vyskakovacie reklamy google chrome - log FRST

Zpráva

suggii · #1 Příspěvek od **suggii** » 11 led 2017 20:40

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-01-2017
Ran by naysl (administrator) on HP (11-01-2017 20:36:07)
Running from C:\Users\naysl\Downloads
Loaded Profiles: naysl (Available Profiles: naysl)
Platform: Windows 8.1 (Update) (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
() C:\Program Files\AVAST Software\SecureLine\vpnsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Wargaming.net) C:\Games\World_of_Tanks\WargamingGameUpdater.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(CyberLink Corp.) C:\Program Files (x86)\Cyberlink\YouCam\YouCamService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AVAST Software) C:\Program Files\AVAST Software\SecureLine\secureline.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8458968 2015-03-05] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2871464 2015-03-03] (Synaptics Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [654088 2015-02-17] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-02-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software)
HKU\S-1-5-21-423610472-1875975942-2123973730-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27219928 2016-11-15] (Skype Technologies S.A.)
HKU\S-1-5-21-423610472-1875975942-2123973730-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1407912 2016-11-29] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-423610472-1875975942-2123973730-1001\...\Run: [World of Tanks] => C:\Games\World_of_Tanks\WargamingGameUpdater.exe [3135752 2016-11-18] (Wargaming.net)
HKU\S-1-5-21-423610472-1875975942-2123973730-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-423610472-1875975942-2123973730-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7943072 2017-01-05] (SUPERAntiSpyware)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1407912 2016-11-29] (Garmin Ltd. or its subsidiaries)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-08-31] (AVAST Software)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{F58B07BC-1AFE-40E4-9319-923E86B4D704}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=i ... ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=i ... ar=msnhome
HKU\S-1-5-21-423610472-1875975942-2123973730-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=i ... ar=msnhome
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {F42BC05D-BA17-4612-AE6A-6ADF513F2C95} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-423610472-1875975942-2123973730-1001 -> {F42BC05D-BA17-4612-AE6A-6ADF513F2C95} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-25] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (HP Inc.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-25] (AVAST Software)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-12-17] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-08]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-08]
FF HKLM-x32\...\Firefox\Extensions: [firefox@bho.com] - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt
FF Extension: (HP SimplePass) - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt [2015-06-10] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)

Chrome:
=======
CHR DefaultSearchURL: Default -> hxxp://goooglesearch.net/KYv88S?sub_id_1={searchTerms}
CHR Profile: C:\Users\naysl\AppData\Local\Google\Chrome\User Data\Default [2017-01-11]
CHR Extension: (Dokumenty Google) - C:\Users\naysl\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-20]
CHR Extension: (Disk Google) - C:\Users\naysl\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-20]
CHR Extension: (YouTube) - C:\Users\naysl\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-20]
CHR Extension: (Tabuľky Google) - C:\Users\naysl\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-20]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\naysl\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-20]
CHR Extension: (Google) - C:\Users\naysl\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmebbdllkpchdejpkmnndlofncfajfbg [2016-11-04]
CHR Extension: (Avast Online Security) - C:\Users\naysl\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-12-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\naysl\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-20]
CHR Extension: (Gmail) - C:\Users\naysl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-20]
CHR Extension: (Chrome Media Router) - C:\Users\naysl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-16]
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-08-31] (AVAST Software)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2013-11-13] (Broadcom Corporation.)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1037568 2014-12-23] (Intel Corporation)
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1029648 2016-11-29] (Garmin Ltd. or its subsidiaries)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [608520 2015-02-17] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18584 2014-10-09] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344168 2015-04-03] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [132896 2014-10-10] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-04-09] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-10-10] (Intel Corporation)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [103424 2015-01-30] (Softex Inc.) [File not signed]
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [293080 2015-03-05] (Realtek Semiconductor)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [592392 2016-06-19] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [220840 2015-03-03] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [62152 2015-03-20] (Advanced Micro Devices, Inc.)
R3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-08-31] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-08-31] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-08-31] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-08-31] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-08-31] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-09-14] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-09-23] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-08-31] (AVAST Software)
S3 aswTap; C:\Windows\system32\DRIVERS\aswTap.sys [44640 2016-06-20] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-13] (AVAST Software)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-11-13] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7533784 2015-06-10] (Broadcom Corporation)
S3 BtwSerialBus; C:\Windows\System32\drivers\BtwSerialBus.sys [153304 2014-04-23] (Broadcom Corporation.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [38720 2014-12-23] (Intel Corporation)
R3 dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [38208 2014-12-23] (Intel Corporation)
R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [216360 2014-12-23] (Intel Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-10-10] (Intel Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [33448 2015-03-03] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33448 2015-03-03] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30384 2015-06-23] (HP Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-11 20:36 - 2017-01-11 20:36 - 00021587 _____ C:\Users\naysl\Downloads\FRST.txt
2017-01-11 20:34 - 2017-01-11 20:36 - 00000000 ____D C:\FRST
2017-01-11 20:29 - 2017-01-11 20:29 - 02419200 _____ (Farbar) C:\Users\naysl\Downloads\FRST64.exe
2017-01-11 20:12 - 2017-01-11 20:12 - 00000000 ____D C:\Windows\LastGood
2017-01-11 16:55 - 2017-01-11 20:13 - 00000000 ____D C:\ProgramData\RogueKiller
2017-01-11 16:55 - 2017-01-11 16:55 - 00028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2017-01-11 16:26 - 2017-01-11 16:26 - 25924168 _____ C:\Users\naysl\Downloads\RogueKillerX64.exe
2017-01-11 16:19 - 2017-01-11 16:49 - 00000516 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d7a03d09-3d75-4834-87b1-09485b249f93.job
2017-01-11 16:19 - 2017-01-11 16:49 - 00000516 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 4f1c94bd-b6fd-4b3f-a5fa-6679d28229bb.job
2017-01-11 16:19 - 2017-01-11 16:19 - 00003558 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 4f1c94bd-b6fd-4b3f-a5fa-6679d28229bb
2017-01-11 16:19 - 2017-01-11 16:19 - 00003476 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task d7a03d09-3d75-4834-87b1-09485b249f93
2017-01-11 16:19 - 2017-01-11 16:19 - 00001827 _____ C:\Users\naysl\Desktop\SUPERAntiSpyware Free Edition.lnk
2017-01-11 16:19 - 2017-01-11 16:19 - 00000000 ____D C:\Users\naysl\AppData\Roaming\SUPERAntiSpyware.com
2017-01-11 16:19 - 2017-01-11 16:19 - 00000000 ____D C:\Users\naysl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2017-01-11 16:19 - 2017-01-11 16:19 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2017-01-11 16:19 - 2017-01-11 16:19 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2017-01-11 16:18 - 2017-01-11 16:19 - 28885352 _____ (SUPERAntiSpyware) C:\Users\naysl\Downloads\SUPERAntiSpyware.exe
2017-01-11 16:14 - 2017-01-11 16:21 - 00000216 _____ C:\Windows\wininit.ini
2017-01-11 15:28 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2017-01-11 15:16 - 2017-01-11 16:48 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-01-11 15:16 - 2017-01-11 16:21 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-01-11 15:16 - 2017-01-11 15:16 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2017-01-11 15:15 - 2017-01-11 15:16 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\naysl\Downloads\spybot-2.4.exe
2017-01-11 15:14 - 2017-01-11 15:15 - 00000000 ____D C:\AdwCleaner
2017-01-11 15:14 - 2017-01-11 15:14 - 03988944 _____ C:\Users\naysl\Downloads\AdwCleaner.exe
2017-01-11 15:05 - 2017-01-11 15:05 - 05659315 _____ (Swearware) C:\Users\naysl\Downloads\ComboFix.exe
2017-01-07 22:19 - 2017-01-07 22:19 - 00000000 ____D C:\Users\naysl\AppData\Roaming\ATI
2017-01-07 22:19 - 2017-01-07 22:19 - 00000000 ____D C:\Users\naysl\AppData\Local\ATI
2017-01-07 22:19 - 2017-01-07 22:19 - 00000000 ____D C:\ProgramData\ATI
2016-12-16 18:24 - 2016-12-16 18:24 - 823986518 _____ C:\Windows\MEMORY.DMP
2016-12-16 18:24 - 2016-12-16 18:24 - 00000000 ____D C:\Windows\Minidump
2016-12-13 20:36 - 2016-12-01 15:13 - 00869576 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2016-12-13 20:36 - 2016-12-01 15:13 - 00678592 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2016-12-13 20:36 - 2016-12-01 15:11 - 00875720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2016-12-13 20:36 - 2016-12-01 15:11 - 00536768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2016-12-13 20:36 - 2016-10-20 14:14 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2016-12-13 20:36 - 2016-10-20 14:10 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2016-12-13 20:16 - 2016-10-05 15:00 - 00868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2016-12-13 20:16 - 2016-10-05 15:00 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll
2016-12-13 20:16 - 2015-10-22 16:58 - 00200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll
2016-12-13 20:15 - 2016-11-19 22:24 - 00567152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-12-13 20:15 - 2016-11-19 22:24 - 00152856 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2016-12-13 20:15 - 2016-11-19 20:29 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-12-13 20:15 - 2016-11-19 19:44 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-12-13 20:15 - 2016-11-19 18:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-12-13 20:15 - 2016-11-19 18:22 - 00111104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2016-12-13 20:15 - 2016-11-16 22:49 - 00377176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2016-12-13 20:15 - 2016-11-12 22:06 - 00738104 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-12-13 20:15 - 2016-11-12 20:38 - 00613632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-12-13 20:15 - 2016-11-12 20:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-12-13 20:15 - 2016-11-12 20:08 - 25759744 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-12-13 20:15 - 2016-11-12 20:07 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-12-13 20:15 - 2016-11-12 19:53 - 06049280 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-12-13 20:15 - 2016-11-12 19:29 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-12-13 20:15 - 2016-11-12 19:23 - 01033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-12-13 20:15 - 2016-11-12 19:17 - 20302848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-12-13 20:15 - 2016-11-12 19:14 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-12-13 20:15 - 2016-11-12 19:10 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-12-13 20:15 - 2016-11-12 18:45 - 00880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-12-13 20:15 - 2016-11-12 18:41 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-12-13 20:15 - 2016-11-12 18:38 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-12-13 20:15 - 2016-11-12 18:37 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-12-13 20:15 - 2016-11-12 18:35 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-12-13 20:15 - 2016-11-12 18:21 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-12-13 20:15 - 2016-11-12 18:20 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-12-13 20:15 - 2016-11-12 18:11 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-12-13 20:15 - 2016-11-12 18:05 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-12-13 20:15 - 2016-11-12 18:02 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-12-13 20:15 - 2016-11-12 18:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-12-13 20:15 - 2016-11-11 03:33 - 01541240 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-12-13 20:15 - 2016-11-09 18:25 - 01376768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-12-13 20:15 - 2016-11-05 21:46 - 00422744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2016-12-13 20:15 - 2016-11-05 19:35 - 04169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-12-13 20:15 - 2016-11-05 18:57 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-12-13 20:15 - 2016-11-05 18:11 - 03606528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-12-13 20:15 - 2016-11-05 16:56 - 02778624 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-12-13 20:15 - 2016-11-05 16:46 - 02463744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-12-13 20:15 - 2016-10-28 03:56 - 01380048 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-12-13 20:15 - 2016-10-27 15:28 - 01097728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-12-13 20:15 - 2016-10-12 22:49 - 00379224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2016-12-13 20:15 - 2016-10-12 22:11 - 00922968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2016-12-13 20:15 - 2016-10-11 17:45 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
2016-12-13 20:15 - 2016-10-11 00:31 - 00990040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2016-12-13 20:15 - 2016-10-10 19:18 - 00069976 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-12-13 20:15 - 2016-10-10 19:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cmimcext.sys
2016-12-13 20:15 - 2016-10-09 15:17 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\ActionQueue.dll
2016-12-13 20:15 - 2016-10-09 15:08 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll
2016-12-13 20:15 - 2016-10-09 15:08 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shsetup.dll
2016-12-13 20:15 - 2016-10-08 23:24 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2016-12-13 20:15 - 2016-10-08 22:31 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2016-12-13 20:15 - 2016-10-08 22:10 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-12-13 20:15 - 2016-10-05 15:01 - 01200128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2016-12-13 20:15 - 2016-10-05 14:52 - 00513456 _____ C:\Windows\SysWOW64\locale.nls
2016-12-13 20:15 - 2016-10-05 14:52 - 00513456 _____ C:\Windows\system32\locale.nls
2016-12-13 20:15 - 2016-10-05 05:15 - 01969944 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-12-13 20:15 - 2016-10-05 05:15 - 01613528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-12-13 20:15 - 2016-10-05 05:15 - 00324896 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-12-13 20:15 - 2016-10-05 05:15 - 00245320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-12-13 20:15 - 2016-09-27 21:16 - 00445873 _____ C:\Windows\system32\ApnDatabase.xml
2016-12-13 20:15 - 2016-09-20 23:30 - 02462040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-11 20:12 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2017-01-11 20:08 - 2016-06-05 15:03 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-423610472-1875975942-2123973730-1001
2017-01-11 20:02 - 2016-08-17 18:35 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-11 20:01 - 2016-06-24 14:39 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-01-11 17:51 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2017-01-11 16:56 - 2016-06-20 08:42 - 00012036 _____ C:\IFRToolLog.txt
2017-01-11 16:54 - 2016-06-20 08:57 - 00000000 ____D C:\Users\naysl\AppData\Roaming\Skype
2017-01-11 16:54 - 2016-06-05 15:01 - 00000000 ____D C:\Users\naysl\Documents\Youcam
2017-01-11 16:51 - 2016-06-19 21:50 - 00000000 ____D C:\Users\naysl\OneDrive
2017-01-11 16:51 - 2016-06-05 14:57 - 00000000 __SHD C:\Users\naysl\IntelGraphicsProfiles
2017-01-11 16:49 - 2016-06-20 21:14 - 00000338 _____ C:\Windows\Tasks\HPCeeScheduleFornaysl.job
2017-01-11 16:49 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-11 16:48 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-01-11 15:28 - 2016-06-20 08:41 - 00000000 ____D C:\Program Files\Common Files\AV
2017-01-11 15:00 - 2016-07-03 19:27 - 00000000 ____D C:\Windows\system32\MRT
2017-01-11 15:00 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2017-01-11 14:02 - 2016-07-03 19:27 - 135657872 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-01-09 10:03 - 2016-06-20 21:14 - 00003152 _____ C:\Windows\System32\Tasks\HPCeeScheduleFornaysl
2016-12-28 16:08 - 2016-06-21 13:25 - 00000000 ____D C:\Users\naysl\Desktop\fotky
2016-12-24 12:15 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\catroot2
2016-12-24 08:52 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2016-12-22 23:42 - 2016-11-13 09:45 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-12-22 23:42 - 2016-11-13 09:45 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-16 23:35 - 2016-06-05 14:57 - 00000000 ____D C:\Users\naysl
2016-12-16 22:30 - 2016-06-20 08:38 - 00003368 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-16 22:30 - 2016-06-20 08:38 - 00003240 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-16 20:15 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2016-12-16 19:58 - 2013-08-22 16:36 - 00000000 __RSD C:\Windows\assembly
2016-12-16 18:23 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\LiveKernelReports
2016-12-16 00:03 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-12-15 19:31 - 2016-06-20 08:39 - 00002234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-15 19:31 - 2016-06-20 08:39 - 00002222 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-14 19:45 - 2013-08-22 15:44 - 00492000 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-13 22:09 - 2014-12-10 05:45 - 00524288 ___SH C:\Windows\system32\config\DRIVERS{e1793794-0b3d-11e3-9dfe-80de722c933b}.TMContainer00000000000000000001.regtrans-ms
2016-12-13 22:09 - 2014-12-10 05:45 - 00065536 ___SH C:\Windows\system32\config\DRIVERS{e1793794-0b3d-11e3-9dfe-80de722c933b}.TM.blf
2016-12-13 22:07 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\sk-SK
2016-12-13 22:07 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\sk-SK
2016-12-13 22:07 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\system32\wbem
2016-12-13 22:07 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\system32\oobe

Some files in TEMP:
====================
C:\Users\naysl\AppData\Local\Temp\dllnt_dump.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-01-10 22:44

==================== End of FRST.txt ============================

#2 Příspěvek od **Rudy** » 11 led 2017 21:10

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

suggii · #3 Příspěvek od **suggii** » 12 led 2017 00:28

# AdwCleaner v6.042 - *Logfile created 12/01/2017 *at 00:27:22
# *Updated on 06/01/2017 by Malwarebytes
# *Database : 2017-01-11.1 [*Local]
# *Operating System : Windows 8.1 (X64)
# *Username : naysl - HP
# *Running from : C:\Users\naysl\Downloads\adwcleaner_6.042.exe
# *Mode: Scan
# *Support : https://www.malwarebytes.com/support

***** [ *Services ] *****

*No malicious services found.

***** [ *Folders ] *****

*No malicious folders found.

***** [ *Files ] *****

*No malicious files found.

***** [ DLL ] *****

*No malicious DLLs found.

***** [ WMI ] *****

*No malicious keys found.

***** [ *Shortcuts ] *****

*No infected shortcut found.

***** [ *Scheduled tasks ] *****

*No malicious task found.

***** [ *Registry ] *****

*No malicious registry entries found.

***** [ *Web browsers ] *****

*No malicious Firefox based browser items found.
*No malicious Chromium based browser items found.

*************************

C:\AdwCleaner\AdwCleaner[S0].txt - [1157 *Bytes] - [11/01/2017 15:15:45]
C:\AdwCleaner\AdwCleaner[S1].txt - [1082 *Bytes] - [12/01/2017 00:27:22]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1156 *Bytes] ##########

#4 Příspěvek od **Rudy** » 12 led 2017 18:31

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
CHR DefaultSearchURL: Default -> hxxp://goooglesearch.net/KYv88S?sub_id_1={searchTerms}
C:\Windows\system32\ApnDatabase.xml
C:\Users\naysl\AppData\Local\Temp

EmptyTemp:
End

Uložte do C:\Users\naysl\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

VIRY.CZ

vyskakovacie reklamy google chrome - log FRST

vyskakovacie reklamy google chrome - log FRST

Re: vyskakovacie reklamy google chrome - log FRST

Re: vyskakovacie reklamy google chrome - log FRST

Re: vyskakovacie reklamy google chrome - log FRST