Prosím o kontrolu logu

[Vondraxer]

# AdwCleaner 7.0.8.0 - Logfile created on Sun Mar 25 19:51:12 2018
# Updated on 2018/08/02 by Malwarebytes
# Running on Windows 7 Ultimate (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

No malicious folders deleted.

***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

No malicious registry entries deleted.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

SearchProvider deleted: slunecnice.cz - slunecnice.cz
SearchProvider deleted: TJ Sokol Brtnice - tjsokolbrtnice.cz
Startpage deleted: http://seznam.cz/
Startpage deleted: http://www.search.ask.com/?o=APN11459&g ... 21-340&t=4
Startpage deleted: http://www.omniboxes.com/?type=hp&ts=14 ... 4_5CC039B8
Startpage deleted: http://www.delta-homes.com/?type=hp&ts= ... 4_5CC039B8
Startpage deleted: http://www.yessearches.com/?mode=nnnb&p ... CHMmAHAsC0..
Startpage deleted: https://encrypted.google.com
Startpage deleted: http://seznam.cz/
Startpage deleted: http://www.search.ask.com/?o=APN11459&g ... 21-340&t=4
Startpage deleted: http://www.omniboxes.com/?type=hp&ts=14 ... 4_5CC039B8
Startpage deleted: http://www.delta-homes.com/?type=hp&ts= ... 4_5CC039B8
Startpage deleted: http://www.yessearches.com/?mode=nnnb&p ... CHMmAHAsC0..
Startpage deleted: https://encrypted.google.com
Startpage deleted: http://seznam.cz/
Startpage deleted: http://www.search.ask.com/?o=APN11459&g ... 21-340&t=4
Startpage deleted: http://www.omniboxes.com/?type=hp&ts=14 ... 4_5CC039B8
Startpage deleted: http://www.delta-homes.com/?type=hp&ts= ... 4_5CC039B8
Startpage deleted: http://www.yessearches.com/?mode=nnnb&p ... CHMmAHAsC0..
Startpage deleted: https://encrypted.google.com
Startpage deleted: http://seznam.cz/
Startpage deleted: http://www.search.ask.com/?o=APN11459&g ... 21-340&t=4
Startpage deleted: http://www.omniboxes.com/?type=hp&ts=14 ... 4_5CC039B8
Startpage deleted: http://www.delta-homes.com/?type=hp&ts= ... 4_5CC039B8
Startpage deleted: http://www.yessearches.com/?mode=nnnb&p ... CHMmAHAsC0..
Startpage deleted: https://encrypted.google.com
Startpage deleted: http://seznam.cz/
Startpage deleted: http://www.search.ask.com/?o=APN11459&g ... 21-340&t=4
Startpage deleted: http://www.omniboxes.com/?type=hp&ts=14 ... 4_5CC039B8
Startpage deleted: http://www.delta-homes.com/?type=hp&ts= ... 4_5CC039B8
Startpage deleted: http://www.yessearches.com/?mode=nnnb&p ... CHMmAHAsC0..
Startpage deleted: https://encrypted.google.com
Startpage deleted: http://seznam.cz/
Startpage deleted: http://www.search.ask.com/?o=APN11459&g ... 21-340&t=4
Startpage deleted: http://www.omniboxes.com/?type=hp&ts=14 ... 4_5CC039B8
Startpage deleted: http://www.delta-homes.com/?type=hp&ts= ... 4_5CC039B8
Startpage deleted: http://www.yessearches.com/?mode=nnnb&p ... CHMmAHAsC0..
Startpage deleted: https://encrypted.google.com


*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [4233 B] - [2018/3/22 17:54:24]
C:/AdwCleaner/AdwCleaner[S0].txt - [2067 B] - [2018/3/22 17:53:4]
C:/AdwCleaner/AdwCleaner[S1].txt - [2086 B] - [2018/3/25 19:50:34]


########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt ##########

[Conder]

Urob v MBAM uplny sken

• Stiahni a nainstaluj Malwarebytes (MBAM): https://www.malwarebytes.com/mwb-download/thankyou/
• Ignoruj skusobnu trial verziu
• Otvor MBAM a vlavo klikni na "Skenovat"
• Klikni na "Vlastne skenovanie" a potom na "Nakonfigurovat skenovanie" (Nastavit sken)
• Vpravo oznac vsetky disky v PC a vlavo oznac moznost "Vyhladavat rootkity"
• Klikni na Skenovat teraz a pockaj na dokoncenie
• Po dokonceni klikni na Exportovat zhrnutie -> Textovy subor, zadaj nejaky nazov suboru a uloz na plochu
• Obsah tohto suboru sem skopiruj
• Obrazkovy navod (bohuzial pre starsiu verziu): https://forum.viry.cz/viewtopic.php?f=29&t=144868

[Vondraxer]

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 26.03.18
Čas skenování: 17:03
Logovací soubor: cf98cae3-3106-11e8-ae0f-2089849c60ab.json
Správce: Ano

-Informace o softwaru-
Verze: 3.4.4.2398
Verze komponentů: 1.0.322
Aktualizovat verzi balíku komponent: 1.0.4492
Licence: Zkušební

-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x64
Systém souborů: NTFS
Uživatel: System

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 251609
Zjištěné hrozby: 10
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 14 min, 27 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 10
PUP.Optional.ASK, C:\USERS\WOWAJZ\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Žádná uživatelská akce, [480], [454825],1.0.4492
PUP.Optional.ASK, C:\USERS\WOWAJZ\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Žádná uživatelská akce, [480], [454825],1.0.4492
Adware.Elex.ShrtCln, C:\USERS\WOWAJZ\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Žádná uživatelská akce, [2202], [454718],1.0.4492
Adware.Elex.ShrtCln, C:\USERS\WOWAJZ\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Žádná uživatelská akce, [2202], [454718],1.0.4492
PUP.Optional.Delta, C:\USERS\WOWAJZ\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Žádná uživatelská akce, [3466], [455071],1.0.4492
PUP.Optional.Delta, C:\USERS\WOWAJZ\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Žádná uživatelská akce, [3466], [455071],1.0.4492
Adware.Elex.ShrtCln, C:\USERS\WOWAJZ\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Žádná uživatelská akce, [2202], [454748],1.0.4492
Adware.Elex.ShrtCln, C:\USERS\WOWAJZ\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Žádná uživatelská akce, [2202], [454748],1.0.4492
Adware.Elex.ShrtCln, C:\USERS\WOWAJZ\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Žádná uživatelská akce, [2202], [454733],1.0.4492
Adware.Elex.ShrtCln, C:\USERS\WOWAJZ\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Žádná uživatelská akce, [2202], [454733],1.0.4492

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

[Conder]

Tieto nalezy zmaz. Ale toto bol iba Threat Scan (Sken hrozeb), urob uplny sken podla instrukcii v mojom predchadzajucom prispevku.

[Vondraxer]

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 27.03.18
Čas skenování: 16:59
Logovací soubor: 7dc1a76a-31cf-11e8-af20-2089849c60ab.json
Správce: Ano

-Informace o softwaru-
Verze: 3.4.4.2398
Verze komponentů: 1.0.322
Aktualizovat verzi balíku komponent: 1.0.4508
Licence: Zkušební

-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x64
Systém souborů: NTFS
Uživatel: Wowajz-PC\Wowajz

-Shrnutí skenování-
Typ skenování: Vlastní skenování
Výsledek: Dokončeno
Skenované objekty: 253466
Zjištěné hrozby: 1
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 2 hod, 13 min, 5 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 1
RiskWare.Agent, D:\STAžENé\ESET NOD32 ANTIVIRUS, SMART SECURITY, INTERNET SECURITY 10.0.386.0 + LICENSE KEYS [SADEEMPC]\LICENSE KEYS + TNOD.ZIP, Žádná uživatelská akce, [3867], [352776],1.0.4508

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

[Conder]

Zresetuj Chrome este raz:

Resetuj Chrome na predvolene nastavenia: Nastavenia -> Rozsirene - Obnovit -> potvrd kliknutim na Obnovit.

Nasledne vytvor a posli nove logy z FRST.

Ako to vyzera s PC?

[Vondraxer]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
Ran by Wowajz (administrator) on WOWAJZ-PC (27-03-2018 20:52:56)
Running from C:\Users\Wowajz\Desktop
Loaded Profiles: Wowajz (Available Profiles: Wowajz)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Angličtina (Spojené státy)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Malwarebytes) D:\programy\Anti-Malware\MBAMService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) D:\programy\iTunesHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
(Spotify Ltd) C:\Users\Wowajz\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
(Malwarebytes) D:\programy\Anti-Malware\mbamtray.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Intel Corporation) D:\programy\intel\IAStorIcon.exe
(Intel Corporation) D:\programy\intel\IAStorDataMgrSvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\eOPPFrame.exe
(forum.viry.cz) C:\Users\Wowajz\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [UpdatePRCShortCut] => "D:\programy\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "D:\programy\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [IAStorIcon] => D:\programy\intel\IAStorIcon.exe [287592 2014-04-24] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2899216 2012-03-26] (Synaptics Incorporated)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8071680 2017-04-04] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [6193152 2017-04-04] (Lenovo(beijing) Limited)
HKLM\...\Run: [iTunesHelper] => D:\programy\iTunesHelper.exe [297272 2017-12-11] (Apple Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-21] (Intel Corporation)
HKLM-x32\...\Run: [UpdatePRCShortCut] => "D:\programy\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "D:\programy\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
HKU\S-1-5-21-2344032579-2471585022-3391359700-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9856176 2017-09-20] (Piriform Ltd)
HKU\S-1-5-21-2344032579-2471585022-3391359700-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [153136 2007-05-16] (Nero AG)
HKU\S-1-5-21-2344032579-2471585022-3391359700-1000\...\Run: [Spotify Web Helper] => C:\Users\Wowajz\AppData\Roaming\Spotify\SpotifyWebHelper.exe [782736 2018-03-25] (Spotify Ltd)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [182592 2018-03-16] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [159704 2018-03-16] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{494D3396-65F8-4360-990F-9EA660717521}: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{F3FE08EC-7D18-458F-AEA2-4DCC911A70EB}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> D:\programy\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> D:\programy\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxps://www.google.co ... google.com"
CHR Profile: C:\Users\Wowajz\AppData\Local\Google\Chrome\User Data\Default [2018-03-27]
CHR Extension: (Prezentace) - C:\Users\Wowajz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Dokumenty) - C:\Users\Wowajz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-15]
CHR Extension: (Disk Google) - C:\Users\Wowajz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-03]
CHR Extension: (YouTube) - C:\Users\Wowajz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-03]
CHR Extension: (Tabulky) - C:\Users\Wowajz\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\Wowajz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-03]
CHR Extension: (AdBlock) - C:\Users\Wowajz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-03-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Wowajz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Gmail) - C:\Users\Wowajz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-03]
CHR Extension: (Chrome Media Router) - C:\Users\Wowajz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-24]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-11-27] (Apple Inc.)
S3 Disc Soft Lite Bus Service; D:\programy\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-07] (Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2836296 2016-12-14] (ESET)
R2 IAStorDataMgrSvc; D:\programy\intel\IAStorDataMgrSvc.exe [15720 2014-04-24] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319096 2016-05-12] (Intel Corporation)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273216 2017-02-14] (Lenovo)
R2 MBAMService; D:\programy\Anti-Malware\mbamservice.exe [6440736 2018-03-03] (Malwarebytes)
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-05-16] (Nero AG)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2017-04-04] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-04-04] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [132272 2016-12-05] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [106768 2016-12-05] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [180544 2016-12-05] (ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [49672 2016-12-05] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [77616 2016-12-05] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [60536 2016-12-05] (ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [96856 2016-12-05] (ESET)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [76200 2018-01-18] ()
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-04-04] (REALiX(tm))
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2014-04-24] (Intel Corporation)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2013-07-18] (Qualcomm Atheros Co., Ltd.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [193248 2018-03-25] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [109800 2018-03-27] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-03-27] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [92280 2018-03-27] (Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [181304 2017-04-04] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31168 2018-03-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [59240 2017-12-15] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2017-12-05] (NVIDIA Corporation)
R3 RTSUER; C:\Windows\System32\Drivers\RtsUer.sys [419296 2017-04-04] (Realsil Semiconductor Corporation)
S3 SmbDrvIntel; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [27408 2012-03-26] (Synaptics Incorporated)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [1070080 2017-04-04] (Vimicro Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-27 20:23 - 2018-03-27 20:23 - 000001782 _____ C:\Users\Wowajz\Desktop\aaaaa.txt
2018-03-27 15:19 - 2018-03-27 20:26 - 000092280 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2018-03-26 17:21 - 2018-03-26 17:21 - 000003189 _____ C:\Users\Wowajz\Desktop\MB_log.txt
2018-03-25 22:21 - 2018-03-27 20:26 - 000109800 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2018-03-25 22:21 - 2018-03-27 15:17 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-03-25 22:21 - 2018-03-25 22:21 - 000193248 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2018-03-25 22:21 - 2018-03-25 22:21 - 000000729 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-03-25 22:21 - 2018-03-25 22:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-03-25 22:21 - 2018-01-18 09:03 - 000076200 _____ C:\Windows\system32\Drivers\mbae64.sys
2018-03-25 22:20 - 2018-03-25 22:20 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-03-25 20:40 - 2018-03-27 20:53 - 000014652 _____ C:\Users\Wowajz\Desktop\FRST.txt
2018-03-22 21:47 - 2018-03-22 21:49 - 000007749 _____ C:\Users\Wowajz\Desktop\Fixlog.txt
2018-03-22 20:17 - 2018-03-27 20:52 - 000000000 ____D C:\FRST
2018-03-22 20:16 - 2018-03-22 20:16 - 002403328 _____ (Farbar) C:\Users\Wowajz\Desktop\FRST64.exe
2018-03-22 20:16 - 2018-03-22 20:16 - 000112640 _____ (forum.viry.cz) C:\Users\Wowajz\Desktop\FRSTLauncher.exe
2018-03-22 19:49 - 2018-03-25 21:51 - 000000000 ____D C:\AdwCleaner
2018-03-22 19:49 - 2018-03-22 19:49 - 008222496 _____ (Malwarebytes) C:\Users\Wowajz\Desktop\adwcleaner_7.0.8.0 (1).exe
2018-03-22 19:48 - 2018-03-22 19:48 - 008222496 _____ (Malwarebytes) C:\Users\Wowajz\Downloads\adwcleaner_7.0.8.0.exe
2018-03-22 19:45 - 2018-03-22 19:45 - 000000085 _____ C:\Windows\wininit.ini
2018-03-22 18:47 - 2018-03-22 18:47 - 000388608 _____ (Trend Micro Inc.) C:\Users\Wowajz\Downloads\hijackthis.exe
2018-03-20 22:22 - 2018-03-20 22:22 - 000000000 ____D C:\Windows\SysWOW64\NV
2018-03-20 22:22 - 2018-03-20 22:22 - 000000000 ____D C:\Windows\system32\NV
2018-03-20 22:22 - 2018-03-20 22:22 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-03-20 22:22 - 2017-12-09 00:25 - 000798520 _____ C:\Windows\SysWOW64\vulkan-1.dll
2018-03-20 22:22 - 2017-12-09 00:25 - 000490808 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2018-03-20 22:22 - 2017-12-09 00:24 - 000928568 _____ C:\Windows\system32\vulkan-1.dll
2018-03-20 22:22 - 2017-12-09 00:24 - 000591672 _____ C:\Windows\system32\vulkaninfo.exe
2018-03-20 22:20 - 2018-03-20 22:20 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2018-03-20 22:19 - 2018-03-16 20:03 - 000048384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2018-03-20 22:19 - 2018-03-16 20:02 - 035620256 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2018-03-20 22:19 - 2018-03-16 20:02 - 028201400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2018-03-20 22:19 - 2018-03-16 20:02 - 017353576 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2018-03-20 22:19 - 2018-03-16 20:02 - 000997120 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2018-03-20 22:19 - 2018-03-16 20:02 - 000948584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2018-03-20 22:19 - 2018-03-16 20:01 - 001985280 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6439124.dll
2018-03-20 22:19 - 2018-03-16 20:01 - 001684000 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6439124.dll
2018-03-20 22:19 - 2018-03-16 20:01 - 001137240 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2018-03-20 22:19 - 2018-03-16 20:01 - 001066072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2018-03-20 22:19 - 2018-03-16 20:00 - 040278616 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2018-03-20 22:19 - 2018-03-16 20:00 - 035189336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2018-03-20 22:19 - 2018-03-16 20:00 - 003914328 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2018-03-20 22:19 - 2018-03-16 20:00 - 003444152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2018-03-20 22:19 - 2018-03-16 19:59 - 022845992 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2018-03-20 22:19 - 2018-03-16 19:58 - 019854128 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2018-03-20 22:19 - 2018-03-16 19:58 - 018910384 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2018-03-20 22:19 - 2018-03-16 19:58 - 016496256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2018-03-20 22:19 - 2018-03-16 19:58 - 015558416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2018-03-20 22:19 - 2018-03-16 19:58 - 013571008 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2018-03-20 22:19 - 2018-03-16 19:58 - 011131872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2018-03-20 22:19 - 2018-03-16 19:58 - 001153560 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2018-03-20 22:19 - 2018-03-16 19:58 - 000902096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2018-03-20 22:19 - 2018-03-16 19:58 - 000164944 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2018-03-20 22:19 - 2018-03-16 19:58 - 000142632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2018-03-20 22:19 - 2018-03-16 19:57 - 012966216 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2018-03-20 22:19 - 2018-03-16 19:57 - 011000480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2018-03-20 22:19 - 2018-03-16 19:57 - 003917304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2018-03-20 22:19 - 2018-03-16 02:17 - 000000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2018-03-20 22:19 - 2018-03-16 02:17 - 000000669 _____ C:\Windows\system32\nv-vk64.json
2018-03-20 22:11 - 2018-03-20 22:11 - 000003922 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-20 22:11 - 2018-03-20 22:11 - 000000000 ____D C:\Users\Wowajz\ansel
2018-03-20 22:10 - 2017-12-15 04:03 - 000059240 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2018-03-20 21:54 - 2018-03-27 20:40 - 000004982 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Wowajz-PC-Wowajz Wowajz-PC
2018-03-20 21:14 - 2018-03-20 21:16 - 051725936 _____ (Safer-Networking Ltd. ) C:\Users\Wowajz\Downloads\spybotsd-2.6.46.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-27 20:34 - 2009-07-14 06:45 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-03-27 20:34 - 2009-07-14 06:45 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-03-27 20:27 - 2017-04-03 23:14 - 000000000 ____D C:\ProgramData\NVIDIA
2018-03-27 20:26 - 2017-04-03 23:06 - 000000000 __SHD C:\Users\Wowajz\IntelGraphicsProfiles
2018-03-27 20:25 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-03-26 21:10 - 2017-11-01 19:43 - 000000000 ____D C:\Users\Wowajz\AppData\Local\Spotify
2018-03-26 21:09 - 2017-11-01 19:40 - 000000000 ____D C:\Users\Wowajz\AppData\Roaming\Spotify
2018-03-26 17:09 - 2017-04-04 23:44 - 000673108 _____ C:\Windows\system32\perfh005.dat
2018-03-26 17:09 - 2017-04-04 23:44 - 000143248 _____ C:\Windows\system32\perfc005.dat
2018-03-26 17:09 - 2009-07-14 07:13 - 001595352 _____ C:\Windows\system32\PerfStringBackup.INI
2018-03-26 17:09 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-03-25 21:43 - 2017-04-04 16:39 - 000000000 ____D C:\Users\Wowajz\AppData\Roaming\Winamp
2018-03-23 17:37 - 2017-04-03 22:24 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-03-23 17:37 - 2017-04-03 22:24 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-03-20 22:22 - 2017-04-03 23:14 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-03-20 22:22 - 2017-04-03 22:52 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-03-20 22:11 - 2017-12-14 21:01 - 000003814 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-20 22:11 - 2017-04-05 17:02 - 000000000 ____D C:\Users\Wowajz\AppData\Local\CrashDumps
2018-03-20 22:11 - 2017-04-03 23:16 - 000001416 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2018-03-20 22:11 - 2017-04-03 23:15 - 000004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-20 22:11 - 2017-04-03 23:15 - 000003798 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-20 22:11 - 2017-04-03 23:13 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-03-20 22:11 - 2017-04-03 21:06 - 000000000 ____D C:\Users\Wowajz
2018-03-20 22:10 - 2017-04-03 23:15 - 000003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-20 22:10 - 2017-04-03 23:15 - 000003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-20 22:10 - 2017-04-03 23:15 - 000003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-20 22:10 - 2017-04-03 23:15 - 000003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-20 21:09 - 2017-04-04 17:27 - 000000000 ____D C:\Users\Wowajz\AppData\Roaming\DAEMON Tools Lite
2018-03-20 21:08 - 2017-04-04 07:00 - 000000000 ____D C:\Windows\Panther
2018-03-16 19:59 - 2017-12-14 20:56 - 019925408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2018-03-16 19:59 - 2017-04-03 23:12 - 000505224 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2018-03-16 19:58 - 2017-12-14 20:56 - 000419488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2018-03-16 19:58 - 2017-04-03 23:12 - 000182592 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2018-03-16 19:58 - 2017-04-03 23:12 - 000159704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2018-03-16 19:57 - 2017-04-03 23:12 - 004423376 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2018-03-16 02:17 - 2017-04-03 23:12 - 000045511 _____ C:\Windows\system32\nvinfo.pb
2018-03-16 01:14 - 2017-12-14 21:00 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2018-03-16 00:40 - 2017-04-03 23:15 - 005952640 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2018-03-16 00:40 - 2017-04-03 23:15 - 002589576 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2018-03-16 00:40 - 2017-04-03 23:15 - 001767816 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2018-03-16 00:40 - 2017-04-03 23:15 - 000634256 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2018-03-16 00:40 - 2017-04-03 23:15 - 000451040 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2018-03-16 00:40 - 2017-04-03 23:15 - 000148544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\oemdspif.dll
2018-03-16 00:40 - 2017-04-03 23:15 - 000123840 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2018-03-16 00:40 - 2017-04-03 23:15 - 000083072 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2018-03-16 00:39 - 2017-04-03 23:15 - 008099202 _____ C:\Windows\system32\nvcoproc.bin
2018-03-14 15:05 - 2017-04-03 23:15 - 002480064 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2018-03-14 15:05 - 2017-04-03 23:15 - 002137024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2018-03-14 15:05 - 2017-04-03 23:15 - 001310144 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll
2018-03-14 14:44 - 2017-04-14 21:01 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2018-03-05 08:18 - 2017-05-04 10:52 - 000189784 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2018-03-05 08:18 - 2017-05-04 10:52 - 000152408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll

==================== Files in the root of some directories =======

2017-12-19 19:51 - 2017-12-19 19:51 - 000001468 _____ () C:\Users\Wowajz\AppData\Local\recently-used.xbel

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-03-19 21:12

==================== End of FRST.txt ============================



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:73.15 GB) (Free:25.11 GB) NTFS
Drive d: () (Fixed) (Total:391.43 GB) (Free:310.07 GB) NTFS
\\?\Volume{de2dbe96-189f-11e7-922e-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

Available physical RAM: 2634.61 MB
Total physical RAM: 3998.36 MB
Percentage of memory in use: 34%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: C3FFC3FF)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=73.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=391.4 GB) - (Type=0F Extended)
Partition 4: (Not Active) - (Size=1004 MB) - (Type=12)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: ESET Smart Security 10.0.390.0 (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Smart Security 10.0.390.0 (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Wowajz\Desktop" je 10 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\331BigDog
"C:\Program Files (x86)\USB Camera\VM331STI.EXE"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\332BigDog
C:\Program Files (x86)\USB Camera2\VM332_STI.EXE

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite Automount
"D:\programy\DAEMON Tools Lite\DTAgent.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynLenovoGestureMgr
%ProgramFiles%\Synaptics\SynTP\SynLenovoGestureMgr.exe [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by Wowajz (27-03-2018 20:54:04)
Running from C:\Users\Wowajz\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2017-04-03 19:06:29)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2344032579-2471585022-3391359700-500 - Administrator - Disabled)
Guest (S-1-5-21-2344032579-2471585022-3391359700-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2344032579-2471585022-3391359700-1002 - Limited - Enabled)
Wowajz (S-1-5-21-2344032579-2471585022-3391359700-1000 - Administrator - Enabled) => C:\Users\Wowajz

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: ESET Smart Security 10.0.390.0 (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Smart Security 10.0.390.0 (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Aktualizace NVIDIA 31.1.10.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.1.10.0 - NVIDIA Corporation) Hidden
Apple Mobile Device Support (HKLM\...\{BD6778C5-6FA5-492A-ADD6-E706339C2A7B}) (Version: 11.0.2.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
Atheros WLAN Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon MP550 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series) (Version: - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.35 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.34.0 - Conexant)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0230 - Disc Soft Ltd)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.24 - NVIDIA Corporation) Hidden
Energy Management (HKLM-x32\...\{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.3.3 - Lenovo) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.3.3 - Lenovo)
ESET Smart Security (HKLM\...\{DEA1C8A3-CCB7-4C8B-8562-96543FBF6957}) (Version: 10.0.386.0 - ESET, spol. s r.o.)
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 65.0.3325.181 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Intel Processor Diagnostic Tool 64bit (HKLM\...\{D011AAF9-F756-43AB-8E91-47ADF0D86394}) (Version: 4.0.0.29 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{49bc1e38-39b4-4728-9e75-cbe67ba9a329}) (Version: 10.1.1.42 - Intel(R) Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4425 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.4.1000 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.41 - Irfan Skiljan)
iTunes (HKLM\...\{412595B6-5162-4792-8DEE-2766FBC6C1EC}) (Version: 12.7.2.60 - Apple Inc.)
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ECC-B6BD-9C31E51D0333}) (Version: 1.12.204.1 - Lenovo EasyCamera)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.0.3712 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.0.3712 - CyberLink Corp.)
Lenovo Solution Center (HKLM\...\{7BB9AAFD-3350-49C8-92D1-833AAFF9E74E}) (Version: 3.4.003.013 - Lenovo)
Malwarebytes verze 3.4.4.2398 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.4.4.2398 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Language Pack 2013 - Czech/čeština (HKLM\...\Office15.OMUI.cs-cz) (Version: 15.0.4454.1004 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nero 7 Ultra Edition (HKLM-x32\...\{293C9DF5-7669-4826-BBB2-E1F182D71029}) (Version: 7.02.8631 - Nero AG)
NVIDIA GeForce Experience 3.13.1.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.13.1.30 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 391.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.24 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 391.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 391.24 - NVIDIA Corporation) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{D4C80B0C-CF67-43A7-90C3-466853543B54}) (Version: 6.3 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{B2A2E8AF-BC48-4191-B2C4-3846A19835CA}) (Version: 6.3 - Apple Inc.)
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31233 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.92.115.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30118 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7601.39016 - Realtek Semiconductor Corp.)
Spotify (HKU\S-1-5-21-2344032579-2471585022-3391359700-1000\...\Spotify) (Version: 1.0.77.338.g758ebd78 - Spotify AB)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.0.5.1 - Synaptics Incorporated)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vypínač na dobrou noc verze 2.0 (HKLM-x32\...\Vypínač na dobrou noc_is1) (Version: - )
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Driver Package - Lenovo (ACPIVPC) System (12/15/2011 7.1.0.1) (HKLM\...\99841829BE839365AA67B2AD0E50D371F59F8A1E) (Version: 12/15/2011 7.1.0.1 - Lenovo)
WinRAR 5.31 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.1 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2344032579-2471585022-3391359700-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [2007-05-04] (Nero AG)
ContextMenuHandlers1-x32: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2016-12-14] (ESET)
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-01-03] (Alexander Roshal)
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-01-03] (Alexander Roshal)
ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2016-12-14] (ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\programy\Anti-Malware\mbshlext.dll [2018-03-03] (Malwarebytes)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2016-05-12] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-03-16] (NVIDIA Corporation)
ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2016-12-14] (ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\programy\Anti-Malware\mbshlext.dll [2018-03-03] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-01-03] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-01-03] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0BCD2245-FEEB-45AD-A002-9A0D10463DB6} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-03-14] (NVIDIA Corporation)
Task: {1042CE43-2B67-4523-BA6D-12A400BCB6A3} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-03-14] (NVIDIA Corporation)
Task: {165A0406-8B58-4C23-B7E7-A3C9A532083E} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2017-02-14] (Lenovo)
Task: {2C3D459B-F947-4F5C-8BBF-FB73E867D936} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-03-14] (NVIDIA Corporation)
Task: {3A17C53A-245C-47C0-9AB5-5853F31FA128} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {3F08F812-2F0D-4C00-906F-A02E9E538046} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Wowajz-PC-Wowajz Wowajz-PC => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation)
Task: {4A336B9D-4061-4C81-88AC-F399557C6393} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-03-14] (NVIDIA Corporation)
Task: {638D81CA-07AF-4A61-BE61-7EF6144672D9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {77D45163-0B3D-4F43-A575-2805063BF2B9} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.UpdateStatusService.exe [2017-02-14] ()
Task: {79D90B2F-21C8-4360-8379-3E5ABD4E81BD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-09-20] (Piriform Ltd)
Task: {956F14A1-3158-414E-932B-6839D2512082} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-03] (Google Inc.)
Task: {A18105E4-2A15-4DB6-9F0C-1475B2C4FAEA} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2017-02-14] (Lenovo)
Task: {A5406DDD-6541-4145-9DAB-2DE2362D5D6F} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-03-14] (NVIDIA Corporation)
Task: {A6B3FF9C-DFD3-4F32-8E73-E76217E4D3C6} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-03-14] (NVIDIA Corporation)
Task: {A995DC82-7EB4-4B3C-98E5-D50D3A58526B} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-03-14] (NVIDIA Corporation)
Task: {C294723C-43F0-432A-BE39-A22B992E6CA5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-03] (Google Inc.)
Task: {C8D6AB4F-4B20-4A71-810D-4587E144D492} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {D79276AA-278F-4BE3-84C0-C8F76F1BD21C} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-03-14] (NVIDIA Corporation)
Task: {FC6E7102-8D59-48F7-8363-3EBD1BE6CF86} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-03-20 22:22 - 2018-03-16 02:17 - 000544384 _____ () C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\DisplayDriverAnalyzer\_DisplayDriverCrashAnalyzer64.dll
2017-04-03 23:12 - 2018-03-16 20:01 - 000029112 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2018-01-05 01:13 - 2018-01-05 01:13 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-12-08 02:48 - 2017-12-08 02:48 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-04-03 23:15 - 2018-03-14 15:05 - 001267648 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-03-25 22:21 - 2018-03-01 11:31 - 002488608 _____ () D:\PROGRAMY\ANTI-MALWARE\MwacLib.dll
2018-03-25 22:21 - 2018-02-05 15:44 - 002299168 _____ () D:\PROGRAMY\ANTI-MALWARE\SelfProtectionSdk.dll
2008-12-20 03:20 - 2017-04-04 13:48 - 000054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2012-02-21 13:06 - 2017-04-04 13:48 - 001490944 _____ () C:\Program Files (x86)\Lenovo\Energy Management\EMWpfUI.dll
2012-02-21 13:06 - 2017-04-04 13:48 - 000005120 _____ () C:\Program Files (x86)\Lenovo\Energy Management\cs-CZ\EMWpfUI.resources.dll
2008-12-20 03:20 - 2017-04-04 13:48 - 000054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2017-12-11 12:05 - 2017-12-11 12:05 - 001356088 _____ () D:\programy\libxml2.dll
2017-12-11 12:05 - 2017-12-11 12:05 - 000088888 _____ () D:\programy\zlib1.dll
2017-04-03 23:12 - 2018-03-16 20:01 - 000029112 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2017-04-03 23:15 - 2018-03-14 15:05 - 001041344 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2018-03-22 21:48 - 000000035 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2344032579-2471585022-3391359700-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Wowajz\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: 331BigDog => "C:\Program Files (x86)\USB Camera\VM331STI.EXE"
MSCONFIG\startupreg: 332BigDog => C:\Program Files (x86)\USB Camera2\VM332_STI.EXE
MSCONFIG\startupreg: DAEMON Tools Lite Automount => "D:\programy\DAEMON Tools Lite\DTAgent.exe" -autorun
MSCONFIG\startupreg: SynLenovoGestureMgr => %ProgramFiles%\Synaptics\SynTP\SynLenovoGestureMgr.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C090983E-16AF-4E9D-9761-BA88D60B91BB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{87B19124-4A1A-4EE0-BFD8-8ED20D2D23E7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{4E59B9E3-8772-4C3D-989A-C9B73F69A45D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{B74F3E01-896E-4FA4-B65F-5DF1431972C0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FC5B2A55-1A0E-4473-AE88-4ADC9674F555}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DB26E0E0-EC5E-4113-8F0D-DF2F79A49869}] => (Allow) D:\programy\Winamp\winamp.exe
FirewallRules: [{21AFBBF6-0AD1-4C54-8C47-AE339763BD66}] => (Allow) D:\programy\Winamp\winamp.exe
FirewallRules: [{0B0E8ED4-8058-420A-B44F-68106C570D01}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{BC92B3D5-C1D3-42C2-A140-25FC5B567A22}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{03D7E1EF-D0B0-4D87-8DA8-97DD81398730}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{2F3AA5B3-B2E9-4EB8-981F-6D4F86C5A13F}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{84AC83D0-8D09-4F68-BA2E-34E5EF701A42}] => (Allow) D:\programy\Utorrent\utorrent.exe
FirewallRules: [{1675DDB8-8657-45C7-B545-70AFB5C77547}] => (Allow) D:\programy\Utorrent\utorrent.exe
FirewallRules: [{11ED2A13-E574-4A6E-88DE-C7BD6F8854A4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{C403F093-F800-4BBA-8E63-3C06AEC174D4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{703C00B2-FD1E-4AF0-98CB-6DA5420654D5}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{F137542A-42C6-448D-B1B7-3EACD16565C4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E0F5B62A-876D-4578-9B52-3CC84ABD2BBB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7F6B7243-644A-448C-A3BA-7980275F41BC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A29F8A09-7565-4C54-A17C-B9C6F61818AD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C5515B91-E7A5-4D7B-BC7E-0C8B9CFD47D2}] => (Allow) D:\programy\iTunes.exe
FirewallRules: [{FB2E66CD-2418-4DA2-96DA-64F2F39899EA}] => (Allow) C:\Users\Wowajz\AppData\Local\Temp\KMSnano\qemu-system-i386.exe
FirewallRules: [{A9A4866D-D2F5-4460-A2D4-861235976C85}] => (Allow) C:\Users\Wowajz\AppData\Local\Temp\KMSnano\qemu-system-i386.exe
FirewallRules: [{05A2E0B4-4EE1-4A08-BC1F-E96129179890}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{44C841B9-0B82-4859-87A1-740C83D8B153}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{EB5C37A2-4729-414D-9A47-0D191DBC5F35}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9F0D29C7-D8C1-40E9-BB30-7ECB143C1988}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E4551577-9DAD-47CB-AEAD-CB9CB97DD72F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

27-03-2018 19:52:47 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/27/2018 08:26:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/27/2018 03:18:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/26/2018 05:25:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/26/2018 05:03:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/25/2018 09:55:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/25/2018 05:48:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/25/2018 11:20:23 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/24/2018 06:16:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (03/27/2018 08:25:12 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Místní adaptér Bluetooth selhal. Důvod selhaní nebylo možno určit a adaptér nebude používán. Ovladač vysílače byl vyjmut z paměti.

Error: (03/27/2018 07:51:10 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (03/27/2018 03:16:48 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Místní adaptér Bluetooth selhal. Důvod selhaní nebylo možno určit a adaptér nebude používán. Ovladač vysílače byl vyjmut z paměti.

Error: (03/26/2018 05:23:48 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Místní adaptér Bluetooth selhal. Důvod selhaní nebylo možno určit a adaptér nebude používán. Ovladač vysílače byl vyjmut z paměti.

Error: (03/26/2018 05:01:39 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Místní adaptér Bluetooth selhal. Důvod selhaní nebylo možno určit a adaptér nebude používán. Ovladač vysílače byl vyjmut z paměti.

Error: (03/25/2018 09:51:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) HD Graphics Control Panel Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/25/2018 09:51:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restart the service.

Error: (03/25/2018 09:51:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Media Player Network Sharing Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restart the service.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Percentage of memory in use: 34%
Total physical RAM: 3998.36 MB
Available physical RAM: 2634.61 MB
Total Virtual: 7994.89 MB
Available Virtual: 6009.71 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:73.15 GB) (Free:25.11 GB) NTFS
Drive d: () (Fixed) (Total:391.43 GB) (Free:310.07 GB) NTFS

\\?\Volume{de2dbe96-189f-11e7-922e-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: C3FFC3FF)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=73.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=391.4 GB) - (Type=0F Extended)
Partition 4: (Not Active) - (Size=1004 MB) - (Type=12)

==================== End of Addition.txt ============================

[Conder]

Ako to vyzera s PC, su este nejake problemy?

[Vondraxer]

Ten Facebook zase...nevím čím to je, nemůže to být tím ADblockem ? I když to je divný, ten používám hodně dlouho a nikdy mi to nedělalo.

[Conder]

Skus AdBlock na skusku vypnut alebo v nom aktualizovat filtre. Inak osobne by som odporucil skor uBlock Origin.

[Vondraxer]

Opravdu to dělal AdBlock, stáhnul jsem ten uBlock a jde to bez problému Jinak děkuji za pomoc a přeju hezký večer.

[Conder]

Nie je zaco, rad som pomohol

Tak este upraceme po pouzitych nastrojoch:

• Stiahni DelFix: https://toolslib.net/downloads/finish/2-delfix/
• Uloz na plochu a spusti
• Nechaj oznacenu moznost "Remove disinfection tools"
• Klikni na "Run"