VIRY.CZ

Dobrý den,před pár dny sem zde psal příspěvěk.. bohužel se stav pc nezměnil.. internet je hodně zpomalený a celkově pc pomalu běží.. Děkuji za pomoc

Zdravím!
Dejte log FRST: https://forum.viry.cz/viewtopic.php?f=13&t=152707 .

can result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12.02.2018
Ran by preda (administrator) on DESKTOP-N626K5C (15-02-2018 18:32:56)
Running from C:\Users\preda\Desktop
Loaded Profiles: preda (Available Profiles: preda)
Platform: Windows 10 Home Version 1709 16299.192 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1712.3351.0_x64__8wekyb3d8bbwe\Calculator.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.15711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9217024 2017-04-13] (Realtek Semiconductor)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [454792 2016-05-25] (Power Software Ltd)
HKU\S-1-5-21-1388702623-1948067699-396894549-1001\...\Run: [Steam] => D:\Hry\steam.exe [3111712 2017-12-15] (Valve Corporation)
HKU\S-1-5-21-1388702623-1948067699-396894549-1001\...\MountPoints2: F - "F:\setup.exe"

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{89effe7f-5457-4791-8dad-95c82336e048}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: ilsuffxb.default-1517763698524
FF ProfilePath: C:\Users\preda\AppData\Roaming\Mozilla\Firefox\Profiles\ilsuffxb.default-1517763698524 [2018-02-08]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-02-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-02-14] (Google Inc.)

Chrome:
=======
CHR Profile: C:\Users\preda\AppData\Local\Google\Chrome\User Data\Default [2018-02-15]
CHR Extension: (Prezentace) - C:\Users\preda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-14]
CHR Extension: (Dokumenty) - C:\Users\preda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-14]
CHR Extension: (Disk Google) - C:\Users\preda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-02-14]
CHR Extension: (YouTube) - C:\Users\preda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-14]
CHR Extension: (Tabulky) - C:\Users\preda\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\preda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-02-15]
CHR Extension: (AdBlock) - C:\Users\preda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-02-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\preda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-02-14]
CHR Extension: (Gmail) - C:\Users\preda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-02-14]
CHR Extension: (Chrome Media Router) - C:\Users\preda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-14]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335360 2016-03-18] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-18] (Intel Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-05-26] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519992 2018-01-10] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519992 2018-01-10] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2123104 2017-11-20] (Electronic Arts)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\NisSrv.exe [356168 2018-01-19] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MsMpEng.exe [105792 2018-01-19] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253880 2018-02-08] (Malwarebytes)
R1 MpKsld6ee0963; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{949B7793-8699-433F-B4DB-7BE82D47A865}\MpKsld6ee0963.sys [58120 2018-02-14] (Microsoft Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f936d37e592b25aa\nvlddmkm.sys [16936048 2017-10-28] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31024 2018-01-10] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [59240 2017-12-15] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [58680 2018-01-10] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [947712 2017-01-17] (Realtek )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-01-19] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [288848 2018-01-19] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2018-01-19] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-15 18:32 - 2018-02-15 18:33 - 000011543 _____ C:\Users\preda\Desktop\FRST.txt
2018-02-14 22:33 - 2018-02-14 22:33 - 000002373 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-14 22:33 - 2018-02-14 22:33 - 000002332 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-02-14 22:32 - 2018-02-14 22:32 - 001129816 _____ (Google Inc.) C:\Users\preda\Downloads\ChromeSetup (3).exe
2018-02-14 22:32 - 2018-02-14 22:32 - 000003470 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-02-14 22:32 - 2018-02-14 22:32 - 000003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-02-14 22:30 - 2018-02-14 22:30 - 001129816 _____ (Google Inc.) C:\Users\preda\Downloads\ChromeSetup (2).exe
2018-02-10 19:30 - 2018-02-10 19:01 - 000038697 _____ C:\Users\preda\Downloads\Knightfall S01E07.srt
2018-02-08 18:05 - 2018-02-15 02:11 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-02-08 18:03 - 2018-02-15 18:32 - 002405376 _____ (Farbar) C:\Users\preda\Desktop\FRST64.exe
2018-02-08 18:03 - 2018-02-15 18:32 - 000000000 ____D C:\Users\preda\Desktop\FRST-OlderVersion
2018-02-08 18:03 - 2018-02-08 18:03 - 000029696 _____ C:\Users\preda\AppData\Local\MSGBOX.EXE
2018-02-08 18:03 - 2018-02-08 18:03 - 000015327 _____ C:\Users\preda\Desktop\LM.bat
2018-02-08 16:14 - 2018-02-08 16:13 - 008206624 _____ (Malwarebytes) C:\Users\preda\Desktop\adwcleaner_7.0.7.0 (1).exe
2018-02-08 15:31 - 2018-02-15 18:32 - 000000000 ____D C:\FRST
2018-02-01 00:35 - 2018-02-15 04:33 - 000000403 _____ C:\Users\preda\Desktop\DDLC.txt
2018-01-30 02:04 - 2018-01-30 02:04 - 000000000 ____D C:\Users\preda\Desktop\Nová složka
2018-01-27 21:49 - 2018-01-27 21:49 - 000000560 _____ C:\Users\Public\Desktop\Fraps.lnk
2018-01-27 21:49 - 2018-01-27 21:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2018-01-27 21:42 - 2018-01-27 21:46 - 000000000 ____D C:\Users\preda\AppData\Roaming\obs-studio
2018-01-27 21:41 - 2018-01-27 21:41 - 000001275 _____ C:\Users\Public\Desktop\OBS Studio.lnk
2018-01-27 21:41 - 2018-01-27 21:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2018-01-27 21:41 - 2018-01-27 21:41 - 000000000 ____D C:\Program Files (x86)\obs-studio
2018-01-27 01:55 - 2018-01-27 01:55 - 000000000 ____D C:\Users\preda\AppData\Roaming\RenPy
2018-01-23 14:08 - 2018-02-08 18:05 - 000253880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-01-23 14:08 - 2018-01-23 14:08 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-01-23 14:08 - 2018-01-23 14:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-01-23 14:08 - 2018-01-23 14:08 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-01-23 14:08 - 2017-11-29 09:11 - 000077432 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2018-01-22 21:42 - 2018-01-22 21:42 - 000000000 ____D C:\Users\preda\AppData\LocalLow\Verdun
2018-01-22 19:34 - 2018-01-22 19:34 - 000000200 _____ C:\Users\preda\Desktop\Tannenberg.url
2018-01-22 12:44 - 2018-01-22 12:44 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2018-01-22 12:44 - 2018-01-22 12:44 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2018-01-22 12:42 - 2018-02-08 18:05 - 000000000 ____D C:\ProgramData\AVAST Software
2018-01-22 00:29 - 2018-01-22 00:29 - 000007601 _____ C:\Users\preda\AppData\Local\Resmon.ResmonCfg
2018-01-21 22:40 - 2018-01-21 22:40 - 000311256 _____ (Mozilla) C:\Users\preda\Downloads\Firefox Installer (1).exe
2018-01-20 20:04 - 2018-01-20 20:04 - 001129816 _____ (Google Inc.) C:\Users\preda\Downloads\ChromeSetup (1).exe
2018-01-16 22:19 - 2018-01-16 22:19 - 000000000 ____D C:\Users\preda\Documents\Paradox Interactive
2018-01-16 20:02 - 2018-01-16 20:02 - 000000200 _____ C:\Users\preda\Desktop\Hearts of Iron IV.url
2018-01-16 19:41 - 2018-01-16 19:41 - 000000205 _____ C:\Users\preda\Desktop\Watch_Dogs.url
2018-01-16 19:41 - 2018-01-16 19:41 - 000000205 _____ C:\Users\preda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Watch_Dogs.url

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-15 13:18 - 2017-06-12 16:28 - 000000000 ____D C:\ProgramData\NVIDIA
2018-02-15 02:12 - 2017-12-21 11:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-02-14 22:48 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-02-14 22:45 - 2017-12-01 20:18 - 000000000 ____D C:\Users\preda\AppData\Roaming\vlc
2018-02-14 22:33 - 2017-11-14 01:22 - 000000000 ____D C:\Users\preda\AppData\Local\Google
2018-02-14 22:33 - 2017-11-14 01:22 - 000000000 ____D C:\Program Files (x86)\Google
2018-02-14 21:06 - 2017-12-06 22:47 - 000000000 ____D C:\Users\preda\AppData\Roaming\dvdcss
2018-02-14 18:58 - 2017-11-14 03:43 - 130067560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-02-14 18:58 - 2017-11-14 03:43 - 130067560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-02-14 18:58 - 2017-11-14 03:43 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-02-14 18:57 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-02-14 11:32 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-14 11:32 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-02-12 02:16 - 2017-12-18 23:02 - 000000832 _____ C:\Nový textový dokument.txt
2018-02-11 11:59 - 2017-11-14 14:59 - 000000000 ____D C:\Users\preda\AppData\Roaming\uTorrent
2018-02-08 18:12 - 2017-12-21 12:01 - 002144746 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-08 18:12 - 2017-09-30 15:31 - 000949192 _____ C:\WINDOWS\system32\perfh005.dat
2018-02-08 18:12 - 2017-09-30 15:31 - 000213952 _____ C:\WINDOWS\system32\perfc005.dat
2018-02-08 18:05 - 2017-12-21 11:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-02-08 18:05 - 2017-06-12 16:28 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-02-08 18:04 - 2017-09-29 09:45 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2018-02-08 16:15 - 2018-01-10 21:13 - 000000000 ____D C:\AdwCleaner
2018-02-06 09:51 - 2018-01-11 00:41 - 000004666 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-02-06 09:51 - 2018-01-11 00:41 - 000004506 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2018-02-06 09:51 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-02-06 09:51 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-02-06 03:49 - 2017-09-29 14:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-02-06 03:49 - 2017-09-29 14:49 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-02-04 18:02 - 2018-01-10 21:08 - 000000000 ____D C:\Users\preda\AppData\LocalLow\Mozilla
2018-02-01 05:59 - 2017-12-21 11:55 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1388702623-1948067699-396894549-1001
2018-02-01 05:59 - 2017-11-14 01:20 - 000002387 _____ C:\Users\preda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-02-01 05:59 - 2017-11-14 01:20 - 000000000 ___RD C:\Users\preda\OneDrive
2018-01-28 20:50 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2018-01-27 21:47 - 2017-12-21 11:55 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-01-27 21:47 - 2017-12-21 11:55 - 000004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-01-27 21:47 - 2017-12-21 11:55 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-01-27 21:47 - 2017-12-21 11:55 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-01-27 21:47 - 2017-12-21 11:55 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-01-27 21:47 - 2017-12-21 11:55 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-01-27 21:47 - 2017-12-21 11:55 - 000003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-01-27 21:47 - 2017-12-21 11:55 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-01-27 21:47 - 2017-06-12 16:28 - 000001485 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2018-01-27 21:47 - 2017-06-12 16:28 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-01-27 21:47 - 2017-06-12 16:25 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-01-24 15:28 - 2017-11-14 03:23 - 000548000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-01-22 23:21 - 2017-12-09 23:15 - 000000000 ____D C:\Users\preda\AppData\Local\Ubisoft Game Launcher
2018-01-22 22:51 - 2017-11-14 07:12 - 000000000 ____D C:\Users\preda\Documents\my games
2018-01-22 21:42 - 2017-06-12 16:24 - 000000000 ____D C:\ProgramData\Package Cache
2018-01-22 19:34 - 2017-11-14 02:28 - 000000000 ____D C:\Users\preda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2018-01-18 20:28 - 2017-12-12 20:29 - 000000000 ____D C:\Users\preda\AppData\Local\ElevatedDiagnostics

==================== Files in the root of some directories =======

2018-02-08 18:03 - 2018-02-08 18:03 - 000029696 _____ () C:\Users\preda\AppData\Local\MSGBOX.EXE
2018-01-22 00:29 - 2018-01-22 00:29 - 000007601 _____ () C:\Users\preda\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-02-10 13:28

==================== End of FRST.txt ============================

Teď spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

# Updated on 2018/08/02 by Malwarebytes
# Database: 02-15-2018.2
# Running on Windows 10 Home (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [1199 B] - [2018/1/22 12:24:7]
C:/AdwCleaner/AdwCleaner[S0].txt - [945 B] - [2018/1/10 20:13:50]
C:/AdwCleaner/AdwCleaner[S1].txt - [1012 B] - [2018/1/22 12:23:40]
C:/AdwCleaner/AdwCleaner[S2].txt - [1147 B] - [2018/2/8 15:15:15]


########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt ##########

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKU\S-1-5-21-1388702623-1948067699-396894549-1001\...\MountPoints2: F - "F:\setup.exe"
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 12.02.2018
Ran by preda (16-02-2018 14:37:43) Run:2
Running from C:\Users\preda\Desktop
Loaded Profiles: preda (Available Profiles: preda)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-1388702623-1948067699-396894549-1001\...\MountPoints2: F - "F:\setup.exe"
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End
*****************

Processes closed successfully.
"HKU\S-1-5-21-1388702623-1948067699-396894549-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11977391 B
Java, Flash, Steam htmlcache => 25122968 B
Windows/system/drivers => 144204 B
Edge => 162982663 B
Chrome => 826836700 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 38002 B
preda => 24775302 B

RecycleBin => 64397 B
EmptyTemp: => 1010.7 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 14:38:00 ====

Smazáno. Nastala nějaká změna?

Bohužel jenom mírné zlepšení.

Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

Dobrý den,omlouvám se za dlouho dobou nečinnost,pc jelo v pořádku až doteď... začali mi blbnout videa na youtube - buď se nepřehrajou a vyhodí hlášku - došlo k chybě,zkuste to prosím později.. nebo když sem přihlášený na svém účtě a spustím video z hlavní stránky a pak chci pustit jiné video tak se mi pouští pořád to samé..

alwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 07.03.18
Čas skenování: 16:02
Logovací soubor: 801c6f20-2218-11e8-9311-309c2309f422.json
Správce: Ano

-Informace o softwaru-
Verze: 3.3.1.2183
Verze komponentů: 1.0.262
Aktualizovat verzi balíku komponent: 1.0.4246
Licence: Vypršelo

-Systémová informace-
OS: Windows 10 (Build 16299.248)
CPU: x64
Systém souborů: NTFS
Uživatel: DESKTOP-N626K5C\preda

-Shrnutí skenování-
Typ skenování: Vlastní skenování
Výsledek: Dokončeno
Skenované objekty: 388359
Zjištěné hrozby: 0
(Nebyly zjištěny žádné škodlivé položky)
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 10 min, 54 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

PC je čisté, malware problém nezpůsobuje. Zkuste defragmentovat disk.

Zkusím ono mi ten youtube blbne docela často.. ale teď je to celkem markantní..

OK.