VIRY.CZ

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-12-2016
Ran by Tomik (administrator) on TOMIK-PC (21-12-2016 16:50:04)
Running from C:\Users\Tomik\Desktop
Loaded Profiles: Tomik (Available Profiles: Tomik)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\D-Link\GO-USB-N150\RtlService.exe
(Razer Inc.) C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\D-Link\GO-USB-N150\RtWlan.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Tomik\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NUSB3MON] => C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [97280 2012-04-11] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-12-13] (Realtek Semiconductor)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8027016 2016-09-16] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [RzWizard] => C:\Program Files (x86)\Razer\RzWizard\RzWizard.exe [254976 2015-07-23] (Razer Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-03-20] (Oracle Corporation)
HKU\S-1-5-21-147754569-2467050187-394659022-1002\...\Run: [Akamai NetSession Interface] => "C:\Users\Tomik\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-147754569-2467050187-394659022-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27230168 2016-11-15] (Skype Technologies S.A.)
HKU\S-1-5-21-147754569-2467050187-394659022-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2876704 2016-12-09] (Valve Corporation)
HKU\S-1-5-21-147754569-2467050187-394659022-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-147754569-2467050187-394659022-1002\...\MountPoints2: {7833476c-f3eb-11e4-98c6-74d435b70c63} - F:\Setup.exe
HKU\S-1-5-21-147754569-2467050187-394659022-1002\...\MountPoints2: {969325a8-1682-11e6-b30b-74d435b70c63} - F:\iStudio.exe
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip\..\Interfaces\{D5AA0375-A8D2-4E37-935C-B36FA5D4D025}: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip\..\Interfaces\{ED0BAC4A-E373-4482-BE72-99D1E8180838}: [DhcpNameServer] 194.168.4.100 194.168.8.100

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05 ... O-38d663a4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05 ... O-38d663a4
HKU\S-1-5-21-147754569-2467050187-394659022-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05 ... O-38d663a4
HKU\S-1-5-21-147754569-2467050187-394659022-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-gb/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {D162AE0B-14AD-493F-8456-86FC6333EE52} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05 ... earchTerms}
SearchScopes: HKLM -> {d4fee3d1-1014-4db8-a824-573bf9ab51c7} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05 ... earchTerms}
SearchScopes: HKU\S-1-5-21-147754569-2467050187-394659022-1002 -> DefaultScope {D162AE0B-14AD-493F-8456-86FC6333EE52} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05 ... earchTerms}
SearchScopes: HKU\S-1-5-21-147754569-2467050187-394659022-1002 -> {D162AE0B-14AD-493F-8456-86FC6333EE52} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05 ... earchTerms}
SearchScopes: HKU\S-1-5-21-147754569-2467050187-394659022-1002 -> {d4fee3d1-1014-4db8-a824-573bf9ab51c7} URL = hxxps://uk.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_77\bin\ssv.dll [2016-04-03] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-04-03] (Oracle Corporation)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-17] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-17] (Oracle Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-13] ()
FF Plugin: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-04-03] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-04-03] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-06-08] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-13] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-17] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-06-08] (Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Default
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\Tomik\AppData\Local\Google\Chrome\User Data\Default [2016-12-21]
CHR Extension: (Google Slides) - C:\Users\Tomik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-03]
CHR Extension: (Google Docs) - C:\Users\Tomik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-03]
CHR Extension: (Google Drive) - C:\Users\Tomik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-03]
CHR Extension: (YouTube) - C:\Users\Tomik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-03]
CHR Extension: (Google Sheets) - C:\Users\Tomik\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-03]
CHR Extension: (Google Docs Offline) - C:\Users\Tomik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Tomik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03]
CHR Extension: (Yahoo Partner) - C:\Users\Tomik\AppData\Local\Google\Chrome\User Data\Default\Extensions\npdicihegicnhaangkdmcgbjceoemeoo [2016-11-07]
CHR Extension: (Gmail) - C:\Users\Tomik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-03]
CHR Extension: (Chrome Media Router) - C:\Users\Tomik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-14]
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [599944 2014-12-05] (Autodesk Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [737984 2016-06-03] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2207960 2016-09-26] (Adobe Systems, Incorporated)
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-11-20] (Advanced Micro Devices, Inc.) [File not signed]
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2016-09-16] (Advanced Micro Devices) [File not signed]
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1362464 2016-04-28] ()
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-26] (Disc Soft Ltd)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119688 2016-12-06] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2180624 2016-12-06] (Electronic Arts)
R2 RtlService; C:\Program Files (x86)\D-Link\GO-USB-N150\RtlService.exe [36864 2012-05-10] (Realtek Semiconductor Corp.) [File not signed]
R2 RzWizardService; C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe [368128 2015-07-23] (Razer Inc.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 SpyEmrgHealth; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [305544 2016-09-16] (Advanced Micro Devices)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] ()
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-05-06] (Disc Soft Ltd)
S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [1528976 2012-12-05] (Realtek Semiconductor Corporation )
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16056 2015-05-20] (SlimWare Utilities, Inc.)
S1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] ()
R1 {410984fa-ad89-4879-903e-b0c424552782}Gw64; C:\Windows\System32\drivers\{410984fa-ad89-4879-903e-b0c424552782}Gw64.sys [48736 2016-04-03] (StdLib)
S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S2 APXACC; system32\DRIVERS\appexDrv.sys [X]
S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-21 16:50 - 2016-12-21 16:50 - 00016488 _____ C:\Users\Tomik\Desktop\FRST.txt
2016-12-21 16:49 - 2016-12-21 16:50 - 00000000 ____D C:\FRST
2016-12-21 16:48 - 2016-12-21 16:45 - 02420224 _____ (Farbar) C:\Users\Tomik\Desktop\FRST64.exe
2016-12-21 16:47 - 2016-12-21 16:47 - 00112640 _____ (forum.viry.cz) C:\Users\Tomik\Desktop\FRSTLauncher.exe
2016-12-21 16:45 - 2016-12-21 16:45 - 02420224 _____ (Farbar) C:\Users\Tomik\Downloads\FRST64.exe
2016-12-20 14:22 - 2016-12-20 14:22 - 00000355 _____ C:\Users\Tomik\Downloads\Favorites - Shortcut.lnk
2016-12-18 19:17 - 2016-12-18 20:40 - 1471444292 _____ C:\Users\Tomik\Downloads\The.BFG.2016.HDRip.XviD.AC3-EVO.avi
2016-12-18 18:56 - 2016-12-18 18:56 - 00000000 ____D C:\Windows\pss
2016-12-18 18:50 - 2016-12-18 18:51 - 08805960 _____ (Piriform Ltd) C:\Users\Tomik\Downloads\ccsetup525pro.exe
2016-12-18 12:12 - 2016-12-18 14:16 - 2189549546 _____ C:\Users\Tomik\Downloads\War-Dogs-CZ.avi
2016-12-18 12:04 - 2016-12-18 12:12 - 133901713 _____ C:\Users\Tomik\Downloads\TBBT-S10E11---The-Birthday-Synchronicity-(cs-titulky).mkv
2016-12-12 20:47 - 2016-12-12 20:47 - 00000000 ____D C:\Users\Tomik\AppData\Local\Chromium
2016-12-12 14:38 - 2016-12-12 15:11 - 596065169 _____ C:\Users\Tomik\Downloads\The.Walking.Dead.S07E08.HDTV.x264.CZtit.mkv
2016-12-10 17:32 - 2016-12-10 17:32 - 00013429 _____ C:\Users\Tomik\Downloads\Snowden.2016.720p.BluRay.x264-NeZu.torrent
2016-12-10 16:58 - 2016-12-10 18:11 - 1322332160 _____ C:\Users\Tomik\Downloads\Sebevražedný-oddíl-Suicide-Squad--CZ-dabing.avi
2016-12-08 17:24 - 2016-12-08 17:42 - 319921644 _____ C:\Users\Tomik\Downloads\The-Flash-S03E09.CZ.tit.mp4
2016-12-06 18:43 - 2016-12-06 18:43 - 00044039 _____ C:\Users\Tomik\Downloads\Westworld.S01E10.WEBRip.x264-FUM[ettv].srt
2016-12-06 14:54 - 2016-12-06 14:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2016-12-06 14:52 - 2016-12-06 14:54 - 00000000 ____D C:\Users\Tomik\AppData\Local\Origin
2016-12-06 14:52 - 2016-12-06 14:52 - 55364064 _____ (Electronic Arts) C:\Users\Tomik\Downloads\OriginThinSetup.exe
2016-12-06 14:51 - 2016-12-06 14:51 - 00002946 _____ C:\Windows\System32\Tasks\{2721A855-1C35-44CA-A016-0ACB38DA1B65}
2016-12-06 14:33 - 2016-12-06 14:33 - 00002946 _____ C:\Windows\System32\Tasks\{D8D73DF2-9853-4467-BF61-CC456B086ED0}
2016-12-06 14:24 - 2016-12-06 14:25 - 00000028 _____ C:\Users\Tomik\Desktop\New Text Document.txt
2016-12-05 15:45 - 2016-12-05 16:22 - 673505678 _____ C:\Users\Tomik\Downloads\The.Walking.Dead.S07E07.HDTV.x264-FUM[ettv].mp4
2016-12-05 13:02 - 2016-12-05 13:29 - 482256446 _____ C:\Users\Tomik\Downloads\Westworld.S01E10.The.Bicameral.Mind.720p.WEBRip.2CH.x265.HEVC-PSA.mp4
2016-12-03 19:20 - 2016-12-03 19:42 - 394017290 _____ C:\Users\Tomik\Downloads\The-Flash-S03E08-Invasion--české--titulky-novinka.avi
2016-12-02 18:45 - 2016-12-02 18:59 - 252822068 _____ C:\Users\Tomik\Downloads\The.Big.Bang.Theory.S10E10.720p.HDTV.X264-DIMENSION-CZ-titulky.avi
2016-12-02 17:20 - 2016-12-02 17:42 - 385986175 _____ C:\Users\Tomik\Downloads\The-Flash-S03E07---&-Arrow-TitCz.mp4
2016-12-02 14:38 - 2016-12-02 14:56 - 328459567 _____ C:\Users\Tomik\Downloads\The-Flash--S03E06-české-titulky-novinka.mp4
2016-11-30 15:09 - 2016-11-30 15:09 - 00034757 _____ C:\Users\Tomik\Downloads\Westworld.S01E09.WEBRip.x264-FUM[ettv].srt
2016-11-30 14:36 - 2016-11-30 14:55 - 349603545 _____ C:\Users\Tomik\Downloads\Westworld.S01E09.WEBRip.x264-FUM[ettv].mp4
2016-11-28 16:34 - 2016-11-28 16:55 - 366944256 _____ C:\Users\Tomik\Downloads\The.Walking.Dead.S07E06.cz-tit.avi
2016-11-28 11:06 - 2016-11-28 11:39 - 287507129 _____ C:\Users\Tomik\Downloads\Black.Mirror.S03E02.WebRip.x264-FS.mp4
2016-11-22 18:43 - 2016-11-22 19:22 - 707898614 _____ C:\Users\Tomik\Downloads\TheGrandTour--S01E01-cztit.mp4
2016-11-21 17:38 - 2016-11-21 18:01 - 413679218 _____ C:\Users\Tomik\Downloads\Westworld-S01E08-HDTVx264-CZtit.mp4
2016-11-21 17:37 - 2016-11-21 17:37 - 00014453 _____ C:\Users\Tomik\Downloads\[CzT]The_Flash_S03E05_Monster_TvRip_720p_.torrent
2016-11-21 16:01 - 2016-11-21 16:42 - 741712508 _____ C:\Users\Tomik\Downloads\The.Walking.Dead.S07E05---CZ-titulky-by-HanzeST.avi

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-21 16:46 - 2016-01-02 12:01 - 00000000 ____D C:\Users\Tomik\AppData\Roaming\Skype
2016-12-21 16:33 - 2015-06-30 11:09 - 00000000 ____D C:\Users\Tomik\AppData\Local\Battle.net
2016-12-21 16:02 - 2014-10-30 10:59 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-12-21 15:47 - 2015-06-30 11:09 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-12-21 14:32 - 2009-07-14 05:13 - 00781790 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-21 14:32 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\inf
2016-12-21 14:30 - 2009-07-14 04:45 - 00021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-21 14:30 - 2009-07-14 04:45 - 00021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-21 14:25 - 2016-09-16 12:16 - 00007603 _____ C:\Users\Tomik\AppData\Local\Resmon.ResmonCfg
2016-12-21 14:25 - 2009-07-14 05:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-21 14:24 - 2009-07-14 05:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-12-21 14:15 - 2015-02-13 23:24 - 00000000 ____D C:\Program Files (x86)\Steam
2016-12-21 14:12 - 2016-09-17 15:19 - 00000000 ____D C:\Program Files (x86)\Overwatch
2016-12-21 14:11 - 2015-06-30 11:22 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
2016-12-21 13:58 - 2015-02-13 23:56 - 00000000 ____D C:\Users\Tomik\AppData\Local\PokerStars.UK
2016-12-20 22:12 - 2014-10-30 14:49 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2016-12-20 15:18 - 2016-11-07 10:37 - 00000000 ____D C:\Users\Tomik\AppData\Roaming\Origin
2016-12-20 14:53 - 2016-11-07 10:35 - 00000000 ____D C:\ProgramData\Origin
2016-12-20 14:21 - 2016-03-17 23:09 - 00000000 ____D C:\Users\Tomik\AppData\Local\UnrealEngine
2016-12-18 19:01 - 2009-07-14 03:20 - 00000000 ____D C:\PerfLogs
2016-12-18 18:52 - 2015-08-31 18:29 - 00000000 ____D C:\Users\Tomik\AppData\Roaming\uTorrent
2016-12-18 18:51 - 2016-09-14 20:38 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-12-18 18:51 - 2016-09-14 20:38 - 00000822 _____ C:\ProgramData\Desktop\CCleaner.lnk
2016-12-18 18:51 - 2016-09-14 20:38 - 00000000 ____D C:\Program Files\CCleaner
2016-12-16 20:00 - 2015-02-16 12:59 - 00003330 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-16 20:00 - 2015-02-16 12:59 - 00003202 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-15 20:59 - 2016-11-07 12:51 - 00001170 _____ C:\Users\Public\Desktop\Battlefield 1.lnk
2016-12-15 20:59 - 2016-11-07 12:51 - 00001170 _____ C:\ProgramData\Desktop\Battlefield 1.lnk
2016-12-14 21:01 - 2015-02-16 13:01 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-14 21:01 - 2015-02-16 13:01 - 00002183 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2016-12-13 19:02 - 2014-10-30 10:59 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-12-13 19:02 - 2014-10-30 10:59 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-13 19:02 - 2014-10-30 10:59 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-12-13 19:02 - 2014-10-30 10:59 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-12-13 19:02 - 2014-10-30 10:59 - 00000000 ____D C:\Windows\system32\Macromed
2016-12-12 20:48 - 2015-02-20 01:54 - 00000000 ____D C:\Users\Tomik\AppData\Local\Steam
2016-12-10 17:40 - 2015-08-31 18:31 - 00000000 ____D C:\Movies
2016-12-06 21:38 - 2016-01-02 12:01 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-12-06 21:38 - 2016-01-02 12:01 - 00000000 ____D C:\ProgramData\Skype
2016-12-06 14:54 - 2016-11-07 10:34 - 00000000 ____D C:\Program Files (x86)\Origin
2016-12-06 14:52 - 2016-11-07 10:35 - 00000000 ____D C:\ProgramData\Electronic Arts
2016-12-01 15:53 - 2016-11-07 13:07 - 00000000 ____D C:\Users\Tomik\Documents\Battlefield 1
2016-11-30 14:06 - 2016-07-28 20:00 - 00000000 ____D C:\Program Files (x86)\Hearthstone

==================== Files in the root of some directories =======

2015-11-06 16:12 - 2015-11-09 18:05 - 2128896 _____ () C:\Users\Tomik\AppData\Local\file__0.localstorage
2016-09-16 12:16 - 2016-12-21 14:25 - 0007603 _____ () C:\Users\Tomik\AppData\Local\Resmon.ResmonCfg
2016-01-29 19:38 - 2016-01-29 19:38 - 73090024 _____ () C:\Users\Tomik\AppData\Local\TempFullTiltPokerEuSetup.exe
2015-08-30 12:04 - 2015-08-30 12:11 - 0000112 _____ () C:\ProgramData\BeA2q4f8e.dat
2015-08-30 12:15 - 2015-08-30 12:15 - 0000102 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

Files to move or delete:
====================
C:\ProgramData\BeA2q4f8e.dat
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-12-07 16:28

==================== End of FRST.txt ============================



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:927.51 GB) (Free:233.72 GB) NTFS

Available physical RAM: 5812.98 MB
Total physical RAM: 8134.04 MB
Percentage of memory in use: 28%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: AA19934E)
Partition 1: (Active) - (Size=4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=927.5 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Tomik\Desktop" je 566 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Creative Cloud
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSKAppManager
"C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpyEmergency
C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Tomik^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.1.lnk
C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

asi to bude velke fiasko. comp je hodne v erroru... chtel jsem vyzkouset vasi pomoc nez preinstaluju cely system

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

# AdwCleaner v6.041 - Logfile created 21/12/2016 at 17:23:51
# Updated on 16/12/2016 by Malwarebytes
# Database : 2016-12-21.1 [Server]
# Operating System : Windows 7 Home Premium Service Pack 1 (X64)
# Username : Tomik - TOMIK-PC
# Running from : C:\Users\Tomik\Desktop\adwcleaner_6.041.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****

[-] Service deleted: swdumon


***** [ Folders ] *****

[-] Folder deleted: C:\ProgramData\Uinllout
[#] Folder deleted on reboot: C:\ProgramData\Application Data\Uinllout
[-] Folder deleted: C:\Users\Tomik\AppData\Local\DesktopSearch
[-] Folder deleted: C:\Users\Tomik\AppData\Local\globalUpdate
[-] Folder deleted: C:\Users\Tomik\AppData\Local\SmartWeb
[-] Folder deleted: C:\Users\Tomik\AppData\Local\YSearchUtil
[-] Folder deleted: C:\Users\Tomik\AppData\Roaming\RHEng
[-] Folder deleted: C:\Users\Tomik\AppData\Roaming\WeatherTool
[-] Folder deleted: C:\Users\Tomik\AppData\Roaming\FileOpenerWindows
[-] Folder deleted: C:\Program Files\SpaceSoundPro
[-] Folder deleted: C:\IQIYI Video
[-] Folder deleted: C:\ProgramData\GPCWValidator
[#] Folder deleted on reboot: C:\ProgramData\Application Data\GPCWValidator
[-] Folder deleted: C:\Users\Public\Documents\Guid
[-] Folder deleted: C:\Users\Public\Documents\Downloaded Installers
[-] Folder deleted: C:\Program Files (x86)\globalUpdate
[-] Folder deleted: C:\Program Files (x86)\OneSystemCare
[-] Folder deleted: C:\Program Files (x86)\PepperZip
[-] Folder deleted: C:\Program Files (x86)\SFK
[-] Folder deleted: C:\Program Files (x86)\SpaceSondPro
[-] Folder deleted: C:\Program Files (x86)\WeatherTool
[-] Folder deleted: C:\Program Files (x86)\YTDownloader
[-] Folder deleted: C:\Windows\SysWOW64\First Verify
[-] Folder deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\WeatherTool
[-] Folder deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil
[-] Folder deleted: C:\Users\Tomik\AppData\Local\Google\Chrome\User Data\Default\Extensions\npdicihegicnhaangkdmcgbjceoemeoo


***** [ Files ] *****

[-] File deleted: C:\Windows\SysNative\drivers\swdumon.sys
[-] File deleted: C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
[#] File deleted: C:\ProgramData\Application Data\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Shortcuts ] *****



***** [ Scheduled Tasks ] *****

[-] Task deleted: Uinllout


***** [ Registry ] *****

[-] Key deleted: HKLM\SOFTWARE\Classes\pc-mechanic
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\pc-mechanic
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{A2970C7C-8392-4E6F-8B51-B763CF38E13C}
[-] Key deleted: HKU\S-1-5-21-147754569-2467050187-394659022-1002\Software\PRODUCTSETUP
[-] Key deleted: HKU\S-1-5-21-147754569-2467050187-394659022-1002\Software\SlimWare Utilities Inc
[-] Key deleted: HKU\S-1-5-21-147754569-2467050187-394659022-1002\Software\ICSW1.19
[-] Key deleted: HKU\S-1-5-21-147754569-2467050187-394659022-1002\Software\csastats
[#] Key deleted on reboot: HKCU\Software\PRODUCTSETUP
[#] Key deleted on reboot: HKCU\Software\SlimWare Utilities Inc
[#] Key deleted on reboot: HKCU\Software\ICSW1.19
[#] Key deleted on reboot: HKCU\Software\csastats
[-] Key deleted: HKLM\SOFTWARE\SLIMWARE UTILITIES, INC.
[-] Key deleted: HKLM\SOFTWARE\SlimWare Utilities Inc
[-] Key deleted: HKLM\SOFTWARE\Uniblue
[#] Key deleted on reboot: [x64] HKCU\Software\PRODUCTSETUP
[#] Key deleted on reboot: [x64] HKCU\Software\SlimWare Utilities Inc
[#] Key deleted on reboot: [x64] HKCU\Software\ICSW1.19
[#] Key deleted on reboot: [x64] HKCU\Software\csastats
[-] Key deleted: [x64] HKLM\SOFTWARE\WebBar
[-] Key deleted: [x64] HKLM\SOFTWARE\GPCWValidatorService
[-] Key deleted: [x64] HKLM\SOFTWARE\ussc-pr
[-] Value deleted: HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION [wb.exe]
[#] Value deleted on reboot: HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION [wb.exe]
[-] Value deleted: HKLM\SOFTWARE\Classes\Unknown\shell\openas\command [windowsfileopener.Dat]
[-] Value deleted: HKLM\SOFTWARE\Classes\Unknown\shell\opendlg\command [windowsfileopener.Dat]
[-] Key deleted: HKLM\SOFTWARE\Google\Chrome\Extensions\npdicihegicnhaangkdmcgbjceoemeoo


***** [ Web browsers ] *****

[-] [C:\Users\Tomik\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: uk.ask.com
[-] [C:\Users\Tomik\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: cassiopesa.com
[-] [C:\Users\Tomik\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: www-searching.com_
[-] [C:\Users\Tomik\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: www-searching.com
[-] [C:\Users\Tomik\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: npdicihegicnhaangkdmcgbjceoemeoo


*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [5210 Bytes] - [21/12/2016 17:23:51]
C:\AdwCleaner\AdwCleaner[S0].txt - [5005 Bytes] - [21/12/2016 17:23:06]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [5356 Bytes] ##########

Dejte nový log FRST.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-12-2016
Ran by Tomik (administrator) on TOMIK-PC (21-12-2016 19:03:16)
Running from C:\Users\Tomik\Desktop
Loaded Profiles: Tomik (Available Profiles: Tomik)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\D-Link\GO-USB-N150\RtlService.exe
(Razer Inc.) C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\D-Link\GO-USB-N150\RtWlan.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Tomik\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NUSB3MON] => C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [97280 2012-04-11] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-12-13] (Realtek Semiconductor)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8027016 2016-09-16] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [RzWizard] => C:\Program Files (x86)\Razer\RzWizard\RzWizard.exe [254976 2015-07-23] (Razer Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-03-20] (Oracle Corporation)
HKU\S-1-5-21-147754569-2467050187-394659022-1002\...\Run: [Akamai NetSession Interface] => "C:\Users\Tomik\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-147754569-2467050187-394659022-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27230168 2016-11-15] (Skype Technologies S.A.)
HKU\S-1-5-21-147754569-2467050187-394659022-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2876704 2016-12-20] (Valve Corporation)
HKU\S-1-5-21-147754569-2467050187-394659022-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-147754569-2467050187-394659022-1002\...\MountPoints2: {7833476c-f3eb-11e4-98c6-74d435b70c63} - F:\Setup.exe
HKU\S-1-5-21-147754569-2467050187-394659022-1002\...\MountPoints2: {969325a8-1682-11e6-b30b-74d435b70c63} - F:\iStudio.exe
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip\..\Interfaces\{D5AA0375-A8D2-4E37-935C-B36FA5D4D025}: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip\..\Interfaces\{ED0BAC4A-E373-4482-BE72-99D1E8180838}: [DhcpNameServer] 194.168.4.100 194.168.8.100

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05 ... O-38d663a4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05 ... O-38d663a4
HKU\S-1-5-21-147754569-2467050187-394659022-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05 ... O-38d663a4
HKU\S-1-5-21-147754569-2467050187-394659022-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-gb/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {D162AE0B-14AD-493F-8456-86FC6333EE52} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05 ... earchTerms}
SearchScopes: HKLM -> {d4fee3d1-1014-4db8-a824-573bf9ab51c7} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05 ... earchTerms}
SearchScopes: HKU\S-1-5-21-147754569-2467050187-394659022-1002 -> DefaultScope {D162AE0B-14AD-493F-8456-86FC6333EE52} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05 ... earchTerms}
SearchScopes: HKU\S-1-5-21-147754569-2467050187-394659022-1002 -> {D162AE0B-14AD-493F-8456-86FC6333EE52} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05 ... earchTerms}
SearchScopes: HKU\S-1-5-21-147754569-2467050187-394659022-1002 -> {d4fee3d1-1014-4db8-a824-573bf9ab51c7} URL = hxxps://uk.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_77\bin\ssv.dll [2016-04-03] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-04-03] (Oracle Corporation)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-17] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-17] (Oracle Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-13] ()
FF Plugin: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-04-03] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-04-03] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-06-08] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-13] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-17] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-06-08] (Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Tomik\AppData\Local\Google\Chrome\User Data\Default [2016-12-21]
CHR Extension: (Google Slides) - C:\Users\Tomik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-03]
CHR Extension: (Google Docs) - C:\Users\Tomik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-03]
CHR Extension: (Google Drive) - C:\Users\Tomik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-03]
CHR Extension: (YouTube) - C:\Users\Tomik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-03]
CHR Extension: (Google Sheets) - C:\Users\Tomik\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-03]
CHR Extension: (Google Docs Offline) - C:\Users\Tomik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Tomik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03]
CHR Extension: (Gmail) - C:\Users\Tomik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-03]
CHR Extension: (Chrome Media Router) - C:\Users\Tomik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-14]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [599944 2014-12-05] (Autodesk Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [737984 2016-06-03] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2218712 2016-12-13] (Adobe Systems, Incorporated)
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-11-20] (Advanced Micro Devices, Inc.) [File not signed]
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2016-09-16] (Advanced Micro Devices) [File not signed]
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1362464 2016-04-28] ()
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-26] (Disc Soft Ltd)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119688 2016-12-06] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2180624 2016-12-06] (Electronic Arts)
R2 RtlService; C:\Program Files (x86)\D-Link\GO-USB-N150\RtlService.exe [36864 2012-05-10] (Realtek Semiconductor Corp.) [File not signed]
R2 RzWizardService; C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe [368128 2015-07-23] (Razer Inc.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 SpyEmrgHealth; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [305544 2016-09-16] (Advanced Micro Devices)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] ()
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-05-06] (Disc Soft Ltd)
S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [1528976 2012-12-05] (Realtek Semiconductor Corporation )
S1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] ()
R1 {410984fa-ad89-4879-903e-b0c424552782}Gw64; C:\Windows\System32\drivers\{410984fa-ad89-4879-903e-b0c424552782}Gw64.sys [48736 2016-04-03] (StdLib)
S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S2 APXACC; system32\DRIVERS\appexDrv.sys [X]
S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-21 17:22 - 2016-12-21 17:23 - 00000000 ____D C:\AdwCleaner
2016-12-21 17:20 - 2016-12-21 17:20 - 03977168 _____ C:\Users\Tomik\Desktop\adwcleaner_6.041.exe
2016-12-21 16:50 - 2016-12-21 19:04 - 00016330 _____ C:\Users\Tomik\Desktop\FRST.txt
2016-12-21 16:49 - 2016-12-21 19:03 - 00000000 ____D C:\FRST
2016-12-21 16:48 - 2016-12-21 16:45 - 02420224 _____ (Farbar) C:\Users\Tomik\Desktop\FRST64.exe
2016-12-21 16:47 - 2016-12-21 16:47 - 00112640 _____ (forum.viry.cz) C:\Users\Tomik\Desktop\FRSTLauncher.exe
2016-12-21 16:45 - 2016-12-21 16:45 - 02420224 _____ (Farbar) C:\Users\Tomik\Downloads\FRST64.exe
2016-12-20 14:22 - 2016-12-20 14:22 - 00000355 _____ C:\Users\Tomik\Downloads\Favorites - Shortcut.lnk
2016-12-18 19:17 - 2016-12-18 20:40 - 1471444292 _____ C:\Users\Tomik\Downloads\The.BFG.2016.HDRip.XviD.AC3-EVO.avi
2016-12-18 18:56 - 2016-12-18 18:56 - 00000000 ____D C:\Windows\pss
2016-12-18 18:50 - 2016-12-18 18:51 - 08805960 _____ (Piriform Ltd) C:\Users\Tomik\Downloads\ccsetup525pro.exe
2016-12-18 12:12 - 2016-12-18 14:16 - 2189549546 _____ C:\Users\Tomik\Downloads\War-Dogs-CZ.avi
2016-12-18 12:04 - 2016-12-18 12:12 - 133901713 _____ C:\Users\Tomik\Downloads\TBBT-S10E11---The-Birthday-Synchronicity-(cs-titulky).mkv
2016-12-12 20:47 - 2016-12-12 20:47 - 00000000 ____D C:\Users\Tomik\AppData\Local\Chromium
2016-12-12 14:38 - 2016-12-12 15:11 - 596065169 _____ C:\Users\Tomik\Downloads\The.Walking.Dead.S07E08.HDTV.x264.CZtit.mkv
2016-12-10 17:32 - 2016-12-10 17:32 - 00013429 _____ C:\Users\Tomik\Downloads\Snowden.2016.720p.BluRay.x264-NeZu.torrent
2016-12-10 16:58 - 2016-12-10 18:11 - 1322332160 _____ C:\Users\Tomik\Downloads\Sebevražedný-oddíl-Suicide-Squad--CZ-dabing.avi
2016-12-08 17:24 - 2016-12-08 17:42 - 319921644 _____ C:\Users\Tomik\Downloads\The-Flash-S03E09.CZ.tit.mp4
2016-12-06 18:43 - 2016-12-06 18:43 - 00044039 _____ C:\Users\Tomik\Downloads\Westworld.S01E10.WEBRip.x264-FUM[ettv].srt
2016-12-06 14:54 - 2016-12-06 14:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2016-12-06 14:52 - 2016-12-06 14:54 - 00000000 ____D C:\Users\Tomik\AppData\Local\Origin
2016-12-06 14:52 - 2016-12-06 14:52 - 55364064 _____ (Electronic Arts) C:\Users\Tomik\Downloads\OriginThinSetup.exe
2016-12-06 14:51 - 2016-12-06 14:51 - 00002946 _____ C:\Windows\System32\Tasks\{2721A855-1C35-44CA-A016-0ACB38DA1B65}
2016-12-06 14:33 - 2016-12-06 14:33 - 00002946 _____ C:\Windows\System32\Tasks\{D8D73DF2-9853-4467-BF61-CC456B086ED0}
2016-12-06 14:24 - 2016-12-06 14:25 - 00000028 _____ C:\Users\Tomik\Desktop\New Text Document.txt
2016-12-05 15:45 - 2016-12-05 16:22 - 673505678 _____ C:\Users\Tomik\Downloads\The.Walking.Dead.S07E07.HDTV.x264-FUM[ettv].mp4
2016-12-05 13:02 - 2016-12-05 13:29 - 482256446 _____ C:\Users\Tomik\Downloads\Westworld.S01E10.The.Bicameral.Mind.720p.WEBRip.2CH.x265.HEVC-PSA.mp4
2016-12-03 19:20 - 2016-12-03 19:42 - 394017290 _____ C:\Users\Tomik\Downloads\The-Flash-S03E08-Invasion--české--titulky-novinka.avi
2016-12-02 18:45 - 2016-12-02 18:59 - 252822068 _____ C:\Users\Tomik\Downloads\The.Big.Bang.Theory.S10E10.720p.HDTV.X264-DIMENSION-CZ-titulky.avi
2016-12-02 17:20 - 2016-12-02 17:42 - 385986175 _____ C:\Users\Tomik\Downloads\The-Flash-S03E07---&-Arrow-TitCz.mp4
2016-12-02 14:38 - 2016-12-02 14:56 - 328459567 _____ C:\Users\Tomik\Downloads\The-Flash--S03E06-české-titulky-novinka.mp4
2016-11-30 15:09 - 2016-11-30 15:09 - 00034757 _____ C:\Users\Tomik\Downloads\Westworld.S01E09.WEBRip.x264-FUM[ettv].srt
2016-11-30 14:36 - 2016-11-30 14:55 - 349603545 _____ C:\Users\Tomik\Downloads\Westworld.S01E09.WEBRip.x264-FUM[ettv].mp4
2016-11-28 16:34 - 2016-11-28 16:55 - 366944256 _____ C:\Users\Tomik\Downloads\The.Walking.Dead.S07E06.cz-tit.avi
2016-11-28 11:06 - 2016-11-28 11:39 - 287507129 _____ C:\Users\Tomik\Downloads\Black.Mirror.S03E02.WebRip.x264-FS.mp4
2016-11-22 18:43 - 2016-11-22 19:22 - 707898614 _____ C:\Users\Tomik\Downloads\TheGrandTour--S01E01-cztit.mp4
2016-11-21 17:38 - 2016-11-21 18:01 - 413679218 _____ C:\Users\Tomik\Downloads\Westworld-S01E08-HDTVx264-CZtit.mp4
2016-11-21 17:37 - 2016-11-21 17:37 - 00014453 _____ C:\Users\Tomik\Downloads\[CzT]The_Flash_S03E05_Monster_TvRip_720p_.torrent
2016-11-21 16:01 - 2016-11-21 16:42 - 741712508 _____ C:\Users\Tomik\Downloads\The.Walking.Dead.S07E05---CZ-titulky-by-HanzeST.avi

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-21 19:02 - 2016-01-02 12:01 - 00000000 ____D C:\Users\Tomik\AppData\Roaming\Skype
2016-12-21 19:02 - 2014-10-30 10:59 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-12-21 19:01 - 2015-06-30 11:09 - 00000000 ____D C:\Users\Tomik\AppData\Local\Battle.net
2016-12-21 18:24 - 2015-02-13 23:56 - 00000000 ____D C:\Users\Tomik\AppData\Local\PokerStars.UK
2016-12-21 18:14 - 2015-06-30 11:09 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-12-21 17:33 - 2009-07-14 04:45 - 00021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-21 17:33 - 2009-07-14 04:45 - 00021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-21 17:31 - 2015-02-13 23:24 - 00000000 ____D C:\Program Files (x86)\Steam
2016-12-21 17:31 - 2009-07-14 05:13 - 00781790 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-21 17:31 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\inf
2016-12-21 17:25 - 2009-07-14 05:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-21 17:24 - 2014-10-30 14:49 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2016-12-21 14:25 - 2016-09-16 12:16 - 00007603 _____ C:\Users\Tomik\AppData\Local\Resmon.ResmonCfg
2016-12-21 14:24 - 2009-07-14 05:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-12-21 14:12 - 2016-09-17 15:19 - 00000000 ____D C:\Program Files (x86)\Overwatch
2016-12-21 14:11 - 2015-06-30 11:22 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
2016-12-20 15:18 - 2016-11-07 10:37 - 00000000 ____D C:\Users\Tomik\AppData\Roaming\Origin
2016-12-20 14:53 - 2016-11-07 10:35 - 00000000 ____D C:\ProgramData\Origin
2016-12-20 14:21 - 2016-03-17 23:09 - 00000000 ____D C:\Users\Tomik\AppData\Local\UnrealEngine
2016-12-18 19:01 - 2009-07-14 03:20 - 00000000 ____D C:\PerfLogs
2016-12-18 18:52 - 2015-08-31 18:29 - 00000000 ____D C:\Users\Tomik\AppData\Roaming\uTorrent
2016-12-18 18:51 - 2016-09-14 20:38 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-12-18 18:51 - 2016-09-14 20:38 - 00000822 _____ C:\ProgramData\Desktop\CCleaner.lnk
2016-12-18 18:51 - 2016-09-14 20:38 - 00000000 ____D C:\Program Files\CCleaner
2016-12-16 20:00 - 2015-02-16 12:59 - 00003330 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-16 20:00 - 2015-02-16 12:59 - 00003202 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-15 20:59 - 2016-11-07 12:51 - 00001170 _____ C:\Users\Public\Desktop\Battlefield 1.lnk
2016-12-15 20:59 - 2016-11-07 12:51 - 00001170 _____ C:\ProgramData\Desktop\Battlefield 1.lnk
2016-12-14 21:01 - 2015-02-16 13:01 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-14 21:01 - 2015-02-16 13:01 - 00002183 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2016-12-13 19:02 - 2014-10-30 10:59 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-12-13 19:02 - 2014-10-30 10:59 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-13 19:02 - 2014-10-30 10:59 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-12-13 19:02 - 2014-10-30 10:59 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-12-13 19:02 - 2014-10-30 10:59 - 00000000 ____D C:\Windows\system32\Macromed
2016-12-12 20:48 - 2015-02-20 01:54 - 00000000 ____D C:\Users\Tomik\AppData\Local\Steam
2016-12-10 17:40 - 2015-08-31 18:31 - 00000000 ____D C:\Movies
2016-12-06 21:38 - 2016-01-02 12:01 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-12-06 21:38 - 2016-01-02 12:01 - 00000000 ____D C:\ProgramData\Skype
2016-12-06 14:54 - 2016-11-07 10:34 - 00000000 ____D C:\Program Files (x86)\Origin
2016-12-06 14:52 - 2016-11-07 10:35 - 00000000 ____D C:\ProgramData\Electronic Arts
2016-12-01 15:53 - 2016-11-07 13:07 - 00000000 ____D C:\Users\Tomik\Documents\Battlefield 1
2016-11-30 14:06 - 2016-07-28 20:00 - 00000000 ____D C:\Program Files (x86)\Hearthstone

==================== Files in the root of some directories =======

2015-11-06 16:12 - 2015-11-09 18:05 - 2128896 _____ () C:\Users\Tomik\AppData\Local\file__0.localstorage
2016-09-16 12:16 - 2016-12-21 14:25 - 0007603 _____ () C:\Users\Tomik\AppData\Local\Resmon.ResmonCfg
2016-01-29 19:38 - 2016-01-29 19:38 - 73090024 _____ () C:\Users\Tomik\AppData\Local\TempFullTiltPokerEuSetup.exe
2015-08-30 12:04 - 2015-08-30 12:11 - 0000112 _____ () C:\ProgramData\BeA2q4f8e.dat

Files to move or delete:
====================
C:\ProgramData\BeA2q4f8e.dat


Some files in TEMP:
====================
C:\Users\Tomik\AppData\Local\Temp\libeay32.dll
C:\Users\Tomik\AppData\Local\Temp\msvcr120.dll
C:\Users\Tomik\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-12-07 16:28

==================== End of FRST.txt ============================



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:927.51 GB) (Free:233.81 GB) NTFS

Available physical RAM: 5338.27 MB
Total physical RAM: 8134.04 MB
Percentage of memory in use: 34%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: AA19934E)
Partition 1: (Active) - (Size=4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=927.5 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Tomik\Desktop" je 570 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Creative Cloud
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSKAppManager
"C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpyEmergency
C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Tomik^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.1.lnk
C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-03-20] (Oracle Corporation)
HKU\S-1-5-21-147754569-2467050187-394659022-1002\...\Run: [Akamai NetSession Interface] => "C:\Users\Tomik\AppData\Local\Akamai\netsession_win.exe"
C:\Users\Tomik\AppData\Local\Akamai
HKU\S-1-5-21-147754569-2467050187-394659022-1002\...\MountPoints2: {7833476c-f3eb-11e4-98c6-74d435b70c63} - F:\Setup.exe
HKU\S-1-5-21-147754569-2467050187-394659022-1002\...\MountPoints2: {969325a8-1682-11e6-b30b-74d435b70c63} - F:\iStudio.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1& ... O-38d663a4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1& ... O-38d663a4
HKU\S-1-5-21-147754569-2467050187-394659022-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1& ... O-38d663a4
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {D162AE0B-14AD-493F-8456-86FC6333EE52} URL = hxxp://www.bing.com/search?FORM=INCOH2& ... 8d663a4&q={searchTerms}
SearchScopes: HKLM -> {d4fee3d1-1014-4db8-a824-573bf9ab51c7} URL = hxxp://www.bing.com/search?FORM=INCOH2& ... 8d663a4&q={searchTerms}
SearchScopes: HKU\S-1-5-21-147754569-2467050187-394659022-1002 -> DefaultScope {D162AE0B-14AD-493F-8456-86FC6333EE52} URL = hxxp://www.bing.com/search?FORM=INCOH2& ... 8d663a4&q={searchTerms}
SearchScopes: HKU\S-1-5-21-147754569-2467050187-394659022-1002 -> {D162AE0B-14AD-493F-8456-86FC6333EE52} URL = hxxp://www.bing.com/search?FORM=INCOH2& ... 8d663a4&q={searchTerms}
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\ProgramData\BeA2q4f8e.dat
C:\Users\Tomik\AppData\Local\Temp

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 21-12-2016
Ran by Tomik (21-12-2016 19:48:05) Run:1
Running from C:\Users\Tomik\Desktop
Loaded Profiles: Tomik (Available Profiles: Tomik)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-03-20] (Oracle Corporation)
HKU\S-1-5-21-147754569-2467050187-394659022-1002\...\Run: [Akamai NetSession Interface] => "C:\Users\Tomik\AppData\Local\Akamai\netsession_win.exe"
C:\Users\Tomik\AppData\Local\Akamai
HKU\S-1-5-21-147754569-2467050187-394659022-1002\...\MountPoints2: {7833476c-f3eb-11e4-98c6-74d435b70c63} - F:\Setup.exe
HKU\S-1-5-21-147754569-2467050187-394659022-1002\...\MountPoints2: {969325a8-1682-11e6-b30b-74d435b70c63} - F:\iStudio.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1& ... O-38d663a4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1& ... O-38d663a4
HKU\S-1-5-21-147754569-2467050187-394659022-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1& ... O-38d663a4
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {D162AE0B-14AD-493F-8456-86FC6333EE52} URL = hxxp://www.bing.com/search?FORM=INCOH2& ... 8d663a4&q={searchTerms}
SearchScopes: HKLM -> {d4fee3d1-1014-4db8-a824-573bf9ab51c7} URL = hxxp://www.bing.com/search?FORM=INCOH2& ... 8d663a4&q={searchTerms}
SearchScopes: HKU\S-1-5-21-147754569-2467050187-394659022-1002 -> DefaultScope {D162AE0B-14AD-493F-8456-86FC6333EE52} URL = hxxp://www.bing.com/search?FORM=INCOH2& ... 8d663a4&q={searchTerms}
SearchScopes: HKU\S-1-5-21-147754569-2467050187-394659022-1002 -> {D162AE0B-14AD-493F-8456-86FC6333EE52} URL = hxxp://www.bing.com/search?FORM=INCOH2& ... 8d663a4&q={searchTerms}
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\ProgramData\BeA2q4f8e.dat
C:\Users\Tomik\AppData\Local\Temp

EmptyTemp:
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-147754569-2467050187-394659022-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface => value removed successfully
"C:\Users\Tomik\AppData\Local\Akamai" => not found.
"HKU\S-1-5-21-147754569-2467050187-394659022-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7833476c-f3eb-11e4-98c6-74d435b70c63}" => key removed successfully
HKCR\CLSID\{7833476c-f3eb-11e4-98c6-74d435b70c63} => key not found.
"HKU\S-1-5-21-147754569-2467050187-394659022-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{969325a8-1682-11e6-b30b-74d435b70c63}" => key removed successfully
HKCR\CLSID\{969325a8-1682-11e6-b30b-74d435b70c63} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-147754569-2467050187-394659022-1002\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D162AE0B-14AD-493F-8456-86FC6333EE52}" => key removed successfully
HKCR\CLSID\{D162AE0B-14AD-493F-8456-86FC6333EE52} => key not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{d4fee3d1-1014-4db8-a824-573bf9ab51c7}" => key removed successfully
HKCR\CLSID\{d4fee3d1-1014-4db8-a824-573bf9ab51c7} => key not found.
HKU\S-1-5-21-147754569-2467050187-394659022-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-147754569-2467050187-394659022-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D162AE0B-14AD-493F-8456-86FC6333EE52}" => key removed successfully
HKCR\CLSID\{D162AE0B-14AD-493F-8456-86FC6333EE52} => key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
C:\ProgramData\BeA2q4f8e.dat => moved successfully

"C:\Users\Tomik\AppData\Local\Temp" folder move:

Could not move "C:\Users\Tomik\AppData\Local\Temp" => Scheduled to move on reboot.


=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 17267450 B
Java, Flash, Steam htmlcache => 381485303 B
Windows/system/drivers => 3840 B
Edge => 0 B
Chrome => 427414418 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 16802 B
systemprofile32 => 66356 B
LocalService => 0 B
NetworkService => 19120 B
Tomik => 72577614 B

RecycleBin => 2744 B
EmptyTemp: => 857.2 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 21-12-2016 19:49:51)

C:\Users\Tomik\AppData\Local\Temp => moved successfully

==== End of Fixlog 19:49:52 ====

Smazáno. Změnilo se něco?

nic moc se nezmenilo. jde o CPU Usage.. stale 100% kdyz hraji graficky narocnejsi hry. pred tydnem jsem s tim nemel problem.
myslite, ze se s tim da neco udelat?

Na zkoušku vypněte aut. aktualizace.

bez zmeny. zkusim rr PC

tak to vypada v poradku. mockrat dekuji a preji prijemne straveni Vanocnich svatku.

Nějak nechápu. Změnilo se to po vypnutí aktualizací, nebo jiném zásahu?

vypnuti aktualizace pomohlo, ale musel jsem jit restart PC