kontrola logu-problém s vytížení ram

[JuraK]

Zemana AntiMalware 2.72.2.101 (instalační verze)

-------------------------------------------------------
Scan Result : Dokončeno
Scan Date : 2017.2.25
Operating System : Windows 10 64-bit
Processor : 4X Intel(R) Core(TM) i5-6600K CPU @ 3.50GHz
BIOS Mode : Legacy
CUID : 123A18AAE6CBB9A276FAD1
Scan Type : Skenování systému
Duration : 0m 42s
Scanned Objects : 45911
Detected Objects : 0
Excluded Objects : 0
Read Level : SCSI
Auto Upload : Vypnuto
Detect All Extensions : Vypnuto
Scan Documents : Vypnuto
Domain Info : WORKGROUP,0,2

Detected Objects
-------------------------------------------------------

Nebyly zjištěny žádné hrozby
Zaškrtnutí All Browser Extensions jsem tam nenašel.

[Reklama]

[JuraK]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:23:56, on 25.02.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)

FIREFOX: 51.0.1 (x86 cs)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files (x86)\Comodo\Internet Security Essentials\vkise.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Users\Benq\Desktop\HijackThis.exe
C:\Users\Benq\AppData\Local\Microsoft\OneDrive\OneDrive.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [IseUI] C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - Global Startup: Killer Network Manager.lnk = C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: isesrv - COMODO - C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Killer Service V2 - Rivet Networks - C:\Program Files\Killer Networking\Network Manager\KillerService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAM Controller Service (ZAMSvc) - Unknown owner - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe (file missing)

--
End of file - 7808 bytes

[JuraK]

Můj přesný problém je tady viewtopic.php?f=46&t=186130 Nikdo mi neporadil,tak nevím jestli to je normální že mi třeba za dva dny zaplého pc Hostitel Služby-místní systém zabírá 4 gb ram a na začátku po restartu prakticky nic.A čím dýl zaplé pc tim víc se navyšuje vytížení ram Hostitel Služby-místní systém.No třeba už se problém vyřešil,ale to zjistím až za nějaký čas.

[jaro3]

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

nezdá se mi , že by zatím byly viry , vytížení RAM bude asi stejně v pořádku.

[JuraK]

aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2017-02-26 14:15:20
-----------------------------
14:15:20.759 OS Version: Windows x64 6.2.9200
14:15:20.759 Number of processors: 4 586 0x5E03
14:15:20.759 ComputerName: BENQ UserName: Benq
14:15:20.915 Initialize success
14:15:20.931 VM: initialized successfully
14:15:20.931 VM: Intel CPU supported
14:15:23.056 VM: not used
14:15:47.865 Disk 0 \Device\Harddisk0\DR0 -> \Device\00000036
14:15:47.881 Disk 0 Vendor: WDC_WD10EZEX-00WN4A0 01.01A01 Size: 953869MB BusType: 11
14:15:47.881 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\00000038
14:15:47.881 Disk 1 Vendor: Samsung_SSD_850_EVO_250GB EMT02B6Q Size: 238475MB BusType: 11
14:15:47.881 Disk 1 MBR read successfully
14:15:47.896 Disk 1 MBR scan
14:15:47.896 Disk 1 Windows 7 default MBR code
14:15:47.896 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 500 MB offset 2048
14:15:47.896 Disk 1 Partition 2 00 07 HPFS/NTFS NTFS 237973 MB offset 1026048
14:15:47.912 Disk 1 scanning C:\WINDOWS\system32\drivers
14:15:49.287 Service scanning
14:15:51.961 Modules scanning
14:15:51.961 Disk 1 trace - called modules:
14:15:51.961 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll storahci.sys
14:15:51.976 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xffffb20052525060]
14:15:51.976 3 CLASSPNP.SYS[fffff808328f5efb] -> nt!IofCallDriver -> [0xffffb2005231ad30]
14:15:51.976 5 ACPI.sys[fffff80831a54571] -> nt!IofCallDriver -> [0xffffb20052317c40]
14:15:51.976 7 ACPI.sys[fffff80831a54571] -> nt!IofCallDriver -> \Device\00000038[0xffffb2005231a060]
14:15:51.976 Disk 1 statistics 140097/0/0 @ 114,97 MB/s
14:15:51.976 Scan finished successfully
14:16:17.817 Disk 1 MBR has been saved successfully to "C:\Users\Benq\Desktop\MBR.dat"
14:16:17.817 The log file has been saved successfully to "C:\Users\Benq\Desktop\aswMBR.txt"

[JuraK]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-02-2017
Ran by Benq (administrator) on BENQ (26-02-2017 14:22:12)
Running from C:\Users\Benq\Desktop
Loaded Profiles: Benq (Available Profiles: Benq)
Platform: Windows 10 Pro Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe
(COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\isesrv.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe
(COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\vkise.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1519800 2016-12-28] (COMODO)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [3386568 2016-12-06] (COMODO)
HKU\S-1-5-21-1052065165-3362093503-2363687254-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9363672 2017-02-08] (Piriform Ltd)
HKU\S-1-5-21-1052065165-3362093503-2363687254-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2881824 2017-01-19] (Valve Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2017-02-15]
ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.16.1
Tcpip\..\Interfaces\{31b512ae-b622-430d-ad3e-a5168364d79e}: [DhcpNameServer] 192.168.16.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-1052065165-3362093503-2363687254-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}

FireFox:
========
FF DefaultProfile: 6h9e4mgn.default
FF ProfilePath: C:\Users\Benq\AppData\Roaming\Comodo\CSS\User Data-firefox1 [not found]
FF ProfilePath: C:\Users\Benq\AppData\Roaming\Mozilla\Firefox\Profiles\6h9e4mgn.default [2017-02-26]
FF NewTab: Mozilla\Firefox\Profiles\6h9e4mgn.default -> about:newtab
FF Homepage: Mozilla\Firefox\Profiles\6h9e4mgn.default -> seznam.cz
FF Extension: (Adblock Plus) - C:\Users\Benq\AppData\Roaming\Mozilla\Firefox\Profiles\6h9e4mgn.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-01-11]
FF Extension: (SHA-1 deprecation staged rollout) - C:\Users\Benq\AppData\Roaming\Mozilla\Firefox\Profiles\6h9e4mgn.default\features\{29be2a67-3e70-415a-94f7-ac0496a33b97}\disableSHA1rollout@mozilla.org.xpi [2017-02-17]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-15] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-15] ()
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-02-09] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-02-09] (NVIDIA Corporation)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [6758568 2016-12-28] (COMODO)
R3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2876088 2016-12-28] (COMODO)
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [118472 2016-12-06] (COMODO)
R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [451072 2015-10-06] (Rivet Networks) [File not signed]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-01-20] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-01-20] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-02-10] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-01-20] (NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2017-01-11] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 BfLwf; C:\WINDOWS\system32\DRIVERS\bwcW10x64.sys [141896 2015-09-30] (Rivet Networks, LLC.)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [40952 2016-12-16] (COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [828360 2016-12-16] (COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [50288 2016-12-16] (COMODO)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [127144 2016-12-16] (COMODO)
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [52960 2016-12-06] (COMODO)
R3 KillerEth; C:\WINDOWS\System32\drivers\e22w10x64.sys [158272 2015-09-03] (Qualcomm Atheros, Inc.)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [176064 2017-01-11] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_0cc477a6fec64d8c\nvlddmkm.sys [14516664 2017-02-10] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-01-20] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2017-01-06] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-01-20] (NVIDIA Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [36808 2017-02-25] (Wellbia.com Co., Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2017-02-25] (Zemana Ltd.)
U3 aswMBR; C:\Users\Benq\AppData\Local\Temp\aswMBR.sys [62728 2017-02-26] () [File not signed] <==== ATTENTION
U3 aswVmm; C:\Users\Benq\AppData\Local\Temp\aswVmm.sys [224896 2017-02-26] () <==== ATTENTION
S3 MBAMWebProtection; \??\C:\WINDOWS\system32\drivers\mwac.sys [X]
S1 ZAM; \??\C:\WINDOWS\System32\drivers\zam64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-02-26 14:22 - 2017-02-26 14:22 - 00009994 _____ C:\Users\Benq\Desktop\FRST.txt
2017-02-26 14:22 - 2017-02-26 14:22 - 00000000 ____D C:\FRST
2017-02-26 14:20 - 2017-02-26 14:21 - 02423296 _____ (Farbar) C:\Users\Benq\Desktop\FRST64.exe
2017-02-26 14:16 - 2017-02-26 14:16 - 00002013 _____ C:\Users\Benq\Desktop\aswMBR.txt
2017-02-26 14:16 - 2017-02-26 14:16 - 00000512 _____ C:\Users\Benq\Desktop\MBR.dat
2017-02-26 14:10 - 2017-02-26 14:12 - 05200384 _____ (AVAST Software) C:\Users\Benq\Desktop\aswmbr.exe
2017-02-26 14:07 - 2017-02-26 14:07 - 00000000 ____D C:\Users\Benq\Desktop\backups
2017-02-25 18:14 - 2017-02-25 18:14 - 00000000 ____D C:\Users\Benq\AppData\Local\PeerDistRepub
2017-02-25 17:15 - 2017-02-26 14:05 - 00388608 _____ (Trend Micro Inc.) C:\Users\Benq\Desktop\HijackThis.exe
2017-02-25 16:33 - 2017-02-26 14:22 - 00021824 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2017-02-25 16:33 - 2017-02-25 17:26 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2017-02-25 16:33 - 2017-02-25 17:22 - 00040882 _____ C:\WINDOWS\ZAM.krnl.trace
2017-02-25 16:33 - 2017-02-25 16:33 - 00203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2017-02-25 16:33 - 2017-02-25 16:33 - 00000000 ____D C:\Users\Benq\AppData\Local\Zemana
2017-02-25 16:31 - 2017-02-25 15:58 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-02-25 16:25 - 2017-02-25 16:03 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2017-02-25 15:59 - 2017-02-25 16:22 - 00000000 ____D C:\zoek_backup
2017-02-24 22:45 - 2017-02-25 14:12 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2017-02-24 22:44 - 2017-02-24 23:03 - 00000000 ____D C:\ProgramData\RogueKiller
2017-02-24 22:40 - 2017-02-24 22:40 - 00000000 ____D C:\ProgramData\Sophos
2017-02-24 17:47 - 2017-02-24 17:47 - 00000000 ____D C:\Program Files\Malwarebytes
2017-02-16 23:04 - 2017-02-16 23:04 - 00000222 _____ C:\Users\Benq\Desktop\Sleeping Dogs.url
2017-02-15 11:21 - 2017-02-15 11:21 - 00000000 ____D C:\Users\Benq\ansel
2017-02-15 11:19 - 2017-02-15 11:19 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-02-15 11:19 - 2017-02-09 23:39 - 00134592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-02-15 11:19 - 2017-01-26 01:13 - 00103936 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-02-15 11:19 - 2017-01-26 01:12 - 00326656 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-02-15 11:19 - 2017-01-26 01:09 - 00322560 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-02-15 11:19 - 2017-01-26 01:09 - 00118272 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-02-15 11:17 - 2017-02-10 03:33 - 40192056 _____ C:\WINDOWS\system32\nvcompiler.dll
2017-02-15 11:17 - 2017-02-10 03:33 - 35272760 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-02-15 11:17 - 2017-02-10 03:33 - 34979384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-02-15 11:17 - 2017-02-10 03:33 - 28242488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-02-15 11:17 - 2017-02-10 03:33 - 19007016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-02-15 11:17 - 2017-02-10 03:33 - 14674896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-02-15 11:17 - 2017-02-10 03:33 - 11122728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-02-15 11:17 - 2017-02-10 03:33 - 11019704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-02-15 11:17 - 2017-02-10 03:33 - 09305984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-02-15 11:17 - 2017-02-10 03:33 - 08990072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-02-15 11:17 - 2017-02-10 03:33 - 04078008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-02-15 11:17 - 2017-02-10 03:33 - 03168192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-02-15 11:17 - 2017-02-10 03:33 - 02717752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-02-15 11:17 - 2017-02-10 03:33 - 01983424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437866.dll
2017-02-15 11:17 - 2017-02-10 03:33 - 01589696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437866.dll
2017-02-15 11:17 - 2017-02-10 03:33 - 01052096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-02-15 11:17 - 2017-02-10 03:33 - 00991288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-02-15 11:17 - 2017-02-10 03:33 - 00959424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-02-15 11:17 - 2017-02-10 03:33 - 00946456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-02-15 11:17 - 2017-02-10 03:33 - 00944224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2017-02-15 11:17 - 2017-02-10 03:33 - 00910784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-02-15 11:17 - 2017-02-10 03:33 - 00721952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-02-15 11:17 - 2017-02-10 03:33 - 00719856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2017-02-15 11:17 - 2017-02-10 03:33 - 00687224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-02-15 11:17 - 2017-02-10 03:33 - 00618416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2017-02-15 11:17 - 2017-02-10 03:33 - 00609728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-02-15 11:17 - 2017-02-10 03:33 - 00605120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-02-15 11:17 - 2017-02-10 03:33 - 00576192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-02-15 11:17 - 2017-02-10 03:33 - 00573448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-02-15 11:17 - 2017-02-10 03:33 - 00499136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-02-15 11:17 - 2017-02-10 03:33 - 00483384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-02-15 11:17 - 2017-02-10 03:33 - 00447984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-02-15 07:27 - 2017-02-15 07:29 - 00000000 ____D C:\ProgramData\Killer
2017-02-15 07:27 - 2017-02-15 07:27 - 00002801 _____ C:\Users\Public\Desktop\Killer Network Manager.lnk
2017-02-15 07:27 - 2017-02-15 07:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Killer Networking
2017-02-15 07:27 - 2017-02-15 07:27 - 00000000 ____D C:\Program Files\Killer Networking
2017-02-15 03:57 - 2017-02-15 03:57 - 20359768 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2017-02-13 10:18 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2017-02-13 10:18 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2017-02-13 10:18 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2017-02-13 10:18 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2017-02-13 10:18 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2017-02-13 10:18 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2017-02-11 06:53 - 2017-02-11 06:41 - 01903686 _____ C:\Users\Benq\Desktop\20170211_0630_sweden-S18_EMIL_1951_E1_29_el_hallouf.wotreplay
2017-02-02 09:10 - 2017-02-02 09:09 - 01511216 _____ C:\Users\Benq\Desktop\20170202_0902_germany-G65_JagdTiger_SdKfz_185_45_north_america.wotreplay
2017-02-02 08:35 - 2017-02-02 08:34 - 01487374 _____ C:\Users\Benq\Desktop\20170202_0823_germany-G65_JagdTiger_SdKfz_185_37_caucasus.wotreplay
2017-01-31 23:10 - 2017-02-26 14:14 - 00000000 ____D C:\WINDOWS\Minidump
2017-01-28 13:20 - 2017-02-10 03:33 - 03597128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-01-28 13:20 - 2017-01-24 01:00 - 00047664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2017-01-28 13:20 - 2017-01-20 17:38 - 01985080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437849.dll
2017-01-28 13:20 - 2017-01-20 17:38 - 01591352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437849.dll
2017-01-28 13:20 - 2017-01-20 17:38 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2017-01-28 13:20 - 2017-01-20 17:38 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2017-01-28 12:39 - 2017-01-28 08:30 - 1350686646 _____ C:\Users\Benq\Desktop\Vlkodav-z-kmene-sedych-psu-(2006).avi
2017-01-28 06:54 - 2017-01-28 06:52 - 733204480 _____ C:\Users\Benq\Desktop\2006 HD VLKODAV Z KMENE SEDYCH PSU fantasy dobrodruzny z drivejsi doby.avi
2017-01-27 20:11 - 2017-01-27 20:11 - 00000000 ____D C:\Users\Benq\AppData\Local\TeamSpeak 3
2017-01-27 20:11 - 2017-01-27 20:11 - 00000000 ____D C:\Users\Benq\.TeamSpeak 3
2017-01-27 20:11 - 2017-01-27 20:11 - 00000000 ____D C:\Users\Benq\.QtWebEngineProcess
2017-01-27 11:04 - 2017-01-27 11:05 - 00000000 ____D C:\Users\Benq\Desktop\hudba od káni

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-02-26 14:21 - 2017-01-11 00:14 - 02402486 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2017-02-26 14:21 - 2017-01-10 23:58 - 00000000 ____D C:\Users\Benq\AppData\LocalLow\Mozilla
2017-02-26 14:21 - 2017-01-10 23:50 - 02626166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-26 14:21 - 2016-07-16 23:25 - 01054814 _____ C:\WINDOWS\system32\perfh005.dat
2017-02-26 14:21 - 2016-07-16 23:25 - 00274050 _____ C:\WINDOWS\system32\perfc005.dat
2017-02-26 14:20 - 2017-01-11 01:08 - 00000000 ____D C:\Program Files (x86)\Steam
2017-02-26 14:15 - 2017-01-11 02:09 - 00000000 ____D C:\ProgramData\NVIDIA
2017-02-26 14:14 - 2017-01-11 02:11 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-26 14:14 - 2017-01-11 02:08 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-26 14:14 - 2017-01-10 23:44 - 00403749 ____N C:\WINDOWS\Minidump\022617-5765-01.dmp
2017-02-26 14:13 - 2017-01-11 02:09 - 00000000 ____D C:\Users\Benq
2017-02-26 14:13 - 2017-01-10 23:44 - 00399141 ____N C:\WINDOWS\Minidump\022617-5703-01.dmp
2017-02-26 14:07 - 2017-01-11 00:03 - 01474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat
2017-02-26 14:07 - 2016-07-16 07:04 - 00262144 _____ C:\WINDOWS\system32\config\BBI
2017-02-26 09:55 - 2017-01-11 03:05 - 00004210 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{AF585A00-4C12-453C-9388-2DB71E11578F}
2017-02-25 20:52 - 2017-01-11 03:02 - 00036808 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2017-02-25 16:22 - 2015-07-10 12:04 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-02-25 15:58 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-02-25 07:47 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-25 07:47 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-24 18:12 - 2017-01-12 20:03 - 00000000 ____D C:\Users\Benq\AppData\Roaming\TS3Client
2017-02-24 18:12 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-02-24 16:29 - 2017-01-12 20:03 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2017-02-24 15:51 - 2017-01-11 00:32 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-24 15:50 - 2017-01-11 00:31 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-23 00:25 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-22 12:09 - 2017-01-10 23:46 - 00000000 ____D C:\Users\Benq\AppData\Local\Packages
2017-02-18 19:21 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-02-17 23:33 - 2017-01-10 23:46 - 00000000 ____D C:\Users\Benq\AppData\Local\VirtualStore
2017-02-15 11:21 - 2017-01-11 11:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-02-15 11:19 - 2017-01-11 02:09 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-02-15 07:27 - 2017-01-10 23:55 - 00000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2017-02-15 07:27 - 2017-01-10 23:54 - 00000000 _____ C:\Users\Benq\AppData\Local\Driver_LOM_8161Present.flag
2017-02-15 07:25 - 2017-01-10 23:51 - 00000010 _____ C:\WINDOWS\GSetup.ini
2017-02-15 07:23 - 2017-01-10 23:51 - 00026192 ____N (Windows (R) Server 2003 DDK provider) C:\WINDOWS\gdrv.sys
2017-02-15 06:25 - 2017-01-11 00:25 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-02-15 04:36 - 2017-01-12 01:13 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-02-15 03:57 - 2017-01-12 01:13 - 00003900 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-02-15 03:57 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-02-15 03:57 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-13 10:17 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-02-10 03:33 - 2017-01-11 00:30 - 00043556 _____ C:\WINDOWS\system32\nvinfo.pb
2017-02-10 00:13 - 2017-01-11 11:33 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-02-09 23:57 - 2017-01-11 02:09 - 07791217 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-02-09 23:57 - 2017-01-11 02:09 - 06403640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-02-09 23:57 - 2017-01-11 02:09 - 02477504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-02-09 23:57 - 2017-01-11 02:09 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-02-09 23:57 - 2017-01-11 02:09 - 00548288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-02-09 23:57 - 2017-01-11 02:09 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-02-09 23:57 - 2017-01-11 02:09 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-02-09 23:57 - 2017-01-11 02:09 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-02-06 20:48 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:48 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-01-31 23:10 - 2017-01-10 23:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-31 23:10 - 2017-01-10 23:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-28 13:21 - 2017-01-11 02:09 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-01-28 13:16 - 2017-01-11 11:33 - 00001489 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-01-28 13:15 - 2017-01-11 11:33 - 00003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-28 13:15 - 2017-01-11 11:33 - 00003884 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-28 13:15 - 2017-01-11 11:33 - 00003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-28 13:15 - 2017-01-11 11:33 - 00003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-28 13:15 - 2017-01-11 11:33 - 00003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-28 13:15 - 2017-01-11 11:33 - 00003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-28 13:15 - 2017-01-11 02:09 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-01-28 03:23 - 2017-01-11 02:15 - 00003266 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-01-28 03:23 - 2017-01-11 02:14 - 00002388 _____ C:\Users\Benq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-01-28 03:23 - 2017-01-10 23:48 - 00000000 ___RD C:\Users\Benq\OneDrive

==================== Files in the root of some directories =======

2017-01-10 23:54 - 2017-02-15 07:27 - 0000000 _____ () C:\Users\Benq\AppData\Local\Driver_LOM_8161Present.flag

Some files in TEMP:
====================
2017-02-25 20:52 - 2017-02-25 20:52 - 0000512 _____ () C:\Users\Benq\AppData\Local\Temp\74ebd0c58b2c3276bb2748f70ddc83e9.dll
2017-02-25 20:52 - 2017-02-25 20:52 - 0000060 _____ () C:\Users\Benq\AppData\Local\Temp\8744cfc25c6c816ce81550f127c9b624.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-02-18 14:04

==================== End of FRST.txt ============================

[JuraK]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-02-2017
Ran by Benq (26-02-2017 14:22:46)
Running from C:\Users\Benq\Desktop
Windows 10 Pro Version 1607 (X64) (2017-01-11 01:12:41)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1052065165-3362093503-2363687254-500 - Administrator - Disabled)
Benq (S-1-5-21-1052065165-3362093503-2363687254-1001 - Administrator - Enabled) => C:\Users\Benq
DefaultAccount (S-1-5-21-1052065165-3362093503-2363687254-503 - Limited - Disabled)
Guest (S-1-5-21-1052065165-3362093503-2363687254-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: COMODO Antivirus (Enabled - Up to date) {D0CC7563-ABD2-DEBE-138E-FDD553335AF2}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Comodo Defense+ (Enabled - Up to date) {6BAD9487-8DE8-D130-293E-C6A728B4104F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall (Enabled) {E8F7F446-E1BD-DFE6-38D1-54E0ADE01D89}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Aktualizace NVIDIA 23.23.0.0 (Version: 23.23.0.0 - NVIDIA Corporation) Hidden
Ansel (Version: 378.66 - NVIDIA Corporation) Hidden
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.26.1 - Asmedia Technology)
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
COMODO Internet Security Premium (HKLM\...\COMODO Internet Security) (Version: 10.0.0.6092 - COMODO Security Solutions Inc.)
COMODO Internet Security Premium (Version: 10.0.0.6092 - COMODO Security Solutions Inc.) Hidden
COMODO Secure Shopping (HKLM-x32\...\Comodo Secure_Shopping_list_uninstall) (Version: 1.1.405760.79 - Comodo)
CPUID HWMonitor 1.30 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
Grand Theft Auto V (HKLM-x32\...\Grand Theft Auto V_R.G. Mechanics_is1) (Version: - R.G. Mechanics, ProZorg_tm)
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.1.404761.40 - Comodo)
Killer Bandwidth Control Filter Driver (Version: 1.1.56.1343 - Rivet Networks) Hidden
Killer E220x Drivers (Version: 1.1.56.1343 - Rivet Networks) Hidden
Killer Network Manager (Version: 1.1.56.1343 - Rivet Networks) Hidden
Killer Performance Suite (HKLM-x32\...\{BBEC6403-B531-4A86-A93C-BAE057E67ED5}) (Version: 1.1.56.1343 - Rivet Networks)
Knight Online (HKLM\...\Steam App 389430) (Version: - Noah System)
Microsoft OneDrive (HKU\S-1-5-21-1052065165-3362093503-2363687254-1001\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Mozilla Firefox 51.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 cs)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
NVIDIA GeForce Experience 3.3.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.3.0.95 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 378.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 378.66 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.21 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 378.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 378.66 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.3.0.95 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.3.5.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Ovládací panel NVIDIA 378.66 (Version: 378.66 - NVIDIA Corporation) Hidden
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.7.8 - Rockstar Games)
SHIELD Streaming (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.3.0.95 - NVIDIA Corporation) Hidden
Sleeping Dogs™ (HKLM\...\Steam App 202170) (Version: - United Front Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
World of Tanks (HKU\S-1-5-21-1052065165-3362093503-2363687254-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {147F56F1-A61E-4824-9548-CD91BBD2AC4F} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-01-20] (NVIDIA Corporation)
Task: {5D684BB1-2E41-45E7-A6BA-593A2FF6D691} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-01-20] (NVIDIA Corporation)
Task: {5EB0A595-5E24-4E1C-A51A-B3C7D983183E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-08] (Piriform Ltd)
Task: {63BE5DD1-2F30-48EE-A520-80C6C69A4ED6} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-01-20] (NVIDIA Corporation)
Task: {6C8BC889-8D2D-465A-A5B9-4917AA881A26} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2016-12-28] (COMODO)
Task: {6DBA8FEE-06DF-45A7-9125-0267E74F5002} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-01-20] (NVIDIA Corporation)
Task: {7D738AFD-0E8B-497B-A8C1-B9A956EDBD9A} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-15] (Adobe Systems Incorporated)
Task: {89AFB68D-6BE1-47C6-8D91-E13F39239509} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-01-20] (NVIDIA Corporation)
Task: {8ED9087C-FB65-4028-A36E-C4CEA75FA3C4} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-12-28] (COMODO)
Task: {92DCC112-71F4-4009-85DF-DE15313BB23A} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-12-28] (COMODO)
Task: {AF33A726-4356-4883-8500-654E23D6D189} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-12-28] (COMODO)
Task: {B35E99C5-FF94-4C34-8CE5-AB51AA157B7D} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-01-20] (NVIDIA Corporation)
Task: {CD058CA7-CC18-4AFF-AB0E-48B48DA3CD54} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-12-28] (COMODO)
Task: {F25E8ADA-A0B4-41DC-A172-77AC802AEE3B} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-12-28] (COMODO)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-01-11 02:06 - 2017-01-11 02:06 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-01-11 02:09 - 2017-02-09 23:57 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-12-28 00:17 - 2016-12-28 00:17 - 00155320 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdwrhlp.dll
2016-12-28 00:16 - 2016-12-28 00:16 - 00107704 _____ () C:\Program Files\COMODO\COMODO Internet Security\cavwpps.dll
2016-12-28 00:16 - 2016-12-28 00:16 - 00179896 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdcomps.dll
2017-01-11 11:33 - 2017-01-20 19:39 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2017-01-11 11:33 - 2017-01-20 19:39 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-01-11 02:06 - 2017-01-11 02:06 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2017-01-11 02:06 - 2017-01-11 02:06 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 02:06 - 2017-01-11 02:06 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 02:06 - 2017-01-11 02:06 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 02:06 - 2017-01-11 02:06 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 02:06 - 2017-01-11 02:06 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 02:06 - 2017-01-11 02:06 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 02:06 - 2017-01-11 02:06 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-02-08 03:52 - 2017-02-08 03:52 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2017-02-22 12:08 - 2017-02-22 12:08 - 00073728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-02-22 12:08 - 2017-02-22 12:08 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-02-22 12:08 - 2017-02-22 12:08 - 42895360 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-02-07 02:07 - 2017-02-07 02:07 - 02215424 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\roottools.dll
2016-03-16 10:25 - 2016-03-16 10:25 - 00073912 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2017-01-11 11:33 - 2017-01-20 19:39 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2017-01-11 11:33 - 2017-01-20 19:39 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2017-01-11 11:33 - 2017-01-20 19:39 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-01-11 01:10 - 2016-12-23 19:28 - 00657184 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2017-01-11 01:10 - 2016-09-01 02:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2017-01-11 01:10 - 2017-01-19 02:30 - 02327840 _____ () C:\Program Files (x86)\Steam\video.dll
2017-01-11 01:10 - 2016-09-01 02:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2017-01-11 01:10 - 2016-09-01 02:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2017-01-11 01:10 - 2016-01-27 08:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2017-01-11 01:10 - 2016-01-27 08:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2017-01-11 01:10 - 2016-01-27 08:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2017-01-11 01:10 - 2016-01-27 08:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2017-01-11 01:10 - 2016-01-27 08:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2017-01-11 01:10 - 2017-01-19 02:30 - 00838432 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2017-01-11 01:10 - 2016-07-04 23:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2017-01-11 11:33 - 2017-01-20 19:38 - 64245184 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2017-01-11 11:33 - 2017-01-20 14:36 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2017-01-11 11:33 - 2017-01-20 14:36 - 00254008 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2017-01-11 11:33 - 2017-01-20 14:36 - 02808888 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2017-01-11 11:33 - 2017-01-20 14:36 - 00384568 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2017-01-11 11:33 - 2017-01-20 14:36 - 00537656 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2017-01-11 11:33 - 2017-01-20 14:36 - 00468024 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2017-01-11 11:33 - 2017-01-20 14:36 - 01066552 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2017-01-11 11:33 - 2017-01-20 14:36 - 01014840 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node
2017-01-11 01:10 - 2017-01-05 04:12 - 68813088 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2017-01-11 01:10 - 2017-01-19 02:30 - 00383776 _____ () C:\Program Files (x86)\Steam\steam.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 12:04 - 2017-02-25 16:07 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts


127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1052065165-3362093503-2363687254-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.16.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{26A6A10F-E053-4167-8B25-CB5933B83336}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{D7CDAEE9-08E7-43EA-9A7B-4005D9C48D8C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{80D2A2D6-5844-4A05-89EE-6E338F6CD529}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{71A90105-A18A-4E08-ACE3-CFC232A8685C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{917C9D48-379C-41FC-82FD-1826318BB0D7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BF9726E6-CC14-4F10-9BD6-38EFDB7215A8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D7AD4D7C-9928-4221-B7B8-51D7B1BDEEF2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Knight Online\Launcher.exe
FirewallRules: [{6B645070-1423-412A-A4D0-3D16210F9933}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Knight Online\Launcher.exe
FirewallRules: [{0D1786A3-FA07-4AC0-9FEF-1ABB27A088B9}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{A9D914E2-A92C-4674-B774-85628F4F7116}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{D8660978-40EA-4AF8-B367-EDCFC26FF7DF}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{D910D990-820B-447F-8234-DC1AB100E82B}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{2E88218C-DC33-4ACD-B842-1980511E5116}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{11294295-7C50-432B-92F8-254672918415}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{CB5618C0-C462-457C-B7F5-ED95A79BE952}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{29CC28E7-BA1F-4897-95F1-49EC5D947322}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{EC817D2B-B166-43D7-B6FC-82A4FCCF81EA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{05CBA017-307F-447D-980F-A89A0573B26A}] => (Allow) D:\Hry\SteamLibrary\steamapps\common\SleepingDogs\HKShip.exe
FirewallRules: [{0C557B6D-FEFC-4309-A026-D9CC7F77380B}] => (Allow) D:\Hry\SteamLibrary\steamapps\common\SleepingDogs\HKShip.exe

==================== Restore Points =========================

07-02-2017 08:17:29 Naplánovaný kontrolní bod
13-02-2017 10:17:33 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
17-02-2017 03:21:27 Nainstalováno rozhraní DirectX
23-02-2017 00:25:41 Windows Update
24-02-2017 20:16:06 JRT Pre-Junkware Removal
24-02-2017 22:39:05 Installed Sophos Virus Removal Tool.
25-02-2017 16:06:45 zoek.exe restore point
25-02-2017 18:19:53 Removed Sophos Virus Removal Tool.

==================== Faulty Device Manager Devices =============

Name: Standardní klávesnice PS/2
Description: Standardní klávesnice PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní klávesnice)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Myš Microsoft PS/2
Description: Myš Microsoft PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/25/2017 06:21:39 PM) (Source: ESENT) (EventID: 454) (User: )
Description: taskhostw (2104) WebCacheLocal: Při pokusu o obnovení nebo zotavení databáze došlo k neočekávané chybě -1032.

Error: (02/25/2017 06:21:39 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhostw (2104) WebCacheLocal: Pokus o otevření souboru C:\Users\Benq\AppData\Local\Microsoft\Windows\WebCache\V01.log pro čtení nebo zápis selhal. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).

Error: (02/25/2017 06:19:57 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddWin32ServiceFiles: Unable to back up image of service ZAMSvc since QueryServiceConfig API failed

System Error:
Systém nemůže nalézt uvedený soubor.
.

Error: (02/25/2017 06:19:57 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (02/25/2017 05:28:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BENQ)
Description: Aplikaci Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (02/25/2017 04:06:46 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (02/25/2017 03:47:37 PM) (Source: ESENT) (EventID: 454) (User: )
Description: taskhostw (2264) WebCacheLocal: Při pokusu o obnovení nebo zotavení databáze došlo k neočekávané chybě -1032.

Error: (02/25/2017 03:47:37 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhostw (2264) WebCacheLocal: Pokus o otevření souboru C:\Users\Benq\AppData\Local\Microsoft\Windows\WebCache\V01.log pro čtení nebo zápis selhal. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).

Error: (02/25/2017 02:25:03 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000

Error: (02/25/2017 02:25:03 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000


System errors:
=============
Error: (02/26/2017 02:14:45 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
a APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/26/2017 02:14:44 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: Počítač byl restartován z procesu kontroly chyb. Kontrola chyb: 0x00000050 (0xfffff6fb7dbedc18, 0x0000000000000000, 0xfffff80d628e78be, 0x0000000000000002). Výpis byl uložen do: C:\WINDOWS\Minidump\022617-5765-01.dmp. ID hlášení: f096c03c-dfa1-47fc-9658-2c83ce96fa50

Error: (02/26/2017 02:14:43 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (14:13:12, ‎26.‎02.‎2017) bylo neočekávané.

Error: (02/26/2017 02:14:37 PM) (Source: Application Popup) (EventID: 56) (User: )
Description: ACPI5

Error: (02/26/2017 02:13:14 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
a APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/26/2017 02:13:13 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: Počítač byl restartován z procesu kontroly chyb. Kontrola chyb: 0x00000050 (0xfffff6fb7dbedb18, 0x0000000000000000, 0xfffff808c10278be, 0x0000000000000002). Výpis byl uložen do: C:\WINDOWS\Minidump\022617-5703-01.dmp. ID hlášení: a46dcafa-09b6-4f49-aab8-96a2cf5eb20f

Error: (02/26/2017 02:13:12 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (14:08:12, ‎26.‎02.‎2017) bylo neočekávané.

Error: (02/26/2017 02:13:06 PM) (Source: Application Popup) (EventID: 56) (User: )
Description: ACPI5

Error: (02/26/2017 02:08:14 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
a APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/26/2017 02:08:06 PM) (Source: Application Popup) (EventID: 56) (User: )
Description: ACPI5


CodeIntegrity:
===================================
Date: 2017-02-26 14:16:48.927
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\iseguard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-02-26 14:14:52.744
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\iseguard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-02-26 14:14:43.021
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\iseguard64.dll that did not meet the Windows signing level requirements.

Date: 2017-02-26 14:14:42.863
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume3\Windows\SysWOW64\iseguard32.dll that did not meet the Windows signing level requirements.

Date: 2017-02-26 14:10:18.894
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\iseguard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-02-26 14:08:20.226
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\iseguard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-02-26 14:08:11.917
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\iseguard64.dll that did not meet the Windows signing level requirements.

Date: 2017-02-26 14:08:11.763
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume3\Windows\SysWOW64\iseguard32.dll that did not meet the Windows signing level requirements.

Date: 2017-02-26 13:36:47.667
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\iseguard64.dll that did not meet the Windows signing level requirements.

Date: 2017-02-26 06:33:02.948
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\iseguard64.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-6600K CPU @ 3.50GHz
Percentage of memory in use: 10%
Total physical RAM: 16333.73 MB
Available physical RAM: 14541.44 MB
Total Virtual: 17357.73 MB
Available Virtual: 15553.28 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.4 GB) (Free:163.6 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:818.97 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 2EFD53C3)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or (Size: 232.9 GB) (Disk ID: AF1F4F36)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

[jaro3]

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searcerms}&src=IE-SearchBox&FORM=IESR02
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Buda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll File not found
SearchScopes: HKU\S-1-5-21-1052065165-3362093503-2363687254-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
FF ProfilePath: C:\Users\Benq\AppData\Roaming\Comodo\CSS\User Data-firefox1 [not found]
S3 xhunter1; C:\WINDOWS\xhunter1.sys [36808 2017-02-25] (Wellbia.com Co., Ltd.)
U3 aswMBR; C:\Users\Benq\AppData\Local\Temp\aswMBR.sys [62728 2017-02-26] () [File not signed] <==== ATTENTION
U3 aswVmm; C:\Users\Benq\AppData\Local\Temp\aswVmm.sys [224896 2017-02-26] () <==== ATTENTION
C:\Users\Benq\AppData\Local\Temp\74ebd0c58b2c3276bb2748f70ddc83e9.dll
C:\Users\Benq\AppData\Local\Temp\8744cfc25c6c816ce81550f127c9b624.dll
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

Stáhni si a nainstaluj WhoCrashed
otevři ho a klikni na Analyze.
Program vytvoří zprávu , zkopíruj celou a vlož prosím sem.

[JuraK]

Fix result of Farbar Recovery Scan Tool (x64) Version: 25-02-2017
Ran by Benq (26-02-2017 20:10:17) Run:1
Running from C:\Users\Benq\Desktop
Loaded Profiles: Benq (Available Profiles: Benq)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searcerms}&src=IE-SearchBox&FORM=IESR02
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Buda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll File not found
SearchScopes: HKU\S-1-5-21-1052065165-3362093503-2363687254-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
FF ProfilePath: C:\Users\Benq\AppData\Roaming\Comodo\CSS\User Data-firefox1 [not found]
S3 xhunter1; C:\WINDOWS\xhunter1.sys [36808 2017-02-25] (Wellbia.com Co., Ltd.)
U3 aswMBR; C:\Users\Benq\AppData\Local\Temp\aswMBR.sys [62728 2017-02-26] () [File not signed] <==== ATTENTION
U3 aswVmm; C:\Users\Benq\AppData\Local\Temp\aswVmm.sys [224896 2017-02-26] () <==== ATTENTION
C:\Users\Benq\AppData\Local\Temp\74ebd0c58b2c3276bb2748f70ddc83e9.dll
C:\Users\Benq\AppData\Local\Temp\8744cfc25c6c816ce81550f127c9b624.dll
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
EmptyTemp:
End
*****************

Processes closed successfully.
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Error: No automatic fix found for this entry.
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC => Error: No automatic fix found for this entry.
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Error: No automatic fix found for this entry.
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC => Error: No automatic fix found for this entry.
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Error: No automatic fix found for this entry.
IE - HKCU\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms} => Error: No automatic fix found for this entry.
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 => Error: No automatic fix found for this entry.
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searcerms}&src=IE-SearchBox&FORM=IESR02 => Error: No automatic fix found for this entry.
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll File not found => Error: No automatic fix found for this entry.
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll File not found => Error: No automatic fix found for this entry.
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Buda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll File not found => Error: No automatic fix found for this entry.
HKU\S-1-5-21-1052065165-3362093503-2363687254-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} => key removed successfully
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
C:\Users\Benq\AppData\Roaming\Comodo\CSS\User Data-firefox1 => path removed successfully
HKLM\System\CurrentControlSet\Services\xhunter1 => key removed successfully
xhunter1 => service removed successfully
aswMBR => service not found.
aswVmm => service not found.
C:\Users\Benq\AppData\Local\Temp\74ebd0c58b2c3276bb2748f70ddc83e9.dll => moved successfully
C:\Users\Benq\AppData\Local\Temp\8744cfc25c6c816ce81550f127c9b624.dll => moved successfully
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => moved successfully
C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 2256768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 30933206 B
Java, Flash, Steam htmlcache => 157291405 B
Windows/system/drivers => 91506 B
Edge => 0 B
Chrome => 0 B
Firefox => 372226466 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 0 B
Benq => 28043538 B

RecycleBin => 0 B
EmptyTemp: => 563.5 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:10:21 ====

[JuraK]

System Information (local)
--------------------------------------------------------------------------------

Computer name: BENQ
Windows version: Windows 10 , 10.0, build: 14393
Windows dir: C:\WINDOWS
Hardware: Z170-Gaming K3, Gigabyte Technology Co., Ltd.
CPU: GenuineIntel Intel(R) Core(TM) i5-6600K CPU @ 3.50GHz Intel586, level: 6
4 logical processors, active mask: 15
RAM: 17127153664 bytes total




--------------------------------------------------------------------------------
Crash Dump Analysis
--------------------------------------------------------------------------------

Crash dump directory: C:\WINDOWS\Minidump

Crash dumps are enabled on your computer.

No valid crash dumps have been found on your computer


--------------------------------------------------------------------------------
Conclusion
--------------------------------------------------------------------------------

Crash dumps are enabled but no valid crash dumps have been found. In case you are experiencing system crashes, it may be that crash dumps are prevented from being written out. Check out the following article for possible causes: If crash dumps are not written out.



Read the topic general suggestions for troubleshooting system crashes for more information.

Note that it's not always possible to state with certainty whether a reported driver is responsible for crashing your system or that the root cause is in another module. Nonetheless it's suggested you look for updates for the products that these drivers belong to and regularly visit Windows update or enable automatic updates for Windows. In case a piece of malfunctioning hardware is causing trouble, a search with Google on the bug check errors together with the model name and brand of your computer may help you investigate this further.

[jaro3]

Co problémy?

[JuraK]

Mam zaplé pc 17 hodin a Hostitel služby místní systém zabírá 2,3gb ram a jde to pomalu ale jistě nahoru,takže za pár dní to bude zabírat třeba 40-50% ram.Po restartu nezabírá prakticky žádnou ram.Jsem rád že to asi nebude nějaký vir nebo tak něco,ale pořád nevím co to způsobuje nebo jestli to je běžný.Asi tak jednou za dva týdny mi to hází blue screen memory management,třeba to bude nějak souviset s tou ram.