-21 14:18 - 2017-11-21 14:18 - 003328736 _____ C:\Users\McDan\Desktop\16829695_1351037498357282_8693153612584452096_n.mp4
2017-11-21 14:17 - 2017-11-21 14:17 - 002650434 _____ C:\Users\McDan\Desktop\19557721_1516771195078438_4054337252115873792_n.mp4
2017-11-17 23:34 - 2017-11-17 23:35 - 000000000 ____D C:\AdwCleaner
2017-11-17 23:33 - 2017-11-17 23:33 - 008261584 _____ (Malwarebytes) C:\Users\McDan\Desktop\adwcleaner_7.0.4.0.exe
2017-11-17 17:34 - 2017-11-17 17:34 - 000000000 ____D C:\Users\McDan\Desktop\Avatars
2017-11-17 17:24 - 2017-11-21 19:49 - 000030953 _____ C:\Users\McDan\Desktop\FRST.txt
2017-11-17 17:24 - 2017-11-17 17:24 - 000098674 _____ C:\Users\McDan\Desktop\Addition.txt
2017-11-17 17:23 - 2017-11-21 19:49 - 000000000 ____D C:\FRST
2017-11-17 17:23 - 2017-11-17 17:23 - 002392576 _____ (Farbar) C:\Users\McDan\Desktop\FRST64.exe
2017-11-15 17:22 - 2017-11-15 17:22 - 000000000 ____D C:\WINDOWS\Panther
2017-11-15 17:19 - 2017-11-15 17:19 - 000001314 _____ C:\Users\McDan\Desktop\Marvels Daredevil S02 Season 2 Complete 720p WEBRip x265 AAC E-Subs [GWC] – zástupce.lnk
2017-11-15 14:20 - 2017-11-15 14:20 - 000000208 _____ C:\Users\McDan\Desktop\Rust.url
2017-11-15 14:18 - 2017-11-15 14:18 - 000000000 ____D C:\Users\McDan\AppData\Roaming\EasyAntiCheat
2017-11-15 14:18 - 2017-11-15 14:18 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2017-11-14 17:09 - 2017-11-14 17:09 - 000000208 _____ C:\Users\McDan\Desktop\PLAYERUNKNOWN'S BATTLEGROUNDS (Test Server).url
2017-11-12 14:46 - 2017-11-12 14:47 - 000000082 _____ C:\Users\McDan\Desktop\IKEA family karty.txt
2017-11-12 14:46 - 2017-11-12 14:46 - 000057865 _____ C:\Users\McDan\Desktop\ikea-family-card-6275980254607296000.pdf
2017-11-10 04:27 - 2017-01-23 02:49 - 000000185 _____ C:\Users\McDan\Desktop\Heroes of Newerth.url
2017-11-08 23:56 - 2017-11-09 21:23 - 000000164 _____ C:\Users\McDan\Desktop\prime.txt
2017-10-30 14:19 - 2017-10-30 14:19 - 001620438 _____ C:\Users\McDan\Desktop\V Pražském hudebním after klubu Ateliér .mp4
2017-10-28 14:31 - 2017-10-28 14:31 - 000000208 _____ C:\Users\McDan\Desktop\PLAYERUNKNOWN'S BATTLEGROUNDS.url
2017-10-22 03:29 - 2017-10-22 03:29 - 000000000 ____D C:\Users\McDan\AppData\Local\Tempzxpsign556ae5d7bf06d93e
2017-10-22 03:29 - 2017-10-22 03:29 - 000000000 ____D C:\Users\McDan\AppData\Local\Tempzxpsign4f2357ab5e30be60

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-21 19:48 - 2017-01-23 00:07 - 000000000 ____D C:\Users\McDan\AppData\LocalLow\Mozilla
2017-11-21 19:47 - 2017-05-22 12:20 - 000000000 ____D C:\ProgramData\NVIDIA
2017-11-21 19:45 - 2017-01-23 00:05 - 000000000 ____D C:\Users\McDan\AppData\Roaming\vlc
2017-11-21 17:41 - 2017-01-23 03:01 - 000000000 ____D C:\Users\McDan\AppData\Local\Battle.net
2017-11-21 15:09 - 2017-05-22 12:19 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-11-21 14:20 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-11-21 14:20 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-11-21 03:18 - 2017-01-23 03:01 - 000000000 ____D C:\Program Files (x86)\Battle.net
2017-11-21 02:00 - 2017-01-23 15:08 - 000000000 ____D C:\Users\McDan\AppData\Local\Adobe
2017-11-20 19:38 - 2017-01-24 21:58 - 000000000 ____D C:\Program Files (x86)\Overwolf
2017-11-20 15:27 - 2017-01-24 21:58 - 000000000 ____D C:\Users\McDan\AppData\Roaming\TS3Client
2017-11-20 03:32 - 2017-01-22 23:03 - 000000000 ____D C:\Users\McDan\AppData\Local\CrashDumps
2017-11-18 02:55 - 2017-08-11 19:36 - 000000000 ____D C:\Users\McDan\AppData\Roaming\Twitch
2017-11-18 00:02 - 2017-05-22 12:20 - 000000000 ____D C:\Users\McDan
2017-11-17 23:43 - 2017-05-22 12:37 - 003049736 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-17 23:43 - 2017-03-20 05:39 - 001396148 _____ C:\WINDOWS\system32\perfh005.dat
2017-11-17 23:43 - 2017-03-20 05:39 - 000349458 _____ C:\WINDOWS\system32\perfc005.dat
2017-11-17 23:38 - 2017-03-04 00:29 - 000000000 ___RD C:\Users\McDan\iCloudDrive
2017-11-17 23:38 - 2017-01-23 17:17 - 000000000 ____D C:\Users\McDan\AppData\Local\Overwolf
2017-11-17 23:36 - 2017-07-14 05:10 - 000026192 ____N (Windows (R) Server 2003 DDK provider) C:\WINDOWS\gdrv.sys
2017-11-17 23:36 - 2017-05-22 12:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-11-17 23:36 - 2017-03-18 12:40 - 001572864 _____ C:\WINDOWS\system32\config\BBI
2017-11-17 23:36 - 2017-02-03 15:57 - 000000082 _____ C:\WINDOWS\SysWOW64\winsevr.dat
2017-11-17 23:36 - 2017-02-03 15:56 - 000000000 ____D C:\Program Files (x86)\AOMEI Backupper
2017-11-17 23:35 - 2017-08-03 18:19 - 000000000 ____D C:\Users\McDan\AppData\Roaming\IObit
2017-11-17 23:35 - 2017-08-03 18:19 - 000000000 ____D C:\Users\McDan\AppData\LocalLow\IObit
2017-11-17 23:35 - 2017-08-03 18:18 - 000000000 ____D C:\ProgramData\IObit
2017-11-17 16:03 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-11-17 15:55 - 2017-01-22 22:43 - 000000000 ____D C:\Users\McDan\AppData\Local\ElevatedDiagnostics
2017-11-17 15:33 - 2017-01-23 00:33 - 000000000 ____D C:\Users\McDan\Documents\Soubory aplikace Outlook
2017-11-16 17:55 - 2017-05-22 12:20 - 000018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2017-11-15 17:27 - 2017-05-22 12:33 - 000003962 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1487686086
2017-11-15 17:27 - 2017-02-21 15:08 - 000001152 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera developer.lnk
2017-11-15 17:27 - 2017-02-21 15:07 - 000000000 ____D C:\Program Files\Opera developer
2017-11-14 00:26 - 2017-01-22 22:28 - 000002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-14 00:19 - 2017-05-22 12:33 - 000003470 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-11-14 00:19 - 2017-05-22 12:33 - 000003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-11-12 13:27 - 2017-01-22 21:57 - 000000000 ____D C:\Users\McDan\AppData\Local\Comms
2017-11-11 21:18 - 2017-09-28 08:29 - 000001135 _____ C:\Users\McDan\Desktop\Vivaldi.lnk
2017-11-11 21:18 - 2017-09-28 08:29 - 000001135 _____ C:\Users\McDan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vivaldi.lnk
2017-11-08 14:55 - 2017-08-02 22:00 - 000000000 ____D C:\Users\McDan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Innkeeper
2017-11-08 14:55 - 2017-08-02 22:00 - 000000000 ____D C:\Users\McDan\AppData\Local\Innkeeper
2017-11-08 14:55 - 2017-01-29 14:31 - 000000000 ____D C:\Users\McDan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HearthSim
2017-11-08 14:55 - 2017-01-29 14:31 - 000000000 ____D C:\Users\McDan\AppData\Local\SquirrelTemp
2017-11-08 14:55 - 2017-01-29 14:31 - 000000000 ____D C:\Users\McDan\AppData\Local\HearthstoneDeckTracker
2017-11-07 14:45 - 2017-09-09 00:51 - 000003360 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-387887694-3816885906-4219055421-1001
2017-11-07 14:45 - 2017-01-22 21:42 - 000002424 _____ C:\Users\McDan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-11-06 19:35 - 2017-01-23 03:06 - 000000000 ____D C:\Program Files (x86)\Hearthstone
2017-11-05 22:49 - 2017-01-24 11:29 - 000000000 ____D C:\Program Files (x86)\BSPlayer
2017-10-24 16:44 - 2017-05-22 12:19 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation

==================== Files in the root of some directories =======

2017-01-31 16:34 - 2017-09-28 13:48 - 000000033 _____ () C:\Users\McDan\AppData\Roaming\AdobeWLCMCache.dat
2017-01-31 14:20 - 2017-01-31 14:22 - 000000028 _____ () C:\Users\McDan\AppData\Roaming\kulerdata.json
2017-07-16 02:52 - 2017-07-17 00:32 - 000728064 _____ () C:\Users\McDan\AppData\Local\file__0.localstorage
2017-01-23 00:54 - 2017-07-25 04:19 - 000007615 _____ () C:\Users\McDan\AppData\Local\resmon.resmoncfg

Some files in TEMP:
====================
2017-11-14 03:40 - 2017-11-16 00:52 - 000000000 _____ () C:\Users\McDan\AppData\Local\Temp\00e481b5e22dbe1f649fcddd505d3eb7.dll
2017-11-14 03:40 - 2017-11-16 00:52 - 000000016 _____ () C:\Users\McDan\AppData\Local\Temp\0415d8a817eefb9fcf90b70dba9072c2.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-11-19 16:13

==================== End of FRST.txt ============================


Nahoru
 Profil  
Odpovědět s citací  
PříspěvekNapsal: 21 lis 2017 20:11 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 101529
Bydliště: Plzeň
Otevřte poznámkový blok a zkopírujte do něj:

Citace:
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
U3 idsvc; no ImagePath
C:\Users\McDan\AppData\Local\Temp

EmptyTemp:
End


Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
Odpovědět s citací  
PříspěvekNapsal: 22 lis 2017 15:05 
Offline
Návštěvník
Návštěvník

Registrován: 16 lis 2017 19:01
Příspěvky: 10
Po dokončení fixu a restartu PC, se mi z Chromu smazaly (zavřely) všechny panely a nejdou obnovit. Na některých z nich jsem měl důležitá data, ke kterým už nemám odkaz. Jak se k nim opět dostanu? Ve firefoxu mi panely přežily.

EDIT: Nyní jsem zjistil, že i všechna nastavení na různých stránkách a doplních se mi resetovaly.

Citace:
Fix result of Farbar Recovery Scan Tool (x64) Version: 19-11-2017
Ran by McDan (22-11-2017 14:57:09) Run:1
Running from C:\Users\McDan\Desktop
Loaded Profiles: McDan (Available Profiles: McDan)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
U3 idsvc; no ImagePath
C:\Users\McDan\AppData\Local\Temp

EmptyTemp:
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => key removed successfully
HKLM\System\CurrentControlSet\Services\idsvc => key removed successfully
idsvc => service removed successfully

"C:\Users\McDan\AppData\Local\Temp" folder move:

Could not move "C:\Users\McDan\AppData\Local\Temp" => Scheduled to move on reboot.


=========== EmptyTemp: ==========

BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 134680036 B
Java, Flash, Steam htmlcache => 150622732 B
Windows/system/drivers => 3008369 B
Edge => 532183080 B
Chrome => 617003304 B
Firefox => 393035893 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 4125 B
LocalService => 155042 B
NetworkService => 197242 B
McDan => 7125284565 B

RecycleBin => 0 B
EmptyTemp: => 8.3 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 22-11-2017 14:59:17)

C:\Users\McDan\AppData\Local\Temp => moved successfully

==== End of Fixlog 14:59:17 ====


Nahoru
 Profil  
Odpovědět s citací  
PříspěvekNapsal: 22 lis 2017 18:01 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 101529
Bydliště: Plzeň
To nevím. Chrome neznám a stalo se to poprvé, co tento nástroj požíváme. Normální to určině není, pokud FF je v pořádku. To muselo způsobit něco jiného. Přestala se sekat myš?

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
Odpovědět s citací  
PříspěvekNapsal: 23 lis 2017 18:41 
Offline
Návštěvník
Návštěvník

Registrován: 16 lis 2017 19:01
Příspěvky: 10
To je tím, že mi ten program vymazal složku temp. Podíval jsem se do ní a byla prázdná.

Myš při vytížení pořád laguje, bohužel.


Nahoru
 Profil  
Odpovědět s citací  
PříspěvekNapsal: 23 lis 2017 19:41 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 101529
Bydliště: Plzeň
Zkuste ještě kompletní sken MBAM: http://www.malwarebytes.org/mbam.php . Dejte log a předem nic nemažte. Stejně si ale myslím, že problém bude ve zbytcích ovladačů původní základní desky.

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
Odpovědět s citací  
PříspěvekNapsal: 24 lis 2017 02:40 
Offline
Návštěvník
Návštěvník

Registrován: 16 lis 2017 19:01
Příspěvky: 10
Během skenu se myš sekala po celou dobu. Správce úloh ukazoval 100 procentní vytížení procesoru, ale když jsem se podíval na jednotlivé procesy, tak malware bytes vykazoval pouze 30 procent a součet ostatních aplikací mohl být max 15 procent, tj. dohromady max 40 procent a přesto Správce úloh ukazoval, již zmíněných 100 procent CPU. Nechápu.

To samé se děje při hře PLAYERUNKNOWN'S BATTLEGROUNDS. V Procesech to ukazuje, že to žere max 70 procent CPU (všechno ostatní mám zavřené) a přesto procesor je vytizeny na 100 procent.

Ještě jsem si říkal, jestli by to nemohlo být např základní deskou. Jestli prostě není třeba v nějakým ohledu slabší, že by ani formát a reinstalace Win nepomohla. Jedná se o https://www.czc.cz/gigabyte-b250m-d3h-i ... 69/produkt


Log:
Citace:
Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 24.11.17
Čas skenování: 2:18
Logovací soubor: 56451f58-d0b5-11e7-89ee-1c1b0dce9d05.json
Správce: Ano

-Informace o softwaru-
Verze: 3.3.1.2183
Verze komponentů: 1.0.236
Aktualizovat verzi balíku komponent: 1.0.3335
Licence: Zkušební

-Systémová informace-
OS: Windows 10 (Build 15063.674)
CPU: x64
Systém souborů: NTFS
Uživatel: MCDANPC\McDan

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 459171
Zjištěné hrozby: 7
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 3 min, 49 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 3
PUP.Optional.WhoDeletedMe, C:\Users\McDan\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiepnnbjenknnjgabbodaihlnkkpkgll\2.0.10_0\_metadata, Žádná uživatelská akce, [5566], [377386],1.0.3335
PUP.Optional.WhoDeletedMe, C:\Users\McDan\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiepnnbjenknnjgabbodaihlnkkpkgll\2.0.10_0, Žádná uživatelská akce, [5566], [377386],1.0.3335
PUP.Optional.WhoDeletedMe, C:\USERS\MCDAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\EIEPNNBJENKNNJGABBODAIHLNKKPKGLL, Žádná uživatelská akce, [5566], [377386],1.0.3335

Soubor: 4
PUP.Optional.WhoDeletedMe, C:\Users\McDan\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiepnnbjenknnjgabbodaihlnkkpkgll\2.0.10_0\_metadata\computed_hashes.json, Žádná uživatelská akce, [5566], [377386],1.0.3335
PUP.Optional.WhoDeletedMe, C:\Users\McDan\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiepnnbjenknnjgabbodaihlnkkpkgll\2.0.10_0\_metadata\verified_contents.json, Žádná uživatelská akce, [5566], [377386],1.0.3335
PUP.Optional.WhoDeletedMe, C:\USERS\MCDAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Žádná uživatelská akce, [5566], [377386],1.0.3335
PUP.Optional.WhoDeletedMe, C:\USERS\MCDAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Žádná uživatelská akce, [5566], [377386],1.0.3335

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)


Díky


Nahoru
 Profil  
Odpovědět s citací  
Zobrazit příspěvky za předchozí:  Seřadit podle  
Odeslat nové téma Odpovědět na téma  [ Příspěvků: 20 ]  Přejít na stránku 1, 2  Další

Všechny časy jsou v UTC + 1 hodina


Kdo je online

Uživatelé procházející toto fórum: Žádní registrovaní uživatelé


Nemůžete zakládat nová témata v tomto fóru
Nemůžete odpovídat v tomto fóru
Nemůžete upravovat své příspěvky v tomto fóru
Nemůžete mazat své příspěvky v tomto fóru
Nemůžete přikládat soubory v tomto fóru

Hledat:
Přejít na:  
Založeno na phpBB® Forum Software © phpBB Group
Český překlad – phpBB.cz
Přispějete na provoz fóra?
>