VIRY.CZ

Prosím o kontrolu logu NTB v krátké době došlo k výraznému zpomalení NTB :

LOG:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-09-2017
Ran by Nark (administrator) on DESKTOP-GNJ1BBG (11-09-2017 12:25:28)
Running from C:\Users\Nark\Desktop
Loaded Profiles: Nark (Available Profiles: defaultuser0 & Nark)
Platform: Windows 10 Home Version 1703 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(CANON INC.) C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT6.EXE
(ACD Systems) C:\Program Files\ACD Systems\ACDSee Pro\10.0\acdIDInTouch2.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mobile Stream) C:\Program Files\Mobile Stream\EasyTether\easytthr.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
() C:\Program Files\ACD Systems\ACDSee Pro\10.0\ACDSeeCommanderPro10.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE
(Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8712960 2015-10-23] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1407744 2015-10-23] (Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [714672 2015-09-25] (Waves Audio Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-23] (Intel Corporation)
HKLM\...\Run: [HP Color LaserJet CM2320 MFP Series Fax] => C:\Program Files (x86)\HP\HP Color LaserJet CM2320 MFP Series\hppfaxprintersrv.exe [3700736 2009-09-22] (Hewlett-Packard Company)
HKLM\...\Run: [MFNetworkScanUtility] => C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT6.EXE [486552 2012-09-27] (CANON INC.)
HKLM\...\Run: [ACPW10EN] => C:\Program Files\ACD Systems\ACDSee Pro\10.0\acdIDInTouch2.exe [2157000 2017-03-28] (ACD Systems)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3487032 2017-09-06] (Dropbox, Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2137744 2016-10-08] (Wondershare)
HKU\S-1-5-21-2416923924-1561036882-679274060-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-05-30] (Disc Soft Ltd)
HKU\S-1-5-21-2416923924-1561036882-679274060-1001\...\Run: [EasyTether] => C:\Program Files\Mobile Stream\EasyTether\easytthr.exe [73728 2015-11-22] (Mobile Stream)
HKU\S-1-5-21-2416923924-1561036882-679274060-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27545056 2017-02-14] (Skype Technologies S.A.)
HKU\S-1-5-21-2416923924-1561036882-679274060-1001\...\Run: [ACDSeeCommanderPro10] => C:\Program Files\ACD Systems\ACDSee Pro\10.0\ACDSeeCommanderPro10.exe [3415496 2017-02-09] ()
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [391040 2017-03-20] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-09-05]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{63bed8f5-fa32-470f-bf54-1723ab90423d}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-03] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-10] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR Profile: C:\Users\Nark\AppData\Local\Google\Chrome\User Data\Default [2017-09-11]
CHR Extension: (Prezentace Google) - C:\Users\Nark\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-02]
CHR Extension: (Restlet Client - REST API Testing) - C:\Users\Nark\AppData\Local\Google\Chrome\User Data\Default\Extensions\aejoelaoggembcahagimdiliamlcdmfm [2017-09-07]
CHR Extension: (Dokumenty Google) - C:\Users\Nark\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-02]
CHR Extension: (Disk Google) - C:\Users\Nark\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-02]
CHR Extension: (YouTube) - C:\Users\Nark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-02]
CHR Extension: (Matematické aplikace) - C:\Users\Nark\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnbaboaihhkjoaolfnfoablhllahjnee [2017-09-07]
CHR Extension: (Adobe Acrobat) - C:\Users\Nark\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-06]
CHR Extension: (Invite All (for Facebook)) - C:\Users\Nark\AppData\Local\Google\Chrome\User Data\Default\Extensions\eopekjehpibhfpjjcokfmhcaeiclddih [2017-06-26]
CHR Extension: (Tabulky Google) - C:\Users\Nark\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\Nark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-02]
CHR Extension: (AudioSauna) - C:\Users\Nark\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkgfemnodkdnenmfkblebnkjpckkjcae [2016-09-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Nark\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-24]
CHR Extension: (Outlook.com) - C:\Users\Nark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge [2016-09-02]
CHR Extension: (Gmail) - C:\Users\Nark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-02]
CHR Extension: (Chrome Media Router) - C:\Users\Nark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-14]
CHR Profile: C:\Users\Nark\AppData\Local\Google\Chrome\User Data\System Profile [2017-03-30]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ALG; C:\WINDOWS\System32\alg.exe [92672 2017-03-18] (Microsoft Corporation)
R2 CDPUserSvc_28bb6; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
R2 CDPUserSvc_28bb6; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-02] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-02] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [49992 2017-09-06] (Dropbox, Inc.)
S3 DevicesFlowUserSvc_28bb6; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 DevicesFlowUserSvc_28bb6; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-05-30] (Disc Soft Ltd)
R2 esifsvc; C:\WINDOWS\SysWOW64\esif_uf.exe [1392792 2015-10-29] (Intel Corporation)
S3 Fax; C:\WINDOWS\system32\fxssvc.exe [637440 2017-03-18] (Microsoft Corporation)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-23] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [382456 2017-02-16] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-21] (Malwarebytes)
S3 MessagingService_28bb6; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 MessagingService_28bb6; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 MSDTC; C:\WINDOWS\System32\msdtc.exe [147456 2017-03-18] (Microsoft Corporation)
S3 msiserver; C:\WINDOWS\System32\msiexec.exe [66048 2017-03-18] (Microsoft Corporation)
S3 msiserver; C:\WINDOWS\SysWOW64\msiexec.exe [59392 2017-03-18] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 OneSyncSvc_28bb6; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
R2 OneSyncSvc_28bb6; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
S3 PimIndexMaintenanceSvc_28bb6; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 PimIndexMaintenanceSvc_28bb6; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
S3 RpcLocator; C:\WINDOWS\system32\locator.exe [11264 2017-03-18] (Microsoft Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [307456 2015-10-23] (Realtek Semiconductor)
R2 SamSs; C:\WINDOWS\system32\lsass.exe [58488 2017-07-07] (Microsoft Corporation)
R2 SecurityHealthService; C:\WINDOWS\system32\SecurityHealthService.exe [336320 2017-07-07] (Microsoft Corporation)
S3 SensorDataService; C:\WINDOWS\System32\SensorDataService.exe [1284608 2017-03-18] (Microsoft Corporation)
S3 SNMPTRAP; C:\WINDOWS\System32\snmptrap.exe [15872 2017-06-05] (Microsoft Corporation)
S3 spectrum; C:\WINDOWS\system32\spectrum.exe [891904 2017-03-18] (Microsoft Corporation)
R2 Spooler; C:\WINDOWS\System32\spoolsv.exe [757760 2017-03-18] (Microsoft Corporation)
R2 sppsvc; C:\WINDOWS\system32\sppsvc.exe [4574192 2017-03-18] (Microsoft Corporation)
S3 TieringEngineService; C:\WINDOWS\system32\TieringEngineService.exe [302592 2017-03-18] (Microsoft Corporation)
S3 UI0Detect; C:\WINDOWS\system32\UI0Detect.exe [43008 2017-03-18] (Microsoft Corporation)
S3 UnistoreSvc_28bb6; C:\WINDOWS\System32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 UnistoreSvc_28bb6; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 UserDataSvc_28bb6; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 UserDataSvc_28bb6; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 vds; C:\WINDOWS\System32\vds.exe [643072 2017-03-18] (Microsoft Corporation)
S3 VSS; C:\WINDOWS\system32\vssvc.exe [1550848 2017-03-18] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
R2 WpnUserService_28bb6; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
R2 WpnUserService_28bb6; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
R2 WSearch; C:\WINDOWS\system32\SearchIndexer.exe [933376 2017-06-03] (Microsoft Corporation)
R2 WSearch; C:\WINDOWS\SysWOW64\SearchIndexer.exe [797184 2017-06-03] (Microsoft Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [19440 2015-05-08] (OSR Open Systems Resources, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 dlcdcncm; C:\WINDOWS\System32\drivers\dlcdcncm62_x64.sys [92400 2017-06-22] (DisplayLink Corp.)
R3 dlusbaudio; C:\WINDOWS\system32\DRIVERS\dlusbaudio_x64.sys [238328 2017-06-22] (DisplayLink Corp.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [55784 2015-10-29] (Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [52200 2015-10-29] (Intel Corporation)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-10-15] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-10-15] (Disc Soft Ltd)
R3 easytether; C:\WINDOWS\System32\drivers\easytthrx.sys [22728 2015-11-22] (Mobile Stream)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [260072 2015-10-29] (Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-08-24] ()
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [250624 2016-10-15] (Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [192960 2017-09-07] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [101824 2017-09-11] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-09-11] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [253888 2017-09-11] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [94144 2017-09-11] (Malwarebytes)
R1 MpKsl3e4286fa; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{09275B79-F54F-4F14-9427-E14A85E5770E}\MpKsl3e4286fa.sys [44928 2017-09-11] (Microsoft Corporation)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7218176 2017-03-18] (Intel Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 VirtualButtons; C:\WINDOWS\System32\drivers\VirtualButtons.sys [41992 2017-03-31] (Intel Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-11 12:25 - 2017-09-11 12:26 - 000019889 _____ C:\Users\Nark\Desktop\FRST.txt
2017-09-11 11:41 - 2017-09-11 11:44 - 000048349 _____ C:\Users\Nark\Downloads\Addition.txt
2017-09-11 11:33 - 2017-09-11 12:25 - 000000000 ____D C:\FRST
2017-09-11 11:33 - 2017-09-11 11:44 - 000030249 _____ C:\Users\Nark\Downloads\FRST.txt
2017-09-11 11:32 - 2017-09-11 11:51 - 000000000 ____D C:\AdwCleaner
2017-09-11 11:29 - 2017-09-11 11:30 - 008182736 _____ (Malwarebytes) C:\Users\Nark\Downloads\adwcleaner_7.0.2.1.exe
2017-09-11 11:22 - 2017-09-11 11:23 - 000000000 ____D C:\rsit
2017-09-11 11:22 - 2017-09-11 11:22 - 000000000 ____D C:\Program Files\trend micro
2017-09-11 11:21 - 2017-09-11 11:21 - 001222144 _____ C:\Users\Nark\Downloads\RSITx64.exe
2017-09-11 11:20 - 2017-09-11 11:20 - 002396672 _____ (Farbar) C:\Users\Nark\Desktop\FRST64.exe
2017-09-08 12:37 - 2017-09-08 12:37 - 000000000 ___HD C:\OneDriveTemp
2017-09-07 20:02 - 2017-09-07 20:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-09-07 13:33 - 2017-09-11 11:52 - 000101824 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-09-07 13:33 - 2017-09-11 11:52 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-09-07 13:33 - 2017-09-07 13:33 - 000192960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-09-07 13:32 - 2017-09-11 11:52 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-09-07 13:32 - 2017-09-11 11:52 - 000045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-09-07 13:31 - 2017-09-07 13:31 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-09-07 13:31 - 2017-09-07 13:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-09-07 13:31 - 2017-08-24 11:27 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-09-07 13:29 - 2017-09-07 13:29 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-09-07 13:29 - 2017-09-07 13:29 - 000000000 ____D C:\Program Files\Malwarebytes
2017-09-07 13:26 - 2017-09-07 13:28 - 066347240 _____ (Malwarebytes ) C:\Users\Nark\Downloads\mb3-setup-consumer-3.2.2.2018.exe
2017-09-07 13:05 - 2017-09-11 12:23 - 000007606 _____ C:\Users\Nark\AppData\Local\Resmon.ResmonCfg
2017-09-06 12:29 - 2017-09-06 12:29 - 000049992 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-09-06 12:29 - 2017-09-06 12:29 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-09-06 12:29 - 2017-09-06 12:29 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-09-06 12:29 - 2017-09-06 12:29 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2017-09-04 16:17 - 2017-09-06 14:29 - 000129533 _____ C:\Users\Nark\Desktop\Hlaseni_cestovko_CZE.pdf
2017-09-04 15:28 - 2017-09-04 15:28 - 000167615 _____ C:\Users\Nark\Desktop\Kopie - Financnisupermarket - kreativa FB.xlsx
2017-09-04 11:04 - 2017-09-04 11:15 - 382710207 _____ C:\Users\Nark\Downloads\themeforest-4021469-metronic-responsive-admin-dashboard-template.zip
2017-09-01 18:46 - 2017-09-01 18:46 - 000249736 _____ C:\Users\Nark\Downloads\boarding-pass (5).pdf
2017-09-01 18:45 - 2017-09-01 18:45 - 000247614 _____ C:\Users\Nark\Downloads\boarding-pass (4).pdf
2017-08-31 18:54 - 2017-08-31 18:54 - 000281264 _____ C:\Users\Nark\Downloads\boarding-pass (3).pdf
2017-08-31 09:25 - 2017-08-31 09:25 - 000046557 _____ C:\Users\Nark\Downloads\Zalohova_faktura_042017.pdf
2017-08-31 09:25 - 2017-08-31 09:25 - 000037237 _____ C:\Users\Nark\Downloads\Zalohova_faktura_052017.pdf
2017-08-30 21:29 - 1982-01-02 00:22 - 1970917509 ____N C:\Users\Nark\Desktop\Teorie-Tygra-2016-full-hd-1080p.mkv
2017-08-27 09:11 - 2017-08-27 10:07 - 000000000 ____D C:\Users\Nark\Downloads\Boxing.2017.08.27.Floyd.Mayweather.Jr.vs.Conor.McGregor.PPV.720p.HDTV.x264-VERUM[rarbg]
2017-08-22 10:50 - 2017-08-22 10:50 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2017-08-15 10:06 - 2017-08-15 10:07 - 000790756 _____ C:\Users\Nark\Downloads\orientacni-propocet (1).xlsm
2017-08-15 10:06 - 2017-08-15 10:07 - 000790342 _____ C:\Users\Nark\Downloads\orientacni-propocet.xlsm
2017-08-14 14:09 - 2017-08-14 14:09 - 001517532 _____ C:\Users\Nark\Downloads\vzor-sab-zaznam-z-jednani-uver.xlsx
2017-08-14 13:57 - 2017-08-14 13:57 - 000236830 _____ C:\Users\Nark\Downloads\sab-zaznam-z-jednani-uver.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-11 12:23 - 2017-06-05 12:57 - 000004072 _____ C:\WINDOWS\System32\Tasks\4Team updater
2017-09-11 12:01 - 2017-06-05 13:00 - 000005848 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-11 12:01 - 2017-03-20 06:43 - 000955358 _____ C:\WINDOWS\system32\perfh005.dat
2017-09-11 12:01 - 2017-03-20 06:43 - 000211132 _____ C:\WINDOWS\system32\perfc005.dat
2017-09-11 11:56 - 2016-09-05 09:08 - 000000000 ____D C:\Users\Nark\AppData\Roaming\Skype
2017-09-11 11:55 - 2017-02-06 14:39 - 000000000 ___RD C:\Users\Nark\OneDrive - Jakub Kadeřábek
2017-09-11 11:52 - 2017-06-05 12:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-09-11 11:52 - 2017-06-05 12:51 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-09-11 11:52 - 2016-09-02 01:28 - 000000000 __SHD C:\Users\Nark\IntelGraphicsProfiles
2017-09-11 11:51 - 2017-03-18 13:40 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2017-09-11 11:15 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-09-11 11:03 - 2017-06-05 12:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-09-11 04:44 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-09-09 09:56 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-08 12:36 - 2017-07-29 17:16 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2416923924-1561036882-679274060-1001
2017-09-08 12:36 - 2016-09-02 01:24 - 000002384 _____ C:\Users\Nark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-08 12:36 - 2016-09-02 01:24 - 000000000 ___RD C:\Users\Nark\OneDrive
2017-09-07 20:02 - 2016-09-02 01:46 - 000000000 ____D C:\Program Files (x86)\Dropbox
2017-09-07 14:02 - 2017-06-05 12:52 - 000000000 ____D C:\Users\Nark
2017-09-07 14:02 - 2016-10-15 13:22 - 000000000 ____D C:\Program Files\DAEMON Tools Lite
2017-09-05 14:01 - 2016-09-02 01:23 - 000000000 ____D C:\Users\Nark\AppData\Local\Packages
2017-09-04 11:33 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-08-30 21:33 - 2016-09-02 10:46 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-08-30 21:20 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF
2017-08-28 23:03 - 2016-09-02 01:27 - 000002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-28 23:03 - 2016-09-02 01:27 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-08-27 11:18 - 2017-05-30 22:07 - 000000000 ____D C:\Users\Nark\AppData\Roaming\uTorrent
2017-08-22 10:50 - 2017-06-05 12:51 - 000000000 ____D C:\Program Files\DisplayLink Core Software
2017-08-22 10:49 - 2016-09-02 08:23 - 000544424 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-08-14 12:13 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\rescache
2017-08-14 12:05 - 2017-06-05 12:57 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-08-14 11:59 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp

==================== Files in the root of some directories =======

2017-09-07 13:05 - 2017-09-11 12:23 - 000007606 _____ () C:\Users\Nark\AppData\Local\Resmon.ResmonCfg
2017-06-05 12:51 - 2017-06-05 12:51 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2016-09-05 09:11 - 2016-09-05 09:18 - 000000848 _____ () C:\ProgramData\hpzinstall.log

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-09-07 14:48

==================== End of FRST.txt ============================

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

# AdwCleaner 7.0.2.1 - Logfile created on Mon Sep 11 18:14:26 2017
# Updated on 2017/29/08 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

No malicious folders deleted.

***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

No malicious registry entries deleted.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

SearchProvider deleted: Ask Search - ask search
SearchProvider deleted: MyStart Search - mystart.incredibar.com/mb201
SearchProvider deleted: MyStart - mystart.incredibar.com/

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0

*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [1399 B] - [2017/9/11 9:51:5]
C:/AdwCleaner/AdwCleaner[S0].txt - [1456 B] - [2017/9/11 9:45:53]
C:/AdwCleaner/AdwCleaner[S1].txt - [1421 B] - [2017/9/11 18:14:10]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt ##########

Dejte nový log FRST.

Dobrý večer tady je:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-09-2017
Ran by Nark (administrator) on DESKTOP-GNJ1BBG (11-09-2017 21:04:19)
Running from C:\Users\Nark\Desktop
Loaded Profiles: Nark (Available Profiles: defaultuser0 & Nark)
Platform: Windows 10 Home Version 1703 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(CANON INC.) C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT6.EXE
(ACD Systems) C:\Program Files\ACD Systems\ACDSee Pro\10.0\acdIDInTouch2.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Mobile Stream) C:\Program Files\Mobile Stream\EasyTether\easytthr.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files\ACD Systems\ACDSee Pro\10.0\ACDSeeCommanderPro10.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.13510.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17072.13111.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE
(Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8712960 2015-10-23] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1407744 2015-10-23] (Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [714672 2015-09-25] (Waves Audio Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-23] (Intel Corporation)
HKLM\...\Run: [HP Color LaserJet CM2320 MFP Series Fax] => C:\Program Files (x86)\HP\HP Color LaserJet CM2320 MFP Series\hppfaxprintersrv.exe [3700736 2009-09-22] (Hewlett-Packard Company)
HKLM\...\Run: [MFNetworkScanUtility] => C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT6.EXE [486552 2012-09-27] (CANON INC.)
HKLM\...\Run: [ACPW10EN] => C:\Program Files\ACD Systems\ACDSee Pro\10.0\acdIDInTouch2.exe [2157000 2017-03-28] (ACD Systems)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3487032 2017-09-06] (Dropbox, Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2137744 2016-10-08] (Wondershare)
HKLM-x32\...\RunOnce: [GrpConv] => grpconv -o
HKU\S-1-5-21-2416923924-1561036882-679274060-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-05-30] (Disc Soft Ltd)
HKU\S-1-5-21-2416923924-1561036882-679274060-1001\...\Run: [EasyTether] => C:\Program Files\Mobile Stream\EasyTether\easytthr.exe [73728 2015-11-22] (Mobile Stream)
HKU\S-1-5-21-2416923924-1561036882-679274060-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27545056 2017-02-14] (Skype Technologies S.A.)
HKU\S-1-5-21-2416923924-1561036882-679274060-1001\...\Run: [ACDSeeCommanderPro10] => C:\Program Files\ACD Systems\ACDSee Pro\10.0\ACDSeeCommanderPro10.exe [3415496 2017-02-09] ()
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [391040 2017-03-20] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-09-05]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{63bed8f5-fa32-470f-bf54-1723ab90423d}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-03] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-10] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR Profile: C:\Users\Nark\AppData\Local\Google\Chrome\User Data\Default [2017-09-11]
CHR Extension: (Prezentace Google) - C:\Users\Nark\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-02]
CHR Extension: (Restlet Client - REST API Testing) - C:\Users\Nark\AppData\Local\Google\Chrome\User Data\Default\Extensions\aejoelaoggembcahagimdiliamlcdmfm [2017-09-07]
CHR Extension: (Dokumenty Google) - C:\Users\Nark\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-02]
CHR Extension: (Disk Google) - C:\Users\Nark\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-02]
CHR Extension: (YouTube) - C:\Users\Nark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-02]
CHR Extension: (Matematické aplikace) - C:\Users\Nark\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnbaboaihhkjoaolfnfoablhllahjnee [2017-09-07]
CHR Extension: (Adobe Acrobat) - C:\Users\Nark\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-06]
CHR Extension: (Invite All (for Facebook)) - C:\Users\Nark\AppData\Local\Google\Chrome\User Data\Default\Extensions\eopekjehpibhfpjjcokfmhcaeiclddih [2017-06-26]
CHR Extension: (Tabulky Google) - C:\Users\Nark\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\Nark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-02]
CHR Extension: (AudioSauna) - C:\Users\Nark\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkgfemnodkdnenmfkblebnkjpckkjcae [2016-09-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Nark\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-24]
CHR Extension: (Outlook.com) - C:\Users\Nark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge [2016-09-02]
CHR Extension: (Gmail) - C:\Users\Nark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-02]
CHR Extension: (Chrome Media Router) - C:\Users\Nark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-14]
CHR Profile: C:\Users\Nark\AppData\Local\Google\Chrome\User Data\System Profile [2017-03-30]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ALG; C:\WINDOWS\System32\alg.exe [92672 2017-03-18] (Microsoft Corporation)
R2 CDPUserSvc_27c2a; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
R2 CDPUserSvc_27c2a; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-02] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-02] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [49992 2017-09-06] (Dropbox, Inc.)
S3 DevicesFlowUserSvc_27c2a; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 DevicesFlowUserSvc_27c2a; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-05-30] (Disc Soft Ltd)
R2 esifsvc; C:\WINDOWS\SysWOW64\esif_uf.exe [1392792 2015-10-29] (Intel Corporation)
S3 Fax; C:\WINDOWS\system32\fxssvc.exe [637440 2017-03-18] (Microsoft Corporation)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-23] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [382456 2017-02-16] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-21] (Malwarebytes)
S3 MessagingService_27c2a; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 MessagingService_27c2a; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 MSDTC; C:\WINDOWS\System32\msdtc.exe [147456 2017-03-18] (Microsoft Corporation)
S3 msiserver; C:\WINDOWS\System32\msiexec.exe [66048 2017-03-18] (Microsoft Corporation)
S3 msiserver; C:\WINDOWS\SysWOW64\msiexec.exe [59392 2017-03-18] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 OneSyncSvc_27c2a; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
R2 OneSyncSvc_27c2a; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_27c2a; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_27c2a; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
S3 RpcLocator; C:\WINDOWS\system32\locator.exe [11264 2017-03-18] (Microsoft Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [307456 2015-10-23] (Realtek Semiconductor)
R2 SamSs; C:\WINDOWS\system32\lsass.exe [58488 2017-07-07] (Microsoft Corporation)
R2 SecurityHealthService; C:\WINDOWS\system32\SecurityHealthService.exe [336320 2017-07-07] (Microsoft Corporation)
S3 SensorDataService; C:\WINDOWS\System32\SensorDataService.exe [1284608 2017-03-18] (Microsoft Corporation)
S3 SNMPTRAP; C:\WINDOWS\System32\snmptrap.exe [15872 2017-06-05] (Microsoft Corporation)
S3 spectrum; C:\WINDOWS\system32\spectrum.exe [891904 2017-03-18] (Microsoft Corporation)
R2 Spooler; C:\WINDOWS\System32\spoolsv.exe [757760 2017-03-18] (Microsoft Corporation)
R2 sppsvc; C:\WINDOWS\system32\sppsvc.exe [4574192 2017-03-18] (Microsoft Corporation)
S3 TieringEngineService; C:\WINDOWS\system32\TieringEngineService.exe [302592 2017-03-18] (Microsoft Corporation)
S3 UI0Detect; C:\WINDOWS\system32\UI0Detect.exe [43008 2017-03-18] (Microsoft Corporation)
R3 UnistoreSvc_27c2a; C:\WINDOWS\System32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
R3 UnistoreSvc_27c2a; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
R3 UserDataSvc_27c2a; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
R3 UserDataSvc_27c2a; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
S3 vds; C:\WINDOWS\System32\vds.exe [643072 2017-03-18] (Microsoft Corporation)
S3 VSS; C:\WINDOWS\system32\vssvc.exe [1550848 2017-03-18] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
R2 WpnUserService_27c2a; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
R2 WpnUserService_27c2a; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
R2 WSearch; C:\WINDOWS\system32\SearchIndexer.exe [933376 2017-06-03] (Microsoft Corporation)
R2 WSearch; C:\WINDOWS\SysWOW64\SearchIndexer.exe [797184 2017-06-03] (Microsoft Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [19440 2015-05-08] (OSR Open Systems Resources, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 dlcdcncm; C:\WINDOWS\System32\drivers\dlcdcncm62_x64.sys [92400 2017-06-22] (DisplayLink Corp.)
S3 dlusbaudio; C:\WINDOWS\system32\DRIVERS\dlusbaudio_x64.sys [238328 2017-06-22] (DisplayLink Corp.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [55784 2015-10-29] (Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [52200 2015-10-29] (Intel Corporation)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-10-15] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-10-15] (Disc Soft Ltd)
R3 easytether; C:\WINDOWS\System32\drivers\easytthrx.sys [22728 2015-11-22] (Mobile Stream)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [260072 2015-10-29] (Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-08-24] ()
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [250624 2016-10-15] (Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [192960 2017-09-07] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [101824 2017-09-11] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-09-11] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [253888 2017-09-11] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [94144 2017-09-11] (Malwarebytes)
R1 MpKslfe6262d7; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FB4496DF-51B4-4E00-9DC4-388CD353D260}\MpKslfe6262d7.sys [44928 2017-09-11] (Microsoft Corporation)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7218176 2017-03-18] (Intel Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 VirtualButtons; C:\WINDOWS\System32\drivers\VirtualButtons.sys [41992 2017-03-31] (Intel Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-11 20:25 - 2017-09-11 20:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-09-11 20:23 - 2017-09-11 20:24 - 000690080 _____ (Dropbox, Inc.) C:\Users\Nark\Downloads\DropboxInstaller.exe
2017-09-11 12:29 - 2017-09-11 12:32 - 000044075 _____ C:\Users\Nark\Desktop\Addition.txt
2017-09-11 12:25 - 2017-09-11 21:04 - 000020568 _____ C:\Users\Nark\Desktop\FRST.txt
2017-09-11 11:41 - 2017-09-11 11:44 - 000048349 _____ C:\Users\Nark\Downloads\Addition.txt
2017-09-11 11:33 - 2017-09-11 21:04 - 000000000 ____D C:\FRST
2017-09-11 11:33 - 2017-09-11 11:44 - 000030249 _____ C:\Users\Nark\Downloads\FRST.txt
2017-09-11 11:32 - 2017-09-11 20:14 - 000000000 ____D C:\AdwCleaner
2017-09-11 11:29 - 2017-09-11 11:30 - 008182736 _____ (Malwarebytes) C:\Users\Nark\Desktop\adwcleaner_7.0.2.1.exe
2017-09-11 11:22 - 2017-09-11 11:23 - 000000000 ____D C:\rsit
2017-09-11 11:22 - 2017-09-11 11:22 - 000000000 ____D C:\Program Files\trend micro
2017-09-11 11:21 - 2017-09-11 11:21 - 001222144 _____ C:\Users\Nark\Downloads\RSITx64.exe
2017-09-11 11:20 - 2017-09-11 11:20 - 002396672 _____ (Farbar) C:\Users\Nark\Desktop\FRST64.exe
2017-09-08 12:37 - 2017-09-08 12:37 - 000000000 ___HD C:\OneDriveTemp
2017-09-07 13:33 - 2017-09-11 20:20 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-09-07 13:33 - 2017-09-11 20:14 - 000101824 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-09-07 13:33 - 2017-09-07 13:33 - 000192960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-09-07 13:32 - 2017-09-11 20:14 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-09-07 13:32 - 2017-09-11 20:14 - 000045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-09-07 13:31 - 2017-09-07 13:31 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-09-07 13:31 - 2017-09-07 13:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-09-07 13:31 - 2017-08-24 11:27 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-09-07 13:29 - 2017-09-07 13:29 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-09-07 13:29 - 2017-09-07 13:29 - 000000000 ____D C:\Program Files\Malwarebytes
2017-09-07 13:26 - 2017-09-07 13:28 - 066347240 _____ (Malwarebytes ) C:\Users\Nark\Downloads\mb3-setup-consumer-3.2.2.2018.exe
2017-09-07 13:05 - 2017-09-11 20:26 - 000007606 _____ C:\Users\Nark\AppData\Local\Resmon.ResmonCfg
2017-09-06 12:29 - 2017-09-06 12:29 - 000049992 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-09-06 12:29 - 2017-09-06 12:29 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-09-06 12:29 - 2017-09-06 12:29 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-09-06 12:29 - 2017-09-06 12:29 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2017-09-04 16:17 - 2017-09-06 14:29 - 000129533 _____ C:\Users\Nark\Desktop\Hlaseni_cestovko_CZE.pdf
2017-09-04 15:28 - 2017-09-04 15:28 - 000167615 _____ C:\Users\Nark\Desktop\Kopie - Financnisupermarket - kreativa FB.xlsx
2017-09-04 11:04 - 2017-09-04 11:15 - 382710207 _____ C:\Users\Nark\Downloads\themeforest-4021469-metronic-responsive-admin-dashboard-template.zip
2017-09-01 18:46 - 2017-09-01 18:46 - 000249736 _____ C:\Users\Nark\Downloads\boarding-pass (5).pdf
2017-09-01 18:45 - 2017-09-01 18:45 - 000247614 _____ C:\Users\Nark\Downloads\boarding-pass (4).pdf
2017-08-31 18:54 - 2017-08-31 18:54 - 000281264 _____ C:\Users\Nark\Downloads\boarding-pass (3).pdf
2017-08-31 09:25 - 2017-08-31 09:25 - 000046557 _____ C:\Users\Nark\Downloads\Zalohova_faktura_042017.pdf
2017-08-31 09:25 - 2017-08-31 09:25 - 000037237 _____ C:\Users\Nark\Downloads\Zalohova_faktura_052017.pdf
2017-08-30 21:29 - 1982-01-02 00:22 - 1970917509 ____N C:\Users\Nark\Desktop\Teorie-Tygra-2016-full-hd-1080p.mkv
2017-08-27 09:11 - 2017-08-27 10:07 - 000000000 ____D C:\Users\Nark\Downloads\Boxing.2017.08.27.Floyd.Mayweather.Jr.vs.Conor.McGregor.PPV.720p.HDTV.x264-VERUM[rarbg]
2017-08-22 10:50 - 2017-08-22 10:50 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2017-08-15 10:06 - 2017-08-15 10:07 - 000790756 _____ C:\Users\Nark\Downloads\orientacni-propocet (1).xlsm
2017-08-15 10:06 - 2017-08-15 10:07 - 000790342 _____ C:\Users\Nark\Downloads\orientacni-propocet.xlsm
2017-08-14 14:09 - 2017-08-14 14:09 - 001517532 _____ C:\Users\Nark\Downloads\vzor-sab-zaznam-z-jednani-uver.xlsx
2017-08-14 13:57 - 2017-08-14 13:57 - 000236830 _____ C:\Users\Nark\Downloads\sab-zaznam-z-jednani-uver.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-11 20:25 - 2016-09-02 01:46 - 000000000 ____D C:\Program Files (x86)\Dropbox
2017-09-11 20:24 - 2017-06-05 12:57 - 000003996 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2017-09-11 20:24 - 2017-06-05 12:57 - 000003764 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2017-09-11 20:24 - 2016-09-02 01:46 - 000000936 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2017-09-11 20:24 - 2016-09-02 01:46 - 000000932 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2017-09-11 20:19 - 2017-06-05 13:00 - 000005848 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-11 20:19 - 2017-03-20 06:43 - 000971628 _____ C:\WINDOWS\system32\perfh005.dat
2017-09-11 20:19 - 2017-03-20 06:43 - 000215988 _____ C:\WINDOWS\system32\perfc005.dat
2017-09-11 20:15 - 2017-02-06 14:39 - 000000000 ___RD C:\Users\Nark\OneDrive - Jakub Kadeřábek
2017-09-11 20:15 - 2016-09-05 09:08 - 000000000 ____D C:\Users\Nark\AppData\Roaming\Skype
2017-09-11 20:14 - 2017-06-05 12:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-09-11 20:14 - 2017-06-05 12:51 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-09-11 20:14 - 2017-03-18 13:40 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2017-09-11 20:14 - 2016-09-02 01:28 - 000000000 __SHD C:\Users\Nark\IntelGraphicsProfiles
2017-09-11 20:11 - 2017-06-05 12:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-09-11 15:26 - 2017-06-05 12:57 - 000004072 _____ C:\WINDOWS\System32\Tasks\4Team updater
2017-09-11 13:43 - 2016-09-02 01:23 - 000000000 ____D C:\Users\Nark\AppData\Local\Packages
2017-09-11 11:15 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-09-11 04:44 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-09-09 09:56 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-08 12:36 - 2017-07-29 17:16 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2416923924-1561036882-679274060-1001
2017-09-08 12:36 - 2016-09-02 01:24 - 000002384 _____ C:\Users\Nark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-08 12:36 - 2016-09-02 01:24 - 000000000 ___RD C:\Users\Nark\OneDrive
2017-09-07 14:02 - 2017-06-05 12:52 - 000000000 ____D C:\Users\Nark
2017-09-07 14:02 - 2016-10-15 13:22 - 000000000 ____D C:\Program Files\DAEMON Tools Lite
2017-09-04 11:33 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-08-30 21:33 - 2016-09-02 10:46 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-08-30 21:20 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF
2017-08-28 23:03 - 2016-09-02 01:27 - 000002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-28 23:03 - 2016-09-02 01:27 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-08-27 11:18 - 2017-05-30 22:07 - 000000000 ____D C:\Users\Nark\AppData\Roaming\uTorrent
2017-08-22 10:50 - 2017-06-05 12:51 - 000000000 ____D C:\Program Files\DisplayLink Core Software
2017-08-22 10:49 - 2016-09-02 08:23 - 000544424 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-08-14 12:13 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\rescache
2017-08-14 12:05 - 2017-06-05 12:57 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-08-14 11:59 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp

==================== Files in the root of some directories =======

2017-09-07 13:05 - 2017-09-11 20:26 - 000007606 _____ () C:\Users\Nark\AppData\Local\Resmon.ResmonCfg
2017-06-05 12:51 - 2017-06-05 12:51 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2016-09-05 09:11 - 2016-09-05 09:18 - 000000848 _____ () C:\ProgramData\hpzinstall.log

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-09-07 14:48

==================== End of FRST.txt ============================

Otevřte poznámkový blok a zkopírujte do něj:

Start
S3 DevicesFlowUserSvc_27c2a; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 DevicesFlowUserSvc_27c2a; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 MessagingService_27c2a; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 MessagingService_27c2a; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
C:\WINDOWS\LastGood.Tmp
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\ProgramData\DP45977C.lfl

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Tady je log po fixlog:

Fix result of Farbar Recovery Scan Tool (x64) Version: 11-09-2017
Ran by Nark (12-09-2017 08:03:36) Run:1
Running from C:\Users\Nark\Desktop
Loaded Profiles: Nark (Available Profiles: defaultuser0 & Nark)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
S3 DevicesFlowUserSvc_27c2a; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 DevicesFlowUserSvc_27c2a; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 MessagingService_27c2a; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 MessagingService_27c2a; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
C:\WINDOWS\LastGood.Tmp
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\ProgramData\DP45977C.lfl

EmptyTemp:
End
*****************

HKLM\System\CurrentControlSet\Services\DevicesFlowUserSvc_27c2a => key removed successfully
DevicesFlowUserSvc_27c2a => service removed successfully
DevicesFlowUserSvc_27c2a => service not found.
HKLM\System\CurrentControlSet\Services\MessagingService_27c2a => key removed successfully
MessagingService_27c2a => service removed successfully
MessagingService_27c2a => service not found.
C:\WINDOWS\LastGood.Tmp => moved successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 29513841 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 3851679 B
Edge => 1007858 B
Chrome => 673118394 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 1884684 B
defaultuser0 => 0 B
Nark => 274476406 B

RecycleBin => 16552823301 B
EmptyTemp: => 16.3 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 08:04:27 ====

Tady je log po fixlog:

Fix result of Farbar Recovery Scan Tool (x64) Version: 11-09-2017
Ran by Nark (12-09-2017 08:03:36) Run:1
Running from C:\Users\Nark\Desktop
Loaded Profiles: Nark (Available Profiles: defaultuser0 & Nark)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
S3 DevicesFlowUserSvc_27c2a; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 DevicesFlowUserSvc_27c2a; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 MessagingService_27c2a; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 MessagingService_27c2a; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
C:\WINDOWS\LastGood.Tmp
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\ProgramData\DP45977C.lfl

EmptyTemp:
End
*****************

HKLM\System\CurrentControlSet\Services\DevicesFlowUserSvc_27c2a => key removed successfully
DevicesFlowUserSvc_27c2a => service removed successfully
DevicesFlowUserSvc_27c2a => service not found.
HKLM\System\CurrentControlSet\Services\MessagingService_27c2a => key removed successfully
MessagingService_27c2a => service removed successfully
MessagingService_27c2a => service not found.
C:\WINDOWS\LastGood.Tmp => moved successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 29513841 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 3851679 B
Edge => 1007858 B
Chrome => 673118394 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 1884684 B
defaultuser0 => 0 B
Nark => 274476406 B

RecycleBin => 16552823301 B
EmptyTemp: => 16.3 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 08:04:27 ====

Smazáno. Nastala nějaká změna?

Je to o něco lepší ještě budu testovat a pote hodím info jestli se uplně vyřešilo.

Každopádně díky moc

Zatím není zač a ozvěte se.

VIRY.CZ

Výrazně pomaly NTB

Výrazně pomaly NTB

Re: Výrazně pomaly NTB

Re: Výrazně pomaly NTB

Re: Výrazně pomaly NTB

Re: Výrazně pomaly NTB

Re: Výrazně pomaly NTB

Re: Výrazně pomaly NTB

Re: Výrazně pomaly NTB

Re: Výrazně pomaly NTB

Re: Výrazně pomaly NTB

Re: Výrazně pomaly NTB