VIRY.CZ

Dobrý den,prosím o kontrolu

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-01-2017
Ran by Dominik (administrator) on DOMINIK-PC (30-01-2017 12:07:51)
Running from C:\Users\Dominik\Documents
Loaded Profiles: Dominik (Available Profiles: Dominik)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Power Software Ltd) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [406664 2016-05-25] (Power Software Ltd)
HKU\S-1-5-21-707951698-1732677806-592134114-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-20] (Piriform Ltd)
HKU\S-1-5-21-707951698-1732677806-592134114-1000\...\MountPoints2: I - I:\setup.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0AA83DC0-B66F-43FD-9DAD-56EA86565672}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-707951698-1732677806-592134114-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-707951698-1732677806-592134114-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-03-12] (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-03-12] (Oracle Corporation)

FireFox:
========
FF DefaultProfile: k63582xc.default
FF ProfilePath: C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\k63582xc.default [2017-01-30]
FF NewTab: Mozilla\Firefox\Profiles\k63582xc.default -> about:newtab
FF Homepage: Mozilla\Firefox\Profiles\k63582xc.default -> about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-12] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-12] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-03-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-03-12] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-10-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-10-25] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default [2017-01-30]
CHR Extension: (Prezentace Google) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-16]
CHR Extension: (Dokumenty Google) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-16]
CHR Extension: (Disk Google) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-16]
CHR Extension: (YouTube) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-16]
CHR Extension: (Tabulky Google) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-16]
CHR Extension: (AdBlock) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-01-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Gmail) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-16]
CHR Extension: (Chrome Media Router) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-15]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [389392 2016-11-13] (EasyAntiCheat Ltd)
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [79552 2016-03-02] (Bitdefender)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [458296 2016-10-25] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [458296 2016-10-25] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-10-25] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1165368 2016-10-25] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119688 2017-01-04] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2180624 2017-01-04] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2016-04-02] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2016-10-14] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2016-08-12] (BitDefender)
U5 avchv; C:\Windows\System32\Drivers\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender)
R1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-07-02] (Bitdefender SRL)
R1 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (BitDefender LLC)
S3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus64.sys [261120 2005-09-23] (Pinnacle Systems GmbH) [File not signed]
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [29240 2016-10-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47672 2016-10-25] (NVIDIA Corporation)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.)
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-26 19:52 - 2017-01-26 21:35 - 1822603277 _____ C:\Users\Dominik\Downloads\Vikings.S04E19.1080p.WEB-DL.DD5.1.H264-RARBG.mkv
2017-01-26 19:48 - 2017-01-26 19:48 - 00023930 _____ C:\Users\Dominik\Downloads\Vikings.S04E19.1080p.WEB-DL.DD5.1.H264-RARBG.srt
2017-01-24 00:24 - 2017-01-24 00:24 - 00000222 _____ C:\Users\Dominik\Desktop\Resident Evil 7 Biohazard 7 Teaser Beginning Hour.url
2017-01-22 20:02 - 2017-01-22 20:02 - 01673544 _____ ( ) C:\Users\Dominik\Downloads\cpu-z_1.78-en.exe
2017-01-22 20:02 - 2017-01-22 20:02 - 00000869 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2017-01-22 20:02 - 2017-01-22 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2017-01-22 20:02 - 2017-01-22 20:02 - 00000000 ____D C:\Program Files\CPUID
2017-01-20 01:09 - 2017-01-26 00:06 - 00000238 _____ C:\Users\Dominik\Desktop\Nový textový dokument.txt
2017-01-19 21:34 - 2017-01-19 21:34 - 00022537 _____ C:\Users\Dominik\Downloads\Vikings.S04E18.1080p.WEB-DL.DD5.1.H264-RARBG.srt
2017-01-19 19:50 - 2017-01-19 21:33 - 1847391237 _____ C:\Users\Dominik\Downloads\Vikings.S04E18.1080p.WEB-DL.DD5.1.H264-RARBG.mkv
2017-01-15 01:03 - 2017-01-15 23:11 - 00000000 ____D C:\V-H-S (2012)
2017-01-15 00:56 - 2017-01-15 00:56 - 00014496 _____ C:\Users\Dominik\Downloads\[CzT]V_H_S_2012_.torrent
2017-01-13 23:29 - 2017-01-13 23:53 - 00000000 ____D C:\Blair Witch
2017-01-13 23:28 - 2017-01-13 23:28 - 00022995 _____ C:\Users\Dominik\Downloads\[CzT]Blair_Witch_2016_720pHD_.torrent
2017-01-12 16:33 - 2017-01-12 17:26 - 930514937 _____ C:\Users\Dominik\Downloads\Vikings.S04E17.720p.HDTV.x264-FLEET.mkv
2017-01-12 16:32 - 2017-01-12 16:32 - 00029063 _____ C:\Users\Dominik\Downloads\Vikings.S04E17.720p.HDTV.x264-FLEET (+SVA).srt
2017-01-09 21:01 - 2017-01-09 21:03 - 00000000 ____D C:\stalkerhh
2017-01-09 20:59 - 2017-01-09 21:03 - 00000000 ____D C:\stalůker
2017-01-09 19:18 - 2017-01-09 19:19 - 08733953 _____ C:\Users\Dominik\Downloads\Stalker-Shadow-of-Chernobyl-Patch-a-Crack-1.0006.zip
2017-01-09 18:08 - 2017-01-09 18:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autumnal Wanderers
2017-01-09 14:51 - 2017-01-09 14:53 - 74472808 _____ (THQ ) C:\Users\Dominik\Downloads\stk-cz-10005.exe
2017-01-09 14:46 - 2017-01-09 14:47 - 58935312 _____ C:\Users\Dominik\Downloads\stalker_shadow_of_chernobyl_cz_patch_10000_10004.zip
2017-01-09 14:45 - 2017-01-09 14:45 - 12163888 _____ (THQ ) C:\Users\Dominik\Downloads\stk-ww-0-3.exe
2017-01-09 14:45 - 2017-01-09 14:45 - 08275798 _____ C:\Users\Dominik\Downloads\stalker_shadow_of_chernobyl_cz_patch_10001.zip
2017-01-09 14:45 - 2017-01-09 14:45 - 00002315 _____ C:\Users\Public\Desktop\S.T.A.L.K.E.R. - Shadow of Chernobyl.lnk
2017-01-09 14:45 - 2017-01-09 14:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ
2017-01-09 14:39 - 2017-01-09 20:19 - 00000000 ____D C:\Users\Public\Documents\STALKER-SHOC
2017-01-09 14:39 - 2017-01-09 14:39 - 00000000 ____D C:\Program Files (x86)\THQ
2017-01-09 14:34 - 2017-01-09 14:35 - 82456210 _____ C:\Users\Dominik\Downloads\S.T.A.L.K.E.R_SoC_All_Patches_1.0001-_1.0006.rar
2017-01-09 14:33 - 2017-01-09 14:33 - 08057608 _____ (THQ ) C:\Users\Dominik\Downloads\official_patch_soc-win-10005_10006.exe
2017-01-09 12:18 - 2017-01-09 12:19 - 17959538 _____ C:\Users\Dominik\Downloads\lidsky_vztah_jako_soucast_profese.pdf
2017-01-08 23:08 - 2017-01-08 23:08 - 03988944 _____ C:\Users\Dominik\Downloads\adwcleaner_6.042.exe
2017-01-08 22:28 - 2017-01-08 22:28 - 04060064 _____ (GSC Game World ) C:\Users\Dominik\Downloads\stk-multi-patch.exe
2017-01-08 22:18 - 2017-01-08 22:22 - 00000000 ____D C:\Autumn Aurora 2.1 by Autumnal Wanderers (30.09.2015)
2017-01-08 16:01 - 2017-01-08 16:18 - 00000000 ____D C:\Program Files (x86)\PowerISO
2017-01-08 16:01 - 2017-01-08 16:01 - 02977032 _____ (Power Software Ltd) C:\Users\Dominik\Downloads\PowerISO6.exe
2017-01-08 16:01 - 2017-01-08 16:01 - 00001007 _____ C:\Users\Public\Desktop\PowerISO.lnk
2017-01-08 16:01 - 2017-01-08 16:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2017-01-08 16:01 - 2016-05-25 00:06 - 00137280 _____ (Power Software Ltd) C:\Windows\system32\Drivers\scdemu.sys
2017-01-07 21:42 - 2017-01-09 14:57 - 00000000 ____D C:\Users\Dominik\Downloads\StalkerSoCH[CZ]
2017-01-07 21:36 - 2017-01-07 21:36 - 00016160 _____ C:\Users\Dominik\Downloads\[CzT]STALKER_Shadow_of_Chernobyl_CZ_.torrent
2017-01-07 20:45 - 2017-01-08 22:13 - 1669478745 _____ C:\Users\Dominik\Downloads\Autumn_Aurora_2.1_by_Autumnal_Wanderers_30.09.2015.7z
2017-01-05 16:54 - 2017-01-05 17:47 - 948771680 _____ C:\Users\Dominik\Downloads\Vikings.S04E16.PROPER.720p.HDTV.x264-FLEET.mkv
2017-01-05 16:51 - 2017-01-05 16:51 - 00020150 _____ C:\Users\Dominik\Downloads\Vikings.S04E16.PROPER.720p.HDTV.x264-FLEET.srt
2017-01-05 16:51 - 2017-01-05 16:51 - 00020150 _____ C:\Users\Dominik\Downloads\Vikings.S04E16.PROPER.720p.HDTV.x264-FLEET (1).srt
2017-01-04 18:05 - 2017-01-04 18:05 - 00007975 _____ C:\Users\Dominik\Downloads\Potvrzení-o-absolvované-exkurzi (2).odt
2017-01-04 17:54 - 2017-01-04 17:54 - 00007975 _____ C:\Users\Dominik\Downloads\Potvrzení-o-absolvované-exkurzi (1).odt
2017-01-04 14:16 - 2017-01-04 14:38 - 00000000 ____D C:\Users\Dominik\Documents\Survarium-Steam
2017-01-03 18:00 - 2017-01-03 18:17 - 587467523 _____ C:\Users\Dominik\Downloads\Darkest Hour Ultimate Age of Empires.rar

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-30 12:08 - 2016-09-29 11:45 - 00013115 _____ C:\Users\Dominik\Documents\FRST.txt
2017-01-30 12:07 - 2016-11-07 08:39 - 00000000 ____D C:\Users\Dominik\Documents\FRST-OlderVersion
2017-01-30 12:07 - 2016-07-11 10:16 - 02420736 _____ (Farbar) C:\Users\Dominik\Documents\FRST64.exe
2017-01-30 12:07 - 2015-10-26 17:34 - 00000000 ____D C:\FRST
2017-01-30 11:10 - 2009-07-14 05:45 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-30 11:10 - 2009-07-14 05:45 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-30 11:05 - 2015-10-29 18:45 - 00000000 ____D C:\ProgramData\NVIDIA
2017-01-30 10:30 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-30 01:23 - 2016-11-19 13:32 - 00000000 ____D C:\Users\Dominik\AppData\LocalLow\Mozilla
2017-01-29 10:01 - 2016-11-18 11:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-29 10:01 - 2015-09-27 21:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-27 10:17 - 2016-08-04 19:40 - 00000000 ____D C:\Users\Dominik\AppData\Local\CrashDumps
2017-01-26 23:00 - 2015-09-19 19:01 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\vlc
2017-01-25 23:11 - 2015-09-21 16:27 - 00000000 ____D C:\AdwCleaner
2017-01-25 22:15 - 2016-04-25 14:43 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-01-24 19:54 - 2015-09-27 19:38 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2017-01-24 19:54 - 2015-09-18 17:24 - 00000000 ____D C:\Program Files (x86)\Steam
2017-01-24 07:21 - 2009-07-14 06:08 - 00032618 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-01-24 00:16 - 2015-09-18 17:25 - 00000000 ____D C:\Users\Dominik\AppData\Local\Steam
2017-01-22 12:09 - 2016-08-31 13:08 - 00000000 ____D C:\Users\Dominik\AppData\Local\ElevatedDiagnostics
2017-01-19 17:43 - 2015-09-27 12:49 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-19 01:05 - 2016-03-28 18:08 - 00000000 ____D C:\Users\Dominik\Documents\TopStyle 5
2017-01-16 01:08 - 2016-10-16 15:02 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\uTorrent
2017-01-12 21:43 - 2015-11-13 14:41 - 00000000 ____D C:\Fraps
2017-01-12 14:37 - 2015-11-19 21:53 - 00000000 ____D C:\Darkest Hour
2017-01-10 13:43 - 2015-09-27 12:50 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-01-06 01:04 - 2015-09-25 14:39 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Origin
2017-01-05 16:24 - 2015-09-25 14:37 - 00000000 ____D C:\ProgramData\Origin
2017-01-04 15:50 - 2016-10-14 16:34 - 00214392 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2017-01-04 15:50 - 2015-09-25 16:42 - 00214392 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2017-01-04 15:12 - 2015-09-25 14:37 - 00000000 ____D C:\Program Files (x86)\Origin
2017-01-04 00:51 - 2015-09-15 21:08 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Skype

==================== Files in the root of some directories =======

2016-09-04 21:01 - 2016-09-04 21:07 - 0000000 _____ () C:\Program Files (x86)\ToDownloadBase.db
2016-08-25 20:52 - 2016-09-21 17:29 - 0029696 _____ () C:\Users\Dominik\AppData\Local\MSGBOX.EXE
2016-02-23 17:32 - 2016-02-23 17:32 - 0000913 _____ () C:\Users\Dominik\AppData\Local\recently-used.xbel
2015-10-21 19:28 - 2016-09-28 09:12 - 0007602 _____ () C:\Users\Dominik\AppData\Local\Resmon.ResmonCfg
2016-10-14 16:37 - 2016-10-14 16:37 - 0000000 ___SH () C:\ProgramData\.rdata
2016-08-11 18:14 - 2016-08-11 18:15 - 0101114 _____ () C:\ProgramData\1470935671.bdinstall.bin
2016-08-11 18:18 - 2016-08-11 18:18 - 0198197 _____ () C:\ProgramData\1470935869.bdinstall.bin

Some files in TEMP:
====================
2017-01-09 18:11 - 2017-01-09 18:11 - 0065536 _____ (Sony DADC Austria AG) C:\Users\Dominik\AppData\Local\Temp\drm_dialogs.dll
2016-04-15 17:29 - 2016-08-25 21:50 - 0746088 _____ (NVIDIA Corporation) C:\Users\Dominik\AppData\Local\Temp\nvSCPAPI.dll
2016-04-15 17:29 - 2016-08-25 21:50 - 0860776 _____ (NVIDIA Corporation) C:\Users\Dominik\AppData\Local\Temp\nvSCPAPI64.dll
2016-08-30 11:59 - 2016-08-25 21:49 - 0345024 _____ (NVIDIA Corporation) C:\Users\Dominik\AppData\Local\Temp\nvStInst.exe
2016-08-04 20:23 - 2017-01-24 19:54 - 0192512 _____ () C:\Users\Dominik\AppData\Local\Temp\sfamcc00001.dll
2016-08-06 16:04 - 2016-12-06 21:34 - 0192512 _____ () C:\Users\Dominik\AppData\Local\Temp\sfamcc00002.dll
2016-09-26 20:26 - 2017-01-03 22:16 - 43872728 _____ (Skype Technologies S.A.) C:\Users\Dominik\AppData\Local\Temp\SkypeSetup.exe
2016-08-15 17:31 - 2016-08-15 17:31 - 0945691 _____ () C:\Users\Dominik\AppData\Local\Temp\ubi90F8.tmp.exe
2016-09-25 17:48 - 2016-09-25 17:48 - 22895331 _____ (Ubisoft) C:\Users\Dominik\AppData\Local\Temp\ubi9CA5.tmp.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-01-23 09:57

==================== End of FRST.txt ============================

Zdravím,

smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém

Stáhni a spusť AdwCleaner,

ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,

objeví se okno kde vlevo nahoře klikni na Scan.

Po dokončení skenu klikni na Clean,

proběhne restart PC kdy dojde ke smazání nepořádku.

Po té mi sem zkopíruj Report.

Použij Mbam z mého podpisu a dej mi sem z něj log po smazání nepořádku.

Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.

V případě nejasností je ZDE obrázkový návod.

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 30.1.2017
Scan Time: 12:18
Logfile: MAM.txt
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2017.01.30.02
Rootkit Database: v2016.11.20.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Dominik

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 1149437
Time Elapsed: 2 hr, 45 min, 9 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

# AdwCleaner v6.043 - Logfile created 30/01/2017 at 19:31:36
# Updated on 27/01/2017 by Malwarebytes
# Database : 2017-01-30.2 [Server]
# Operating System : Windows 7 Home Premium Service Pack 1 (X64)
# Username : Dominik - DOMINIK-PC
# Running from : C:\Users\Dominik\Downloads\adwcleaner_6.043.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support

***** [ Services ] *****

***** [ Folders ] *****

***** [ Files ] *****

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Shortcuts ] *****

***** [ Scheduled Tasks ] *****

***** [ Registry ] *****

***** [ Web browsers ] *****

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C10].txt - [3651 Bytes] - [08/11/2016 23:22:44]
C:\AdwCleaner\AdwCleaner[C11].txt - [853 Bytes] - [30/01/2017 19:31:36]
C:\AdwCleaner\AdwCleaner[C1].txt - [3012 Bytes] - [21/09/2015 22:45:11]
C:\AdwCleaner\AdwCleaner[C2].txt - [2461 Bytes] - [07/10/2015 19:05:11]
C:\AdwCleaner\AdwCleaner[C3].txt - [2192 Bytes] - [07/10/2015 20:33:17]
C:\AdwCleaner\AdwCleaner[C4].txt - [836 Bytes] - [27/10/2015 12:01:12]
C:\AdwCleaner\AdwCleaner[C5].txt - [2017 Bytes] - [26/08/2016 11:22:13]
C:\AdwCleaner\AdwCleaner[C6].txt - [1863 Bytes] - [28/08/2016 10:13:27]
C:\AdwCleaner\AdwCleaner[C7].txt - [2163 Bytes] - [21/09/2016 19:05:28]
C:\AdwCleaner\AdwCleaner[C8].txt - [2776 Bytes] - [04/10/2016 15:18:20]
C:\AdwCleaner\AdwCleaner[C9].txt - [2605 Bytes] - [05/10/2016 17:47:15]
C:\AdwCleaner\AdwCleaner[S10].txt - [2251 Bytes] - [15/09/2016 11:05:43]
C:\AdwCleaner\AdwCleaner[S11].txt - [2331 Bytes] - [21/09/2016 19:05:19]
C:\AdwCleaner\AdwCleaner[S12].txt - [2792 Bytes] - [29/09/2016 11:36:45]
C:\AdwCleaner\AdwCleaner[S13].txt - [2866 Bytes] - [04/10/2016 15:18:01]
C:\AdwCleaner\AdwCleaner[S14].txt - [2699 Bytes] - [05/10/2016 10:37:56]
C:\AdwCleaner\AdwCleaner[S15].txt - [2773 Bytes] - [05/10/2016 17:46:52]
C:\AdwCleaner\AdwCleaner[S16].txt - [2916 Bytes] - [10/10/2016 15:23:38]
C:\AdwCleaner\AdwCleaner[S17].txt - [2990 Bytes] - [10/10/2016 17:02:51]
C:\AdwCleaner\AdwCleaner[S18].txt - [3064 Bytes] - [10/10/2016 23:38:30]
C:\AdwCleaner\AdwCleaner[S19].txt - [3138 Bytes] - [11/10/2016 22:21:15]
C:\AdwCleaner\AdwCleaner[S1].txt - [3544 Bytes] - [21/09/2015 16:27:35]
C:\AdwCleaner\AdwCleaner[S20].txt - [3212 Bytes] - [14/10/2016 12:06:06]
C:\AdwCleaner\AdwCleaner[S21].txt - [3286 Bytes] - [14/10/2016 14:32:53]
C:\AdwCleaner\AdwCleaner[S22].txt - [3374 Bytes] - [23/10/2016 17:04:03]
C:\AdwCleaner\AdwCleaner[S23].txt - [3448 Bytes] - [01/11/2016 21:12:27]
C:\AdwCleaner\AdwCleaner[S24].txt - [3522 Bytes] - [05/11/2016 20:56:37]
C:\AdwCleaner\AdwCleaner[S25].txt - [3596 Bytes] - [06/11/2016 23:54:25]
C:\AdwCleaner\AdwCleaner[S26].txt - [3670 Bytes] - [07/11/2016 22:38:50]
C:\AdwCleaner\AdwCleaner[S27].txt - [3744 Bytes] - [08/11/2016 20:24:18]
C:\AdwCleaner\AdwCleaner[S28].txt - [3818 Bytes] - [08/11/2016 23:22:19]
C:\AdwCleaner\AdwCleaner[S29].txt - [3966 Bytes] - [03/12/2016 16:32:50]
C:\AdwCleaner\AdwCleaner[S2].txt - [2895 Bytes] - [21/09/2015 22:44:45]
C:\AdwCleaner\AdwCleaner[S30].txt - [4040 Bytes] - [14/12/2016 17:01:23]
C:\AdwCleaner\AdwCleaner[S31].txt - [4114 Bytes] - [05/01/2017 22:31:52]
C:\AdwCleaner\AdwCleaner[S32].txt - [4188 Bytes] - [08/01/2017 23:09:43]
C:\AdwCleaner\AdwCleaner[S33].txt - [4262 Bytes] - [12/01/2017 14:36:09]
C:\AdwCleaner\AdwCleaner[S34].txt - [4336 Bytes] - [25/01/2017 23:11:57]
C:\AdwCleaner\AdwCleaner[S35].txt - [4410 Bytes] - [30/01/2017 19:30:40]
C:\AdwCleaner\AdwCleaner[S3].txt - [2293 Bytes] - [07/10/2015 20:32:51]
C:\AdwCleaner\AdwCleaner[S4].txt - [2126 Bytes] - [27/10/2015 12:00:03]
C:\AdwCleaner\AdwCleaner[S5].txt - [2040 Bytes] - [29/10/2015 19:10:48]
C:\AdwCleaner\AdwCleaner[S6].txt - [1463 Bytes] - [09/07/2016 09:41:51]
C:\AdwCleaner\AdwCleaner[S7].txt - [4587 Bytes] - [26/08/2016 11:15:25]
C:\AdwCleaner\AdwCleaner[S8].txt - [2030 Bytes] - [28/08/2016 10:13:07]
C:\AdwCleaner\AdwCleaner[S9].txt - [2176 Bytes] - [31/08/2016 17:12:51]

########## EOF - C:\AdwCleaner\AdwCleaner[C11].txt - [4163 Bytes] ##########

ComboFix 17-01-29.01 - Dominik 30.01.2017 19:39:21.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8126.5850 [GMT 1:00]
Spuštěný z: c:\users\Dominik\Downloads\ComboFix.exe
AV: Bitdefender Antivirus Free Edition *Enabled/Updated* {3FB17364-4FCC-0FA7-6BBF-973897395371}
SP: Bitdefender Antivirus Free Edition *Enabled/Updated* {84D09280-69F6-0029-510F-AC4AECBE19CC}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\1470935671.bdinstall.bin
c:\programdata\1470935869.bdinstall.bin
c:\users\Dominik\AppData\Local\MSGBOX.EXE
c:\windows\msdownld.tmp
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-12-28 do 2017-01-30 )))))))))))))))))))))))))))))))
.
.
2017-01-30 18:48 . 2017-01-30 18:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2017-01-22 19:02 . 2017-01-22 19:02 -------- d-----w- c:\program files\CPUID
2017-01-15 00:03 . 2017-01-15 22:11 -------- d-----w- C:\V-H-S (2012)
2017-01-13 22:29 . 2017-01-13 22:53 -------- d-----w- C:\Blair Witch
2017-01-09 20:01 . 2017-01-09 20:03 -------- d-----w- C:\stalkerhh
2017-01-09 19:59 . 2017-01-09 20:03 -------- d-----w- C:\stalůker
2017-01-09 13:39 . 2017-01-09 13:39 -------- d-----w- c:\program files (x86)\THQ
2017-01-08 21:18 . 2017-01-08 21:22 -------- d-----w- C:\Autumn Aurora 2.1 by Autumnal Wanderers (30.09.2015)
2017-01-08 15:01 . 2017-01-08 15:18 -------- d-----w- c:\program files (x86)\PowerISO
2017-01-08 15:01 . 2016-05-24 23:06 137280 ----a-w- c:\windows\system32\drivers\scdemu.sys
2017-01-04 13:22 . 2017-01-04 13:38 -------- d-----w- c:\program files (x86)\Common Files\BattlEye
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2017-01-30 11:18 . 2016-04-25 13:43 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2017-01-07 10:32 . 2012-07-17 12:37 24800 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2017-01-04 14:50 . 2016-10-14 15:34 214392 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2017-01-04 14:50 . 2015-09-25 15:42 214392 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2016-11-13 14:22 . 2016-11-13 16:07 389392 ----a-w- c:\windows\SysWow64\EasyAntiCheat.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-08-19 8455960]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2016-05-24 406664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Origin Web Helper Service;Origin Web Helper Service;c:\program files (x86)\Origin\OriginWebHelperService.exe;c:\program files (x86)\Origin\OriginWebHelperService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 EasyAntiCheat;EasyAntiCheat;c:\windows\system32\EasyAntiCheat.exe;c:\windows\SYSNATIVE\EasyAntiCheat.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MSICDSetup;MSICDSetup;d:\cdriver64.sys;d:\CDriver64.sys [x]
R3 NTIOLib_1_0_C;NTIOLib_1_0_C;d:\ntiolib_x64.sys;d:\NTIOLib_X64.sys [x]
R3 NvContainerNetworkService;NVIDIA NetworkService Container;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe [x]
R3 NvStreamKms;NVIDIA KMS;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bbus.sys [x]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdfl.sys [x]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys;c:\windows\SYSNATIVE\DRIVERS\avc3.sys [x]
S1 bdfwfpf;bdfwfpf;c:\program files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys;c:\program files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [x]
S1 gzflt;gzflt;c:\windows\system32\DRIVERS\gzflt.sys;c:\windows\SYSNATIVE\DRIVERS\gzflt.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 gzserv;Bitdefender Antivirus Free Edition;c:\program files\Bitdefender\Antivirus Free Edition\gzserv.exe;c:\program files\Bitdefender\Antivirus Free Edition\gzserv.exe [x]
S2 NvContainerLocalSystem;NVIDIA LocalSystem Container;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe [x]
S2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;c:\program files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe;c:\program files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [x]
S2 NVIDIA Wireless Controller Service;NVIDIA Wireless Controller Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [x]
S3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys;c:\windows\SYSNATIVE\DRIVERS\avckf.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-12-15 00:46 1384792 ----a-w- c:\program files (x86)\Google\Chrome\Application\55.0.2883.87\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2016-07-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-06 19:35]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-06-12 6548112]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2016-10-25 1854008]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\k63582xc.default\
FF - prefs.js: browser.startup.homepage - about:home
.
.
------- Asociace souborů -------
.
inifile="%SystemRoot%\system32\NOTEPAD.EXE" %1
txtfile="%SystemRoot%\system32\NOTEPAD.EXE" %1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2017-01-30 19:51:02
ComboFix-quarantined-files.txt 2017-01-30 18:51
.
Před spuštěním: Volných bajtů: 247 525 937 152
Po spuštění: Volných bajtů: 247 489 486 848
.
- - End Of File - - 47087F315BD42E8B412191E3F61423ED
A36C5E4F47E84449FF07ED3517B43A31

Doladíme

Pokud jsi tak ještě neučinil, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:

Kód: Vybrat vše

RegLock::  
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:

Obrázek

Po aplikaci na Tebe vypadne další log, zkopíruj ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci

ComboFix 17-01-29.01 - Dominik 01.02.2017 12:03:28.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8126.6225 [GMT 1:00]
Spuštěný z: c:\users\Dominik\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Dominik\Desktop\CFScript.txt
AV: Bitdefender Antivirus Free Edition *Enabled/Updated* {3FB17364-4FCC-0FA7-6BBF-973897395371}
SP: Bitdefender Antivirus Free Edition *Enabled/Updated* {84D09280-69F6-0029-510F-AC4AECBE19CC}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2017-01-01 do 2017-02-01 )))))))))))))))))))))))))))))))
.
.
2017-02-01 11:12 . 2017-02-01 11:12 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2017-02-01 11:12 . 2017-02-01 11:12 -------- d-----w- c:\users\Default\AppData\Local\temp
2017-01-31 19:30 . 2017-01-31 19:30 -------- d-----w- C:\FreeRapid-0.9u4
2017-01-30 21:18 . 2017-01-30 21:18 -------- d-----w- c:\users\Dominik\.objectdb
2017-01-30 21:18 . 2017-01-30 21:18 -------- d-----w- c:\users\Dominik\AppData\Roaming\VitySoft
2017-01-22 19:02 . 2017-01-22 19:02 -------- d-----w- c:\program files\CPUID
2017-01-15 00:03 . 2017-01-15 22:11 -------- d-----w- C:\V-H-S (2012)
2017-01-13 22:29 . 2017-01-13 22:53 -------- d-----w- C:\Blair Witch
2017-01-09 20:01 . 2017-01-09 20:03 -------- d-----w- C:\stalkerhh
2017-01-09 19:59 . 2017-01-09 20:03 -------- d-----w- C:\stalůker
2017-01-09 13:39 . 2017-01-09 13:39 -------- d-----w- c:\program files (x86)\THQ
2017-01-08 21:18 . 2017-01-08 21:22 -------- d-----w- C:\Autumn Aurora 2.1 by Autumnal Wanderers (30.09.2015)
2017-01-08 15:01 . 2017-01-08 15:18 -------- d-----w- c:\program files (x86)\PowerISO
2017-01-08 15:01 . 2016-05-24 23:06 137280 ----a-w- c:\windows\system32\drivers\scdemu.sys
2017-01-04 13:22 . 2017-01-04 13:38 -------- d-----w- c:\program files (x86)\Common Files\BattlEye
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2017-01-30 11:18 . 2016-04-25 13:43 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2017-01-07 10:32 . 2012-07-17 12:37 24800 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2017-01-04 14:50 . 2016-10-14 15:34 214392 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2017-01-04 14:50 . 2015-09-25 15:42 214392 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2016-11-13 14:22 . 2016-11-13 16:07 389392 ----a-w- c:\windows\SysWow64\EasyAntiCheat.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-08-19 8455960]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2016-05-24 406664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Origin Web Helper Service;Origin Web Helper Service;c:\program files (x86)\Origin\OriginWebHelperService.exe;c:\program files (x86)\Origin\OriginWebHelperService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 EasyAntiCheat;EasyAntiCheat;c:\windows\system32\EasyAntiCheat.exe;c:\windows\SYSNATIVE\EasyAntiCheat.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MSICDSetup;MSICDSetup;d:\cdriver64.sys;d:\CDriver64.sys [x]
R3 NTIOLib_1_0_C;NTIOLib_1_0_C;d:\ntiolib_x64.sys;d:\NTIOLib_X64.sys [x]
R3 NvContainerNetworkService;NVIDIA NetworkService Container;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe [x]
R3 NvStreamKms;NVIDIA KMS;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bbus.sys [x]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdfl.sys [x]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys;c:\windows\SYSNATIVE\DRIVERS\avc3.sys [x]
S1 bdfwfpf;bdfwfpf;c:\program files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys;c:\program files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [x]
S1 gzflt;gzflt;c:\windows\system32\DRIVERS\gzflt.sys;c:\windows\SYSNATIVE\DRIVERS\gzflt.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 gzserv;Bitdefender Antivirus Free Edition;c:\program files\Bitdefender\Antivirus Free Edition\gzserv.exe;c:\program files\Bitdefender\Antivirus Free Edition\gzserv.exe [x]
S2 NvContainerLocalSystem;NVIDIA LocalSystem Container;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe [x]
S2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;c:\program files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe;c:\program files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [x]
S2 NVIDIA Wireless Controller Service;NVIDIA Wireless Controller Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [x]
S3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys;c:\windows\SYSNATIVE\DRIVERS\avckf.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-12-15 00:46 1384792 ----a-w- c:\program files (x86)\Google\Chrome\Application\55.0.2883.87\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2016-07-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-06 19:35]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-06-12 6548112]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2016-10-25 1854008]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\k63582xc.default\
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
Celkový čas: 2017-02-01 12:14:19
ComboFix-quarantined-files.txt 2017-02-01 11:14
ComboFix2.txt 2017-01-30 18:51
.
Před spuštěním: Volných bajtů: 242 814 517 248
Po spuštění: Volných bajtů: 242 736 046 080
.
- - End Of File - - B2AB8D3299AFEA78B9BC5EE2C58C791A
A36C5E4F47E84449FF07ED3517B43A31

Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.

Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.

Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.

Pak dej vědět jak se PC chová.

Prosím ještě o jednou zkontrolovat log jestli je vše v pořádku

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-01-2017
Ran by Dominik (administrator) on DOMINIK-PC (02-02-2017 14:00:25)
Running from C:\Users\Dominik\Downloads
Loaded Profiles: Dominik (Available Profiles: Dominik)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Power Software Ltd) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [406664 2016-05-25] (Power Software Ltd)
HKU\S-1-5-21-707951698-1732677806-592134114-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-20] (Piriform Ltd)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0AA83DC0-B66F-43FD-9DAD-56EA86565672}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-707951698-1732677806-592134114-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-707951698-1732677806-592134114-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-707951698-1732677806-592134114-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-707951698-1732677806-592134114-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-03-12] (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-03-12] (Oracle Corporation)

FireFox:
========
FF DefaultProfile: k63582xc.default
FF ProfilePath: C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\k63582xc.default [2017-02-01]
FF NewTab: Mozilla\Firefox\Profiles\k63582xc.default -> about:newtab
FF Homepage: Mozilla\Firefox\Profiles\k63582xc.default -> about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-12] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-12] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-03-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-03-12] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-10-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-10-25] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default [2017-02-02]
CHR Extension: (Prezentace Google) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-16]
CHR Extension: (Dokumenty Google) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-16]
CHR Extension: (Disk Google) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-16]
CHR Extension: (YouTube) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-16]
CHR Extension: (Tabulky Google) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-16]
CHR Extension: (AdBlock) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-01-31]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Gmail) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-16]
CHR Extension: (Chrome Media Router) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-15]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [389392 2016-11-13] (EasyAntiCheat Ltd)
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [79552 2016-03-02] (Bitdefender)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [458296 2016-10-25] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [458296 2016-10-25] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-10-25] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1165368 2016-10-25] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2121736 2017-02-01] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2183696 2017-02-01] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2016-04-02] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2016-10-14] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2016-08-12] (BitDefender)
U5 avchv; C:\Windows\System32\Drivers\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender)
R1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-07-02] (Bitdefender SRL)
R1 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (BitDefender LLC)
S3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus64.sys [261120 2005-09-23] (Pinnacle Systems GmbH) [File not signed]
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [29240 2016-10-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47672 2016-10-25] (NVIDIA Corporation)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.)
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-02-02 14:00 - 2017-02-02 14:00 - 02420736 _____ (Farbar) C:\Users\Dominik\Downloads\FRST64.exe
2017-02-02 14:00 - 2017-02-02 14:00 - 00013921 _____ C:\Users\Dominik\Downloads\FRST.txt
2017-02-02 13:59 - 2017-02-02 14:00 - 00000000 ____D C:\FRST
2017-02-02 13:51 - 2017-02-02 13:51 - 00165888 _____ C:\Users\Dominik\Downloads\T-Cleaner.exe
2017-02-01 23:26 - 2017-02-01 23:26 - 00001203 _____ C:\Users\Public\Desktop\Resident Evil 7 Biohazard.lnk
2017-02-01 23:26 - 2017-02-01 23:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Resident Evil 7 Biohazard
2017-02-01 23:15 - 2017-02-01 23:31 - 00000000 ____D C:\Program Files (x86)\Resident Evil 7 Biohazard
2017-01-31 20:30 - 2017-01-31 20:30 - 00000000 ____D C:\FreeRapid-0.9u4
2017-01-31 20:25 - 2017-01-31 20:25 - 17403694 _____ C:\Users\Dominik\Downloads\FreeRapid-0.9u4.zip
2017-01-30 22:18 - 2017-01-30 22:18 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\VitySoft
2017-01-30 22:18 - 2017-01-30 22:18 - 00000000 ____D C:\Users\Dominik\.objectdb
2017-01-30 19:25 - 2017-01-30 19:25 - 04015056 _____ C:\Users\Dominik\Downloads\adwcleaner_6.043.exe
2017-01-30 12:16 - 2017-01-30 12:16 - 00117966 _____ C:\Users\Dominik\Downloads\[SkT]Resident_Evil_7__Biohazard_(2017).torrent
2017-01-26 19:48 - 2017-01-26 19:48 - 00023930 _____ C:\Users\Dominik\Downloads\Vikings.S04E19.1080p.WEB-DL.DD5.1.H264-RARBG.srt
2017-01-24 00:24 - 2017-01-24 00:24 - 00000222 _____ C:\Users\Dominik\Desktop\Resident Evil 7 Biohazard 7 Teaser Beginning Hour.url
2017-01-22 20:02 - 2017-01-22 20:02 - 01673544 _____ ( ) C:\Users\Dominik\Downloads\cpu-z_1.78-en.exe
2017-01-22 20:02 - 2017-01-22 20:02 - 00000869 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2017-01-22 20:02 - 2017-01-22 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2017-01-22 20:02 - 2017-01-22 20:02 - 00000000 ____D C:\Program Files\CPUID
2017-01-20 01:09 - 2017-01-26 00:06 - 00000238 _____ C:\Users\Dominik\Desktop\Nový textový dokument.txt
2017-01-19 21:34 - 2017-01-19 21:34 - 00022537 _____ C:\Users\Dominik\Downloads\Vikings.S04E18.1080p.WEB-DL.DD5.1.H264-RARBG.srt
2017-01-15 01:03 - 2017-01-15 23:11 - 00000000 ____D C:\V-H-S (2012)
2017-01-13 23:29 - 2017-01-13 23:53 - 00000000 ____D C:\Blair Witch
2017-01-13 23:28 - 2017-01-13 23:28 - 00022995 _____ C:\Users\Dominik\Downloads\[CzT]Blair_Witch_2016_720pHD_.torrent
2017-01-12 16:32 - 2017-01-12 16:32 - 00029063 _____ C:\Users\Dominik\Downloads\Vikings.S04E17.720p.HDTV.x264-FLEET (+SVA).srt
2017-01-09 21:01 - 2017-01-09 21:03 - 00000000 ____D C:\stalkerhh
2017-01-09 20:59 - 2017-01-09 21:03 - 00000000 ____D C:\stalůker
2017-01-09 19:18 - 2017-01-09 19:19 - 08733953 _____ C:\Users\Dominik\Downloads\Stalker-Shadow-of-Chernobyl-Patch-a-Crack-1.0006.zip
2017-01-09 18:08 - 2017-01-09 18:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autumnal Wanderers
2017-01-09 14:51 - 2017-01-09 14:53 - 74472808 _____ (THQ ) C:\Users\Dominik\Downloads\stk-cz-10005.exe
2017-01-09 14:46 - 2017-01-09 14:47 - 58935312 _____ C:\Users\Dominik\Downloads\stalker_shadow_of_chernobyl_cz_patch_10000_10004.zip
2017-01-09 14:45 - 2017-01-09 14:45 - 12163888 _____ (THQ ) C:\Users\Dominik\Downloads\stk-ww-0-3.exe
2017-01-09 14:45 - 2017-01-09 14:45 - 08275798 _____ C:\Users\Dominik\Downloads\stalker_shadow_of_chernobyl_cz_patch_10001.zip
2017-01-09 14:45 - 2017-01-09 14:45 - 00002315 _____ C:\Users\Public\Desktop\S.T.A.L.K.E.R. - Shadow of Chernobyl.lnk
2017-01-09 14:45 - 2017-01-09 14:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ
2017-01-09 14:39 - 2017-01-09 20:19 - 00000000 ____D C:\Users\Public\Documents\STALKER-SHOC
2017-01-09 14:39 - 2017-01-09 14:39 - 00000000 ____D C:\Program Files (x86)\THQ
2017-01-09 14:34 - 2017-01-09 14:35 - 82456210 _____ C:\Users\Dominik\Downloads\S.T.A.L.K.E.R_SoC_All_Patches_1.0001-_1.0006.rar
2017-01-09 14:33 - 2017-01-09 14:33 - 08057608 _____ (THQ ) C:\Users\Dominik\Downloads\official_patch_soc-win-10005_10006.exe
2017-01-09 12:18 - 2017-01-09 12:19 - 17959538 _____ C:\Users\Dominik\Downloads\lidsky_vztah_jako_soucast_profese.pdf
2017-01-08 23:08 - 2017-01-08 23:08 - 03988944 _____ C:\Users\Dominik\Downloads\adwcleaner_6.042.exe
2017-01-08 22:28 - 2017-01-08 22:28 - 04060064 _____ (GSC Game World ) C:\Users\Dominik\Downloads\stk-multi-patch.exe
2017-01-08 22:18 - 2017-01-08 22:22 - 00000000 ____D C:\Autumn Aurora 2.1 by Autumnal Wanderers (30.09.2015)
2017-01-08 16:01 - 2017-01-08 16:18 - 00000000 ____D C:\Program Files (x86)\PowerISO
2017-01-08 16:01 - 2017-01-08 16:01 - 02977032 _____ (Power Software Ltd) C:\Users\Dominik\Downloads\PowerISO6.exe
2017-01-08 16:01 - 2017-01-08 16:01 - 00001007 _____ C:\Users\Public\Desktop\PowerISO.lnk
2017-01-08 16:01 - 2017-01-08 16:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2017-01-08 16:01 - 2016-05-25 00:06 - 00137280 _____ (Power Software Ltd) C:\Windows\system32\Drivers\scdemu.sys
2017-01-07 21:42 - 2017-01-09 14:57 - 00000000 ____D C:\Users\Dominik\Downloads\StalkerSoCH[CZ]
2017-01-07 20:45 - 2017-01-08 22:13 - 1669478745 _____ C:\Users\Dominik\Downloads\Autumn_Aurora_2.1_by_Autumnal_Wanderers_30.09.2015.7z
2017-01-05 16:51 - 2017-01-05 16:51 - 00020150 _____ C:\Users\Dominik\Downloads\Vikings.S04E16.PROPER.720p.HDTV.x264-FLEET.srt
2017-01-05 16:51 - 2017-01-05 16:51 - 00020150 _____ C:\Users\Dominik\Downloads\Vikings.S04E16.PROPER.720p.HDTV.x264-FLEET (1).srt
2017-01-04 18:05 - 2017-01-04 18:05 - 00007975 _____ C:\Users\Dominik\Downloads\Potvrzení-o-absolvované-exkurzi (2).odt
2017-01-04 17:54 - 2017-01-04 17:54 - 00007975 _____ C:\Users\Dominik\Downloads\Potvrzení-o-absolvované-exkurzi (1).odt
2017-01-04 14:16 - 2017-01-04 14:38 - 00000000 ____D C:\Users\Dominik\Documents\Survarium-Steam
2017-01-03 18:00 - 2017-01-03 18:17 - 587467523 _____ C:\Users\Dominik\Downloads\Darkest Hour Ultimate Age of Empires.rar

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-02-02 13:52 - 2015-09-15 15:22 - 00000000 ____D C:\Users\Dominik
2017-02-02 13:50 - 2016-08-04 19:40 - 00000000 ____D C:\Users\Dominik\AppData\Local\CrashDumps
2017-02-02 10:53 - 2009-07-14 05:45 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-02-02 10:53 - 2009-07-14 05:45 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-02-02 10:38 - 2015-10-29 18:45 - 00000000 ____D C:\ProgramData\NVIDIA
2017-02-02 10:38 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-02 01:22 - 2015-09-25 14:37 - 00000000 ____D C:\ProgramData\Origin
2017-02-02 01:21 - 2015-09-25 14:39 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Origin
2017-02-01 23:36 - 2015-11-13 14:41 - 00000000 ____D C:\Fraps
2017-02-01 20:05 - 2016-11-19 13:32 - 00000000 ____D C:\Users\Dominik\AppData\LocalLow\Mozilla
2017-02-01 19:33 - 2016-10-14 16:34 - 00214392 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2017-02-01 19:33 - 2015-09-25 16:42 - 00214392 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2017-02-01 19:15 - 2015-10-12 18:19 - 00348360 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2017-02-01 19:07 - 2015-09-25 14:37 - 00000000 ____D C:\Program Files (x86)\Origin
2017-02-01 12:12 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2017-01-31 00:13 - 2015-09-18 17:24 - 00000000 ____D C:\Program Files (x86)\Steam
2017-01-30 12:18 - 2016-04-25 14:43 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-01-30 12:17 - 2016-10-16 15:02 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\uTorrent
2017-01-30 12:07 - 2016-11-07 08:39 - 00000000 ____D C:\Users\Dominik\Documents\FRST-OlderVersion
2017-01-29 10:01 - 2016-11-18 11:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-29 10:01 - 2015-09-27 21:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-26 23:00 - 2015-09-19 19:01 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\vlc
2017-01-24 19:54 - 2015-09-27 19:38 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2017-01-24 07:21 - 2009-07-14 06:08 - 00032618 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-01-24 00:16 - 2015-09-18 17:25 - 00000000 ____D C:\Users\Dominik\AppData\Local\Steam
2017-01-22 12:09 - 2016-08-31 13:08 - 00000000 ____D C:\Users\Dominik\AppData\Local\ElevatedDiagnostics
2017-01-19 17:43 - 2015-09-27 12:49 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-19 01:05 - 2016-03-28 18:08 - 00000000 ____D C:\Users\Dominik\Documents\TopStyle 5
2017-01-12 14:37 - 2015-11-19 21:53 - 00000000 ____D C:\Darkest Hour
2017-01-10 13:43 - 2015-09-27 12:50 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-01-04 00:51 - 2015-09-15 21:08 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Skype

==================== Files in the root of some directories =======

2016-09-04 21:01 - 2016-09-04 21:07 - 0000000 _____ () C:\Program Files (x86)\ToDownloadBase.db
2016-02-23 17:32 - 2016-02-23 17:32 - 0000913 _____ () C:\Users\Dominik\AppData\Local\recently-used.xbel
2015-10-21 19:28 - 2016-09-28 09:12 - 0007602 _____ () C:\Users\Dominik\AppData\Local\Resmon.ResmonCfg
2016-10-14 16:37 - 2016-10-14 16:37 - 0000000 ___SH () C:\ProgramData\.rdata

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-01-23 09:57

==================== End of FRST.txt ============================

Jinak po vymazaní se PC chová dobře

Nic špatného tam již nevidím

Děkuji za pomoc

a přeji hezký den

predatorx21 píše:Děkuji za pomoc a přeji hezký den

Není zač a

VIRY.CZ

Prosím o Kontrolu

Prosím o Kontrolu

Re: Prosím o Kontrolu

Re: Prosím o Kontrolu

Re: Prosím o Kontrolu

Re: Prosím o Kontrolu

Re: Prosím o Kontrolu

Re: Prosím o Kontrolu

Re: Prosím o Kontrolu

Re: Prosím o Kontrolu

Re: Prosím o Kontrolu