VIRY.CZ

aha nechápem snád je toto ono

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13.03.2018
Ran by PC1 (administrator) on BAŠNO (14-03-2018 17:33:07)
Running from C:\Users\PC1\Desktop
Loaded Profiles: PC1 (Available Profiles: PC1)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
() D:\PROGRAMY\ESLWIRE\EslWire\service\WireHelperSvc.exe
(Piriform Ltd) D:\PROGRAMY\CCleaner\CCleaner64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
() C:\Program Files\GamingMouse\WarlordMouse.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.6082\Agent.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.9887\Battle.net Helper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\PC1\Desktop\FRSTLauncher (1).exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2018-02-05] (Avira Operations GmbH & Co. KG)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2901934316-1854545542-611796736-1000\...\Run: [CCleaner Monitoring] => D:\PROGRAMY\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd)
HKU\S-1-5-21-2901934316-1854545542-611796736-1000\...\MountPoints2: {4ac95d1d-5abf-11e2-807e-50465d753eb6} - F:\setup.exe
ShellExecuteHooks: No Name - {BFD98515-CD74-48A4-98E2-13D209E3EE4F} - C:\Windows\System32\mcicda64.dll [904704 2018-03-13] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 217.23.254.124 217.23.254.125
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{65D4AFEA-6752-4694-BE76-9BFF1D111CBC}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{65D4AFEA-6752-4694-BE76-9BFF1D111CBC}: [DhcpNameServer] 217.23.254.124 217.23.254.125

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\S-1-5-21-2901934316-1854545542-611796736-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKU\S-1-5-21-2901934316-1854545542-611796736-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://google.sk/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2901934316-1854545542-611796736-1000 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2901934316-1854545542-611796736-1000 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10405__170710__yaie&p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-02-22] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2018-01-18] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2018-01-18] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-01-18] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2018-01-18] (Microsoft Corporation)
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2018-01-18] (Microsoft Corporation)
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-18] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-18] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-18] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-18] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\PC1\AppData\Roaming\Mozilla\Firefox\Profiles\k4kltiaf.default-1472059799268 [2018-03-14]
FF Homepage: Mozilla\Firefox\Profiles\k4kltiaf.default-1472059799268 -> about:home
FF NewTab: Mozilla\Firefox\Profiles\k4kltiaf.default-1472059799268 -> about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_29_0_0_113.dll [2018-03-13] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_113.dll [2018-03-13] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-01-18] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-01-18] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-02-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-02-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> msn.com
CHR StartupUrls: Default -> "hxxp://www.google.sk/"
CHR Profile: C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default [2018-03-14]
CHR Extension: (Prezentácie) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-15]
CHR Extension: (Dokumenty) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-15]
CHR Extension: (Disk Google) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-01]
CHR Extension: (YouTube) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-01]
CHR Extension: (Tabuľky) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-15]
CHR Extension: (Avira Browser Safety) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-06-07]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-01]
CHR Extension: (AdBlock) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-03-04]
CHR Extension: (IE Tab) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2018-02-28]
CHR Extension: (Bazz Search) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmeinlfojlcegblpogpjbhipmonclejh [2018-03-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Gmail) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-01]
CHR Extension: (Chrome Media Router) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-01]
CHR HKU\S-1-5-21-2901934316-1854545542-611796736-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1136744 2018-02-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [492560 2018-02-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [492560 2018-02-13] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1533608 2018-02-13] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [449240 2018-02-05] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7013384 2018-03-08] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7761576 2018-02-02] (Microsoft Corporation)
R2 EslWireHelper; D:\PROGRAMY\ESLWIRE\EslWire\service\WireHelperSvc.exe [663056 2013-06-11] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-19] (Intel Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519992 2018-01-10] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519992 2018-01-10] (NVIDIA Corporation)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2017-07-19] ()
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [183168 2017-01-09] (Razer Inc.)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-11-12] (VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [64504 2017-06-18] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [196344 2017-12-16] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [153552 2018-02-07] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [35328 2017-03-21] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2017-03-21] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-01-10] (DT Soft Ltd)
R0 ESLWireAC; C:\Windows\System32\drivers\ESLWireACD.sys [156176 2013-09-25] (<Turtle Entertainment>)
R1 FACEIT; C:\Windows\System32\Drivers\FACEIT.sys [8513536 2017-08-10] ()
S3 hidusbf; C:\Windows\System32\DRIVERS\hidusbf.sys [6784 2009-02-11] (SweetLow) [File not signed]
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31024 2018-01-10] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [59240 2017-12-15] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [58680 2018-01-10] (NVIDIA Corporation)
S1 PCLEPCI; C:\Windows\SysWOW64\drivers\pclepci.sys [14165 2002-03-19] (Pinnacle Systems GmbH) [File not signed]
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [52248 2016-10-30] (Razer Inc)
R3 rzmpos; C:\Windows\System32\DRIVERS\rzmpos.sys [48152 2016-10-30] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [43256 2017-07-18] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137208 2017-08-19] (Razer, Inc.)
S3 RZSURROUNDVADService; C:\Windows\System32\drivers\RzSurroundVAD.sys [49176 2016-10-16] (Windows (R) Win 7 DDK provider)
R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S0 rkemuu; System32\drivers\bkxivdej.sys [X]
S3 X6va063; \??\C:\Windows\SysWOW64\Drivers\X6va063 [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-14 17:31 - 2018-03-14 17:33 - 000019373 _____ C:\Users\PC1\Desktop\FRST.txt
2018-03-14 17:31 - 2018-03-14 17:31 - 000000000 ____D C:\FRST
2018-03-14 17:30 - 2018-03-14 17:30 - 002402816 _____ (Farbar) C:\Users\PC1\Desktop\FRST64.exe
2018-03-14 17:22 - 2018-03-14 17:22 - 000112640 _____ (forum.viry.cz) C:\Users\PC1\Desktop\FRSTLauncher (1).exe
2018-03-14 17:19 - 2018-03-14 17:19 - 000112640 _____ (forum.viry.cz) C:\Users\PC1\Downloads\dbd1004a-9c57-4c2b-a5ea-d4037158035d.tmp
2018-03-14 00:02 - 2018-03-14 00:03 - 000000000 ____D C:\AdwCleaner
2018-03-14 00:01 - 2018-03-14 00:01 - 008222496 _____ (Malwarebytes) C:\Users\PC1\Desktop\adwcleaner_7.0.8.0.exe
2018-03-13 23:40 - 2018-03-13 23:40 - 000000270 __RSH C:\Users\PC1\ntuser.pol
2018-03-13 23:40 - 2018-03-13 23:40 - 000000270 __RSH C:\ProgramData\ntuser.pol
2018-03-13 23:32 - 2018-03-13 23:41 - 000000080 _____ C:\Users\PC1\Desktop\Heroes of Might and MagicR IV.lnk
2018-03-13 23:32 - 2018-03-13 23:41 - 000000080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\uTorrent.lnk
2018-03-13 22:40 - 2018-03-13 22:40 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2018-03-13 22:40 - 2018-03-13 22:39 - 000380768 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-03-13 22:37 - 2018-03-13 22:44 - 000000000 ____D C:\ProgramData\616ca8e3-9bd6-4a32-a4f3-3640822a6c06
2018-03-13 22:37 - 2018-03-13 22:37 - 000000000 ____D C:\Program Files\AVAST Software
2018-03-13 22:36 - 2018-03-13 23:30 - 000000000 ____D C:\Windat
2018-03-13 22:36 - 2018-03-13 22:55 - 000000000 ____D C:\Program Files\31FLF13FFP
2018-03-13 22:36 - 2018-03-13 22:55 - 000000000 ____D C:\Disk
2018-03-13 22:36 - 2018-03-13 22:40 - 000000000 ____D C:\ProgramData\AVAST Software
2018-03-13 22:36 - 2018-03-13 22:36 - 000140800 _____ C:\Users\PC1\AppData\Local\installer.dat
2018-03-13 22:36 - 2018-03-13 22:36 - 000000000 ____D C:\Program Files\My Program
2018-03-13 22:36 - 2018-03-13 06:19 - 000904704 _____ C:\Windows\system32\mcicda64.dll
2018-03-13 22:35 - 2018-03-13 22:39 - 000000000 ____D C:\Program Files (x86)\Lightning
2018-03-13 22:35 - 2018-03-13 22:35 - 000003790 _____ C:\Windows\System32\Tasks\updater
2018-03-13 22:35 - 2018-03-13 22:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightning
2018-03-13 22:07 - 2018-03-13 22:25 - 000000000 ____D C:\Users\PC1\Documents\DreamVideoSoft
2018-03-13 20:43 - 2018-03-13 22:25 - 1878269769 _____ C:\Users\PC1\Desktop\Star Wars - The Last Jedi - Posledni z Jediu _2017.FullHD.HEVC.BrRip.6ch.EN-CZ-titulky_QUALITY.mkv
2018-03-13 16:04 - 2018-03-13 16:04 - 000004518 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-02-27 22:25 - 2018-02-23 20:28 - 000136536 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2018-02-27 22:24 - 2018-02-27 22:24 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-02-27 22:24 - 2017-12-08 23:25 - 000798520 _____ C:\Windows\SysWOW64\vulkan-1.dll
2018-02-27 22:24 - 2017-12-08 23:25 - 000490808 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2018-02-27 22:24 - 2017-12-08 23:24 - 000928568 _____ C:\Windows\system32\vulkan-1.dll
2018-02-27 22:24 - 2017-12-08 23:24 - 000591672 _____ C:\Windows\system32\vulkaninfo.exe
2018-02-27 22:22 - 2018-02-25 06:41 - 035619872 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2018-02-27 22:22 - 2018-02-25 06:40 - 028201048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2018-02-27 22:22 - 2018-02-25 06:40 - 017353248 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2018-02-27 22:22 - 2018-02-25 06:40 - 000996768 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2018-02-27 22:22 - 2018-02-25 06:40 - 000625512 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2018-02-27 22:22 - 2018-02-25 06:40 - 000514544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2018-02-27 22:22 - 2018-02-25 06:39 - 000948128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2018-02-27 22:22 - 2018-02-25 06:38 - 040277488 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2018-02-27 22:22 - 2018-02-25 06:38 - 003913016 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2018-02-27 22:22 - 2018-02-25 06:38 - 003443800 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2018-02-27 22:22 - 2018-02-25 06:38 - 001985384 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6439101.dll
2018-02-27 22:22 - 2018-02-25 06:38 - 001684000 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6439101.dll
2018-02-27 22:22 - 2018-02-25 06:38 - 001137512 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2018-02-27 22:22 - 2018-02-25 06:38 - 001064760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2018-02-27 22:22 - 2018-02-25 06:37 - 035188640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2018-02-27 22:22 - 2018-02-25 06:36 - 019854312 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2018-02-27 22:22 - 2018-02-25 06:36 - 013571008 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2018-02-27 22:22 - 2018-02-25 06:36 - 011131696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2018-02-27 22:22 - 2018-02-25 06:36 - 000419488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2018-02-27 22:22 - 2018-02-25 06:35 - 016496080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2018-02-27 22:22 - 2018-02-25 06:35 - 001153752 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2018-02-27 22:22 - 2018-02-25 06:35 - 000902280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2018-02-27 22:22 - 2018-02-25 06:35 - 000541672 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2018-02-27 22:22 - 2018-02-25 06:35 - 000460024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2018-02-27 22:22 - 2018-02-25 06:35 - 000182600 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2018-02-27 22:22 - 2018-02-25 06:35 - 000164952 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2018-02-27 22:22 - 2018-02-25 06:35 - 000159712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2018-02-27 22:22 - 2018-02-25 06:35 - 000142816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2018-02-27 22:22 - 2018-02-25 06:34 - 012966032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2018-02-27 22:22 - 2018-02-25 06:34 - 011000288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2018-02-27 22:12 - 2018-02-27 22:12 - 000034717 _____ C:\Users\PC1\Desktop\Hladanie-optimalnej-lokalizacie-ZADANIE-ŠTUDENTI.xlsx
2018-02-27 19:00 - 2018-02-28 15:13 - 000240597 _____ C:\Users\PC1\Desktop\TK podhájska-Matúš Daniš.pptx
2018-02-27 18:20 - 2018-02-27 21:40 - 000046540 _____ C:\Users\PC1\Desktop\REGE.xlsx
2018-02-27 18:13 - 2018-02-27 18:13 - 000027443 _____ C:\Users\PC1\Desktop\dotazník.xlsx
2018-02-25 17:33 - 2018-02-25 17:33 - 000135863 _____ C:\Users\PC1\Desktop\V05_SR-2008_htm.zip
2018-02-25 16:49 - 2018-02-25 16:49 - 000058406 _____ C:\Users\PC1\Downloads\Priloha_3.htm
2018-02-25 16:49 - 2018-02-25 16:49 - 000035544 _____ C:\Users\PC1\Downloads\Priloha_2.htm
2018-02-25 16:49 - 2018-02-25 16:49 - 000023506 _____ C:\Users\PC1\Downloads\Priloha_5.htm
2018-02-25 16:49 - 2018-02-25 16:49 - 000008668 _____ C:\Users\PC1\Downloads\Priloha_6.htm
2018-02-25 16:48 - 2018-02-25 16:48 - 000047073 _____ C:\Users\PC1\Downloads\Priloha_1.htm
2018-02-25 16:47 - 2018-02-25 16:47 - 001211618 _____ C:\Users\PC1\Downloads\RozpocetVS2005_2007.pdf
2018-02-22 13:35 - 2018-02-25 06:34 - 018910384 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2018-02-22 13:35 - 2018-01-24 01:19 - 001976120 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6439077.dll
2018-02-22 13:35 - 2018-01-24 01:19 - 001673616 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6439077.dll
2018-02-22 13:30 - 2018-02-22 13:49 - 000000000 _____ C:\Windows\system32\RzSurroundVADAudioDeviceManager_log.txt
2018-02-22 13:30 - 2018-02-22 13:30 - 000000000 ____D C:\ProgramData\RzSurroundVAD_1.1.63.0
2018-02-22 13:30 - 2018-02-22 13:30 - 000000000 _____ C:\Windows\SysWOW64\RzSurroundVADAudioDeviceManager_log.txt

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-14 17:31 - 2013-01-10 01:36 - 000000000 ____D C:\Users\PC1\AppData\Roaming\TS3Client
2018-03-14 17:30 - 2014-11-22 20:16 - 000000000 ____D C:\Users\PC1\AppData\Local\Battle.net
2018-03-14 17:27 - 2017-05-31 21:04 - 000000000 ____D C:\Users\PC1\AppData\Roaming\Twitch
2018-03-14 17:05 - 2017-09-18 16:30 - 000003292 _____ C:\Windows\System32\Tasks\Avira_Antivirus_Systray
2018-03-14 14:14 - 2009-07-14 05:45 - 000014416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-03-14 14:14 - 2009-07-14 05:45 - 000014416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-03-14 13:06 - 2013-01-10 00:52 - 000000000 ____D C:\ProgramData\NVIDIA
2018-03-14 12:56 - 2014-11-22 20:28 - 000000000 ____D C:\Program Files (x86)\Battle.net
2018-03-14 12:53 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-03-14 00:03 - 2017-07-10 10:33 - 000000000 ____D C:\Users\PC1\AppData\Roaming\Lavasoft
2018-03-14 00:03 - 2017-07-10 10:32 - 000000000 ____D C:\ProgramData\Lavasoft
2018-03-14 00:03 - 2017-07-10 10:32 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2018-03-13 23:52 - 2014-11-05 22:17 - 000192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2018-03-13 23:42 - 2017-09-26 22:35 - 000000909 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2018-03-13 23:42 - 2017-07-31 19:15 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-03-13 23:42 - 2017-05-05 11:00 - 000000911 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FACEIT Client.lnk
2018-03-13 23:42 - 2016-03-23 23:29 - 000002475 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2018-03-13 23:42 - 2016-03-23 23:29 - 000002474 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2018-03-13 23:42 - 2016-03-23 23:29 - 000002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2018-03-13 23:42 - 2016-03-23 23:29 - 000002396 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-03-13 23:42 - 2016-03-23 23:29 - 000002395 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2018-03-13 23:42 - 2016-03-23 23:29 - 000002391 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2018-03-13 23:42 - 2016-03-23 23:29 - 000002386 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2018-03-13 23:42 - 2016-03-23 23:29 - 000002360 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2018-03-13 23:42 - 2016-03-23 23:29 - 000002352 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2018-03-13 23:42 - 2013-03-26 16:17 - 000002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2018-03-13 23:42 - 2013-01-09 23:09 - 000001202 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD VDeck.lnk
2018-03-13 23:42 - 2013-01-08 21:52 - 000001333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2018-03-13 23:42 - 2013-01-08 21:52 - 000001314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2018-03-13 23:42 - 2009-07-14 05:57 - 000001535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2018-03-13 23:42 - 2009-07-14 05:57 - 000001318 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2018-03-13 23:42 - 2009-07-14 05:57 - 000001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2018-03-13 23:42 - 2009-07-14 05:54 - 000001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2018-03-13 23:41 - 2017-11-15 19:38 - 000000868 _____ C:\Users\Public\Desktop\StarCraft II.lnk
2018-03-13 23:41 - 2017-10-09 15:24 - 000002147 _____ C:\Users\PC1\Desktop\Discord.lnk
2018-03-13 23:41 - 2017-09-26 22:35 - 000000909 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk
2018-03-13 23:41 - 2017-07-31 19:15 - 000002189 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-03-13 23:41 - 2017-05-31 21:04 - 000000918 _____ C:\Users\PC1\Desktop\Twitch.lnk
2018-03-13 23:41 - 2017-05-31 21:04 - 000000904 _____ C:\Users\PC1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twitch.lnk
2018-03-13 23:41 - 2017-05-29 19:48 - 000000665 _____ C:\Users\Public\Desktop\World of Warcraft.lnk
2018-03-13 23:41 - 2016-11-14 22:00 - 000001406 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2018-03-13 23:41 - 2016-03-31 22:07 - 000000751 _____ C:\Users\PC1\Desktop\SpeedFan.lnk
2018-03-13 23:41 - 2016-03-23 23:42 - 000002171 _____ C:\Users\PC1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2018-03-13 23:41 - 2015-10-26 09:19 - 000000663 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-03-13 23:41 - 2014-11-22 20:28 - 000001138 _____ C:\Users\Public\Desktop\Battle.net.lnk
2018-03-13 23:41 - 2013-01-08 21:55 - 000001393 _____ C:\Users\PC1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2018-03-13 23:41 - 2009-07-14 06:01 - 000001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2018-03-13 23:41 - 2009-07-14 05:49 - 000001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2018-03-13 23:40 - 2013-01-08 21:54 - 000000000 ____D C:\Users\PC1
2018-03-13 23:33 - 2009-07-14 06:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2018-03-13 23:32 - 2014-01-31 17:03 - 000000000 ____D C:\Program Files\trend micro
2018-03-13 23:32 - 2013-03-01 18:44 - 000000000 ____D C:\Users\PC1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2018-03-13 23:01 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-03-13 22:37 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\GroupPolicy
2018-03-13 22:20 - 2009-07-14 16:18 - 000663662 _____ C:\Windows\system32\perfh005.dat
2018-03-13 22:20 - 2009-07-14 16:18 - 000142252 _____ C:\Windows\system32\perfc005.dat
2018-03-13 22:20 - 2009-07-14 06:13 - 001592446 _____ C:\Windows\system32\PerfStringBackup.INI
2018-03-13 16:04 - 2013-08-30 23:03 - 000804352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-03-13 16:04 - 2013-08-30 23:03 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-03-13 16:04 - 2013-08-30 23:03 - 000004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-03-13 16:04 - 2013-08-30 23:03 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-03-13 16:04 - 2013-08-30 23:03 - 000000000 ____D C:\Windows\system32\Macromed
2018-03-04 23:07 - 2017-09-26 22:36 - 000000000 ____D C:\Users\PC1\AppData\Local\UnrealEngine
2018-02-27 22:25 - 2013-02-19 15:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-02-27 22:25 - 2013-01-10 00:51 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-02-27 18:01 - 2017-08-01 10:48 - 000000000 ____D C:\Users\PC1\AppData\Local\IE Tab
2018-02-25 06:36 - 2017-05-06 11:20 - 019925592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2018-02-25 06:36 - 2017-03-20 18:37 - 022845992 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2018-02-25 06:36 - 2016-10-22 13:27 - 000505232 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2018-02-25 06:34 - 2017-02-01 16:40 - 015558416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2018-02-25 06:34 - 2015-10-10 17:59 - 003918512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2018-02-25 06:34 - 2013-01-10 00:50 - 004424400 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2018-02-24 13:46 - 2018-01-26 00:41 - 000045511 _____ C:\Windows\system32\nvinfo.pb
2018-02-23 21:01 - 2016-10-22 13:29 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2018-02-23 20:22 - 2016-02-29 20:25 - 000633984 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2018-02-23 20:22 - 2016-02-29 20:25 - 000081752 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2018-02-23 20:22 - 2013-01-10 00:51 - 005953096 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2018-02-23 20:22 - 2013-01-10 00:51 - 002587992 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2018-02-23 20:22 - 2013-01-10 00:51 - 001768008 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2018-02-23 20:22 - 2013-01-10 00:51 - 000451144 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2018-02-23 20:22 - 2013-01-10 00:51 - 000122896 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2018-02-22 13:49 - 2017-12-20 18:33 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2018-02-22 13:49 - 2016-10-18 15:45 - 000000000 ____D C:\ProgramData\Razer
2018-02-22 13:28 - 2013-04-02 23:00 - 000000000 ____D C:\Users\PC1\Desktop\Hry
2018-02-22 11:03 - 2016-03-23 23:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-02-22 10:59 - 2016-03-23 23:20 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-02-21 13:06 - 2015-10-31 14:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2018-02-21 13:06 - 2013-12-26 20:10 - 000000000 ____D C:\ProgramData\Package Cache
2018-02-16 15:48 - 2013-01-10 00:51 - 008083703 _____ C:\Windows\system32\nvcoproc.bin

==================== Files in the root of some directories =======

2017-02-01 17:13 - 2017-02-01 17:13 - 007680000 _____ () C:\Program Files (x86)\GUTA87F.tmp
2015-03-01 21:29 - 2015-03-01 21:29 - 000000032 _____ () C:\Users\PC1\AppData\Roaming\UserIdentity.dat
2018-03-13 22:36 - 2018-03-13 22:36 - 000140800 _____ () C:\Users\PC1\AppData\Local\installer.dat
2017-12-21 16:26 - 2017-12-21 16:31 - 000007598 _____ () C:\Users\PC1\AppData\Local\Resmon.ResmonCfg
2017-09-21 19:20 - 2017-09-21 19:20 - 000000000 _____ () C:\Users\PC1\AppData\Local\{DAC5CC37-7B63-442D-A23C-50EFE2FB624F}

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-02-21 16:08

==================== End of FRST.txt ============================



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:443.13 GB) (Free:329.59 GB) NTFS
Drive d: () (Fixed) (Total:488.28 GB) (Free:359.77 GB) NTFS
\\?\Volume{e3c7d849-59d4-11e2-86a2-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

Available physical RAM: 5346.6 MB
Total physical RAM: 8125.66 MB
Percentage of memory in use: 34%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 23E4F424)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=443.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=488.3 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Users\Public\AppData:CSM [474]

==================== Security Center ==================

AV: Avira Antivirus (Disabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
Aktuální stav: DoSnapshotSet
AS: Avira Antivirus (Disabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\PC1\Desktop" je 1917 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Odporucam nepouzivat ziadne programy od IObit (Advanced SystemCare, Driver Booster...), takisto ani One System Care, su to smejdy, ktore mozu poskodit system.

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E3B7EE4F-84C7-45A4-AF9B-0863EA9ED1A7}
  
  HKU\S-1-5-21-2901934316-1854545542-611796736-1000\...\MountPoints2: {4ac95d1d-5abf-11e2-807e-50465d753eb6} - F:\setup.exe
  ShellExecuteHooks: No Name - {BFD98515-CD74-48A4-98E2-13D209E3EE4F} - C:\Windows\System32\mcicda64.dll [904704 2018-03-13] ()
  SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  SearchScopes: HKU\S-1-5-21-2901934316-1854545542-611796736-1000 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10405__170710__yaie&p={searchTerms}
  CHR HKU\S-1-5-21-2901934316-1854545542-611796736-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
  S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [X]
  S0 rkemuu; System32\drivers\bkxivdej.sys [X]
  S3 X6va063; \??\C:\Windows\SysWOW64\Drivers\X6va063 [X]
  2018-03-14 17:19 - 2018-03-14 17:19 - 000112640 _____ (forum.viry.cz) C:\Users\PC1\Downloads\dbd1004a-9c57-4c2b-a5ea-d4037158035d.tmp
  
  Main Services (HKLM\...\{E3B7EE4F-84C7-45A4-AF9B-0863EA9ED1A7}) (Version: 2.0.14 - System Native) Hidden <==== ATTENTION
  ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
  ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
  Task: {037A8FA4-FD4E-4579-BBBA-C6361687BA5A} - \{DB3724FF-057A-444D-B525-9A53B0B17552} -> No File <==== ATTENTION
  Task: {0B0652E5-9A7A-4E9D-B3E4-AFE5FE0B3D22} - System32\Tasks\{6FFD6644-F8DA-46C4-8F9F-C32F756549C4} => C:\Windows\system32\pcalua.exe -a C:\Users\PC1\Downloads\jxpiinstall(2).exe -d C:\Users\PC1\Downloads
  Task: {0B312F2E-E165-4B78-BD04-478B3ADD01A2} - \qFbxfDUevnccZZ -> No File <==== ATTENTION
  Task: {17E98C9C-AFB0-46A9-883B-8BFE3E19CC7C} - \WlbBJSMcknvngxNxC2 -> No File <==== ATTENTION
  Task: {2B92F5DD-DD9A-496F-A0F6-2C8698F54FBC} - System32\Tasks\{69377DCA-B3FD-460D-BFCD-1E4637412D64} => C:\Windows\system32\pcalua.exe -a G:\INSTALL.EXE -d G:\
  Task: {3F3B3978-2940-4FC5-B426-A280DACD7141} - System32\Tasks\updater => C:\Program Files\System Native\Main Services\updater.exe <==== ATTENTION
  Task: {4B1A89AE-09E6-4CF1-99FD-7B5D351EB929} - \{E0019FD1-86AC-4041-944A-0E4AEA6124EA} -> No File <==== ATTENTION
  Task: {54F4C0F4-8B96-43E0-807E-4CD1C67A847C} - \dTRRfHQjsHOvbdt2 -> No File <==== ATTENTION
  Task: {5A38830E-6687-4840-B6EE-AFE0449FE058} - System32\Tasks\{67EE8738-786F-4279-9D12-8D9A000268DE} => C:\Windows\system32\pcalua.exe -a C:\Users\PC1\Downloads\jxpiinstall.exe -d C:\Users\PC1\Downloads
  Task: {8A00F7CA-75DE-4D85-AE6F-E712ACE52E39} - System32\Tasks\{4CD9BA02-4B7D-4A3E-AEB2-FD77AEA66638} => C:\Windows\system32\pcalua.exe -a "C:\Users\PC1\Downloads\StarCraft II Wings of Liberty CZ\CZ\StarCraftII_CZ_1.03.exe" -d "C:\Users\PC1\Downloads\StarCraft II Wings of Liberty CZ\CZ"
  Task: {91660576-C1AE-4780-9ECC-BF44296204F9} - \dIxshjfnsDsrepSSqPt2 -> No File <==== ATTENTION
  Task: {A475D675-0D5D-4A7B-8FCB-FBE58FAE326B} - \One System Care Delayed -> No File <==== ATTENTION
  Task: {B7041F07-BEB8-44FE-BF94-7AE12CEC18A1} - System32\Tasks\{F4DF9DD5-EF5E-4479-BFED-642184B024F8} => C:\Windows\system32\pcalua.exe -a C:\Users\PC1\Downloads\jxpiinstall(4).exe -d C:\Users\PC1\Downloads
  Task: {E611B534-EBAB-4F07-BB48-81465CD36B2F} - System32\Tasks\{C9CBDC79-BBAF-407F-99DB-92E6C079E29A} => C:\Windows\system32\pcalua.exe -a C:\Users\PC1\Downloads\jxpiinstall(1).exe -d C:\Users\PC1\Downloads
  Task: {F6D54C4A-B51D-4097-B79A-769D3A1DD80F} - \operation -> No File <==== ATTENTION
  AlternateDataStreams: C:\Users\Public\AppData:CSM [474]
  IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
  IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
  IE trusted site: HKU\S-1-5-21-2901934316-1854545542-611796736-1000\...\localhost -> localhost
  
  Hosts:
  EmptyTemp:
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

snád som tu urobil dobre

Fix result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by PC1 (15-03-2018 07:53:50) Run:1
Running from C:\Users\PC1\Desktop
Loaded Profiles: PC1 (Available Profiles: PC1)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E3B7EE4F-84C7-45A4-AF9B-0863EA9ED1A7}

HKU\S-1-5-21-2901934316-1854545542-611796736-1000\...\MountPoints2: {4ac95d1d-5abf-11e2-807e-50465d753eb6} - F:\setup.exe
ShellExecuteHooks: No Name - {BFD98515-CD74-48A4-98E2-13D209E3EE4F} - C:\Windows\System32\mcicda64.dll [904704 2018-03-13] ()
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2901934316-1854545542-611796736-1000 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10405__170710__yaie&p={searchTerms}
CHR HKU\S-1-5-21-2901934316-1854545542-611796736-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [X]
S0 rkemuu; System32\drivers\bkxivdej.sys [X]
S3 X6va063; \??\C:\Windows\SysWOW64\Drivers\X6va063 [X]
2018-03-14 17:19 - 2018-03-14 17:19 - 000112640 _____ (forum.viry.cz) C:\Users\PC1\Downloads\dbd1004a-9c57-4c2b-a5ea-d4037158035d.tmp

Main Services (HKLM\...\{E3B7EE4F-84C7-45A4-AF9B-0863EA9ED1A7}) (Version: 2.0.14 - System Native) Hidden <==== ATTENTION
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
Task: {037A8FA4-FD4E-4579-BBBA-C6361687BA5A} - \{DB3724FF-057A-444D-B525-9A53B0B17552} -> No File <==== ATTENTION
Task: {0B0652E5-9A7A-4E9D-B3E4-AFE5FE0B3D22} - System32\Tasks\{6FFD6644-F8DA-46C4-8F9F-C32F756549C4} => C:\Windows\system32\pcalua.exe -a C:\Users\PC1\Downloads\jxpiinstall(2).exe -d C:\Users\PC1\Downloads
Task: {0B312F2E-E165-4B78-BD04-478B3ADD01A2} - \qFbxfDUevnccZZ -> No File <==== ATTENTION
Task: {17E98C9C-AFB0-46A9-883B-8BFE3E19CC7C} - \WlbBJSMcknvngxNxC2 -> No File <==== ATTENTION
Task: {2B92F5DD-DD9A-496F-A0F6-2C8698F54FBC} - System32\Tasks\{69377DCA-B3FD-460D-BFCD-1E4637412D64} => C:\Windows\system32\pcalua.exe -a G:\INSTALL.EXE -d G:\
Task: {3F3B3978-2940-4FC5-B426-A280DACD7141} - System32\Tasks\updater => C:\Program Files\System Native\Main Services\updater.exe <==== ATTENTION
Task: {4B1A89AE-09E6-4CF1-99FD-7B5D351EB929} - \{E0019FD1-86AC-4041-944A-0E4AEA6124EA} -> No File <==== ATTENTION
Task: {54F4C0F4-8B96-43E0-807E-4CD1C67A847C} - \dTRRfHQjsHOvbdt2 -> No File <==== ATTENTION
Task: {5A38830E-6687-4840-B6EE-AFE0449FE058} - System32\Tasks\{67EE8738-786F-4279-9D12-8D9A000268DE} => C:\Windows\system32\pcalua.exe -a C:\Users\PC1\Downloads\jxpiinstall.exe -d C:\Users\PC1\Downloads
Task: {8A00F7CA-75DE-4D85-AE6F-E712ACE52E39} - System32\Tasks\{4CD9BA02-4B7D-4A3E-AEB2-FD77AEA66638} => C:\Windows\system32\pcalua.exe -a "C:\Users\PC1\Downloads\StarCraft II Wings of Liberty CZ\CZ\StarCraftII_CZ_1.03.exe" -d "C:\Users\PC1\Downloads\StarCraft II Wings of Liberty CZ\CZ"
Task: {91660576-C1AE-4780-9ECC-BF44296204F9} - \dIxshjfnsDsrepSSqPt2 -> No File <==== ATTENTION
Task: {A475D675-0D5D-4A7B-8FCB-FBE58FAE326B} - \One System Care Delayed -> No File <==== ATTENTION
Task: {B7041F07-BEB8-44FE-BF94-7AE12CEC18A1} - System32\Tasks\{F4DF9DD5-EF5E-4479-BFED-642184B024F8} => C:\Windows\system32\pcalua.exe -a C:\Users\PC1\Downloads\jxpiinstall(4).exe -d C:\Users\PC1\Downloads
Task: {E611B534-EBAB-4F07-BB48-81465CD36B2F} - System32\Tasks\{C9CBDC79-BBAF-407F-99DB-92E6C079E29A} => C:\Windows\system32\pcalua.exe -a C:\Users\PC1\Downloads\jxpiinstall(1).exe -d C:\Users\PC1\Downloads
Task: {F6D54C4A-B51D-4097-B79A-769D3A1DD80F} - \operation -> No File <==== ATTENTION
AlternateDataStreams: C:\Users\Public\AppData:CSM [474]
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-2901934316-1854545542-611796736-1000\...\localhost -> localhost

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.
================== ExportKey: ===================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E3B7EE4F-84C7-45A4-AF9B-0863EA9ED1A7}]
"AuthorizedCDFPrefix"=""
"Comments"="This installer database contains the logic and data required to install Main Services."
"Contact"="Null5"
"DisplayVersion"="2.0.14"
"HelpLink"="http://www5.example.com"
"HelpTelephone"="975-54554424"
"InstallDate"="20180313"
"InstallLocation"="C:\Program Files\System Native\Main Services\"
"InstallSource"="C:\Users\PC1\AppData\Roaming\System Native\Main Services 2.0.14\install\A9ED1A7\"
"ModifyPath"="MsiExec.exe /X{E3B7EE4F-84C7-45A4-AF9B-0863EA9ED1A7}"
"NoModify"="1"
"NoRepair"="1"
"Publisher"="System Native"
"Readme"=""
"Size"=""
"EstimatedSize"="8376"
"SystemComponent"="1"
"UninstallString"="MsiExec.exe /X{E3B7EE4F-84C7-45A4-AF9B-0863EA9ED1A7}"
"URLInfoAbout"="http://www5.example.com"
"URLUpdateInfo"="http://http://www5.example.com"
"VersionMajor"="2"
"VersionMinor"="0"
"WindowsInstaller"="1"
"Version"="33554446"
"Language"="1033"
"DisplayName"="Main Services"

=== End of ExportKey ===
"HKU\S-1-5-21-2901934316-1854545542-611796736-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4ac95d1d-5abf-11e2-807e-50465d753eb6}" => removed successfully
HKLM\Software\Classes\CLSID\{4ac95d1d-5abf-11e2-807e-50465d753eb6} => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{BFD98515-CD74-48A4-98E2-13D209E3EE4F}" => removed successfully
"HKLM\Software\Classes\CLSID\{BFD98515-CD74-48A4-98E2-13D209E3EE4F}" => removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
"HKU\S-1-5-21-2901934316-1854545542-611796736-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}" => removed successfully
HKLM\Software\Classes\CLSID\{C0C3A6C6-03BC-4195-8FCB-AEA091301353} => not found
"HKU\S-1-5-21-2901934316-1854545542-611796736-1000\SOFTWARE\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd" => removed successfully
"HKLM\System\CurrentControlSet\Services\EasyAntiCheat" => removed successfully
EasyAntiCheat => service removed successfully
"HKLM\System\CurrentControlSet\Services\rkemuu" => removed successfully
rkemuu => service removed successfully
"HKLM\System\CurrentControlSet\Services\X6va063" => removed successfully
X6va063 => service removed successfully
C:\Users\PC1\Downloads\dbd1004a-9c57-4c2b-a5ea-d4037158035d.tmp => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E3B7EE4F-84C7-45A4-AF9B-0863EA9ED1A7}\\SystemComponent" => removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw" => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00asw" => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{037A8FA4-FD4E-4579-BBBA-C6361687BA5A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{037A8FA4-FD4E-4579-BBBA-C6361687BA5A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{DB3724FF-057A-444D-B525-9A53B0B17552}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0B0652E5-9A7A-4E9D-B3E4-AFE5FE0B3D22}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0B0652E5-9A7A-4E9D-B3E4-AFE5FE0B3D22}" => removed successfully
C:\Windows\System32\Tasks\{6FFD6644-F8DA-46C4-8F9F-C32F756549C4} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6FFD6644-F8DA-46C4-8F9F-C32F756549C4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0B312F2E-E165-4B78-BD04-478B3ADD01A2}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0B312F2E-E165-4B78-BD04-478B3ADD01A2}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\qFbxfDUevnccZZ" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{17E98C9C-AFB0-46A9-883B-8BFE3E19CC7C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{17E98C9C-AFB0-46A9-883B-8BFE3E19CC7C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WlbBJSMcknvngxNxC2" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2B92F5DD-DD9A-496F-A0F6-2C8698F54FBC}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2B92F5DD-DD9A-496F-A0F6-2C8698F54FBC}" => removed successfully
C:\Windows\System32\Tasks\{69377DCA-B3FD-460D-BFCD-1E4637412D64} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{69377DCA-B3FD-460D-BFCD-1E4637412D64}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3F3B3978-2940-4FC5-B426-A280DACD7141}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3F3B3978-2940-4FC5-B426-A280DACD7141}" => removed successfully
C:\Windows\System32\Tasks\updater => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\updater" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4B1A89AE-09E6-4CF1-99FD-7B5D351EB929}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4B1A89AE-09E6-4CF1-99FD-7B5D351EB929}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E0019FD1-86AC-4041-944A-0E4AEA6124EA}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{54F4C0F4-8B96-43E0-807E-4CD1C67A847C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{54F4C0F4-8B96-43E0-807E-4CD1C67A847C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\dTRRfHQjsHOvbdt2" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5A38830E-6687-4840-B6EE-AFE0449FE058}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5A38830E-6687-4840-B6EE-AFE0449FE058}" => removed successfully
C:\Windows\System32\Tasks\{67EE8738-786F-4279-9D12-8D9A000268DE} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{67EE8738-786F-4279-9D12-8D9A000268DE}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8A00F7CA-75DE-4D85-AE6F-E712ACE52E39}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A00F7CA-75DE-4D85-AE6F-E712ACE52E39}" => removed successfully
C:\Windows\System32\Tasks\{4CD9BA02-4B7D-4A3E-AEB2-FD77AEA66638} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4CD9BA02-4B7D-4A3E-AEB2-FD77AEA66638}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{91660576-C1AE-4780-9ECC-BF44296204F9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{91660576-C1AE-4780-9ECC-BF44296204F9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\dIxshjfnsDsrepSSqPt2" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A475D675-0D5D-4A7B-8FCB-FBE58FAE326B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A475D675-0D5D-4A7B-8FCB-FBE58FAE326B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\One System Care Delayed" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B7041F07-BEB8-44FE-BF94-7AE12CEC18A1}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B7041F07-BEB8-44FE-BF94-7AE12CEC18A1}" => removed successfully
C:\Windows\System32\Tasks\{F4DF9DD5-EF5E-4479-BFED-642184B024F8} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F4DF9DD5-EF5E-4479-BFED-642184B024F8}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E611B534-EBAB-4F07-BB48-81465CD36B2F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E611B534-EBAB-4F07-BB48-81465CD36B2F}" => removed successfully
C:\Windows\System32\Tasks\{C9CBDC79-BBAF-407F-99DB-92E6C079E29A} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C9CBDC79-BBAF-407F-99DB-92E6C079E29A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F6D54C4A-B51D-4097-B79A-769D3A1DD80F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F6D54C4A-B51D-4097-B79A-769D3A1DD80F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\operation" => removed successfully
C:\Users\Public\AppData => ":CSM" ADS removed successfully
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost" => removed successfully
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com" => removed successfully
"HKU\S-1-5-21-2901934316-1854545542-611796736-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 17252588 B
Java, Flash, Steam htmlcache => 640418926 B
Windows/system/drivers => 586280 B
Edge => 0 B
Chrome => 734041539 B
Firefox => 15931031 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 0 B
PC1 => 111830027 B
UpdatusUser => 0 B
UpdatusUser => 0 B

RecycleBin => 888000 B
EmptyTemp: => 1.4 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 07:54:42 ====

Zapni Windows Firewall

• Stlac klavesy Win+R, napis "firewall.cpl" a stlac enter
• Vlavo vlikni na Zapnut alebo vypnut branu Firewall
• Vyber obidve moznosti Zapnut branu Windows Firewall
• Klikni na OK

Inak vyzera to uz OK. Su este s PC nejake problemy?

Ak nie, tak este upraceme po pouzitych nastrojoch:

• Stiahni DelFix: https://toolslib.net/downloads/finish/2-delfix/
• Uloz na plochu a spusti
• Nechaj oznacenu moznost "Remove disinfection tools"
• Klikni na "Run"

Skontroluj velkost plochy (C:\Users\PC1\Desktop). Ak je vacsia ako 300 MB, presun vsetky subory a zlozky z plochy do dokumentov a na ploche nechaj iba odkazy/zastupcov. Prilis velka velkost plochy moze sposobit spomalenie systemu.