VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

adware

https://forum.viry.cz:443/viewtopic.php?t=151081

Stránka 1 z 1

adware

Napsal: 09 led 2017 18:39
od M142
zdravim, chytil som nejaky adware, ale po roku pouzivania pc by sa hodila aj preventivka, preto som tu. vopred diky za pomoc. log davam do prilohy, pretoze sa do postu sa nezmestil.

Re: adware

Napsal: 09 led 2017 18:59
od Rudy
Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: adware

Napsal: 09 led 2017 19:10
od M142
# AdwCleaner v6.042 - *Logfile created 09/01/2017 *at 19:05:11
# *Updated on 06/01/2017 by Malwarebytes
# *Database : 2017-01-09.3 [*Server]
# *Operating System : Windows 10 Home (X64)
# *Username : pcuser - PC
# *Running from : C:\Users\pcuser\Desktop\adwcleaner_6.042.exe
# *Mode: Clean
# *Support : https://www.malwarebytes.com/support



***** [ *Services ] *****



***** [ *Folders ] *****



***** [ *Files ] *****

[-] *File deleted: C:\END
[-] *File deleted: C:\Users\pcuser\AppData\Local\Temp\Utils.dll


***** [ DLL ] *****



***** [ WMI ] *****



***** [ *Shortcuts ] *****



***** [ *Scheduled Tasks ] *****



***** [ *Registry ] *****



***** [ *Browsers ] *****



*************************

:: *"Tracing" keys deleted
:: *Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [853 *Bytes] - [09/01/2017 19:05:11]
C:\AdwCleaner\AdwCleaner[S0].txt - [1219 *Bytes] - [09/01/2017 19:04:56]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1000 *Bytes] ##########

Re: adware

Napsal: 09 led 2017 19:14
od Rudy
Teď dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

Re: adware

Napsal: 09 led 2017 19:35
od M142
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-01-2017
Ran by pcuser (administrator) on PC (09-01-2017 19:31:51)
Running from C:\Users\pcuser\Desktop
Loaded Profiles: pcuser (Available Profiles: pcuser)
Platform: Windows 10 Home Version 1607 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Video DSP\DriverMFTService.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(ASUSTeK) C:\Program Files (x86)\ASUS\ROG Game First III\AsusGameFirstService.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
() C:\Windows\System32\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Gaming Center\vivokey.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Windows\SysWOW64\UMonit64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
() C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(LG Electronics Inc.) C:\Program Files (x86)\LG Software\LG Smart Share\Update\SmartShareTray.exe
(LG Electronics Inc.) C:\Program Files (x86)\LG Software\LG Smart Share\DMS\SmartShareDMS.exe
(LG Electronics Inc.) C:\Program Files (x86)\LG Software\LG Smart Share\DMC\Aggregation.exe
() C:\Program Files (x86)\LG Software\LG Smart Share\DMR\SmartShareDMR.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSPanel.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.16112.10221.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3348712 2015-07-22] (ELAN Microelectronics Corp.)
HKLM\...\Run: [PAC7302_Monitor] => C:\WINDOWS\PixArt\PAC7302\Monitor.exe
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe [63296 2014-08-20] ()
HKLM-x32\...\Run: [ROGNB] => C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe [463872 2013-05-15] ()
HKLM-x32\...\Run: [ASUS ROG MacroKey] => C:\Program Files (x86)\ASUS\ASUS ROG MacroKey\Hid.exe [2036224 2014-07-30] (ASUS)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-16] (AVAST Software)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-05-20] (Oracle Corporation)
HKLM-x32\...\Run: [EaseUS Cleanup] => "C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.9\bin\CleanUpUI.exe" 10 300
HKU\S-1-5-21-197042236-3741169000-3781826669-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-197042236-3741169000-3781826669-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1407912 2016-11-29] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-197042236-3741169000-3781826669-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2876704 2016-12-20] (Valve Corporation)
HKU\S-1-5-21-197042236-3741169000-3781826669-1001\...\RunOnce: [Uninstall C:\Users\pcuser\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\pcuser\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64"
HKU\S-1-5-21-197042236-3741169000-3781826669-1001\...\MountPoints2: {698940e0-3165-11e5-8269-cc3d82165caf} - "F:\setup.exe"
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1407912 2016-11-29] (Garmin Ltd. or its subsidiaries)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-09] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-06-01]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
GroupPolicy: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{663ecdbc-10d3-4459-9c03-59e47f3b3326}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{716b3747-3e78-40ad-9577-f1f285a72cec}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-197042236-3741169000-3781826669-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-197042236-3741169000-3781826669-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-06-24] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-24] (Oracle Corporation)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-12-17]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-12-17]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-24] (Oracle Corporation)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-10-01] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-10-01] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.microsoft.com/isapi/redir.dll?prd=i ... ar=msnhome
CHR Profile: C:\Users\pcuser\AppData\Local\Google\Chrome\User Data\Default [2017-01-09]
CHR Extension: (Prezentácie Google) - C:\Users\pcuser\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-21]
CHR Extension: (Dokumenty Google) - C:\Users\pcuser\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-21]
CHR Extension: (Disk Google) - C:\Users\pcuser\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
CHR Extension: (YouTube) - C:\Users\pcuser\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-01]
CHR Extension: (Send Link) - C:\Users\pcuser\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciaphlkefgpbpjfohdklmmmainekohil [2017-01-07]
CHR Extension: (Back to Backspace) - C:\Users\pcuser\AppData\Local\Google\Chrome\User Data\Default\Extensions\cldokedgmomhbifmiiogjjkgffhcbaec [2016-08-22]
CHR Extension: (Google Search) - C:\Users\pcuser\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-06]
CHR Extension: (Avast SafePrice) - C:\Users\pcuser\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-11-15]
CHR Extension: (Tabuľky Google) - C:\Users\pcuser\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-21]
CHR Extension: (Vzdialená plocha Chrome) - C:\Users\pcuser\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-07-13]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\pcuser\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Boomerang for Gmail) - C:\Users\pcuser\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdanidgdpmkimeiiojknlnekblgmpdll [2016-07-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\pcuser\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\pcuser\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-21]
CHR Extension: (Chrome Media Router) - C:\Users\pcuser\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-17]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-20] (ASUS Cloud Corporation) [File not signed]
R2 AsusGameFirstService; C:\Program Files (x86)\ASUS\ROG Game First III\AsusGameFirstService.exe [345912 2014-08-29] (ASUSTeK)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-09] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1141248 2015-07-19] ()
S3 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\55.0.2883.17\remoting_host.exe [76392 2016-10-16] (Spoločnosť Google Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 DriverMFTService; C:\Program Files (x86)\Asus\ASUS Video DSP\DriverMFTService.exe [9728 2014-10-29] (ASUSTek Computer Inc.) [File not signed]
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1029648 2016-11-29] (Garmin Ltd. or its subsidiaries)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-02] (Intel(R) Corporation) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-23] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-10-23] (Intel Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [457272 2016-09-30] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [457272 2016-09-30] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1165368 2016-09-30] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2117128 2016-11-08] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2178576 2016-11-08] (Electronic Arts)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2016-09-17] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2016-09-16] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [37656 2016-09-09] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [37144 2016-09-09] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [108816 2016-09-09] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [103064 2016-09-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-09] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [969184 2016-09-13] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [513632 2016-09-30] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [163416 2016-09-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-13] (AVAST Software)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-09-25] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-09-25] (Windows (R) Win 7 DDK provider)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2015-08-18] (Disc Soft Ltd)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [349960 2016-07-12] (Intel Corporation)
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [77992 2014-08-04] (Intel Corporation)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-10-23] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2016-07-16] (Intel Corporation)
R1 NFC_Driver; C:\WINDOWS\System32\drivers\NFC_Driver.sys [48336 2014-03-27] (Titan ARC Corp.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_07462d9384409609\nvlddmkm.sys [14249416 2016-10-05] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [29240 2016-09-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47672 2016-09-30] (NVIDIA Corporation)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2015-07-07] (Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-09 19:31 - 2017-01-09 19:32 - 00023285 _____ C:\Users\pcuser\Desktop\FRST.txt
2017-01-09 19:31 - 2017-01-09 19:31 - 02419200 _____ (Farbar) C:\Users\pcuser\Desktop\FRST64.exe
2017-01-09 19:31 - 2017-01-09 19:31 - 00000000 ____D C:\FRST
2017-01-09 19:30 - 2017-01-09 19:30 - 02419200 _____ (Farbar) C:\Users\pcuser\Downloads\FRST64.exe
2017-01-09 19:02 - 2017-01-09 19:05 - 00000000 ____D C:\AdwCleaner
2017-01-09 19:02 - 2017-01-09 19:02 - 03988944 _____ C:\Users\pcuser\Desktop\adwcleaner_6.042.exe
2017-01-09 19:01 - 2017-01-09 19:02 - 03988944 _____ C:\Users\pcuser\Downloads\adwcleaner_6.042.exe
2017-01-09 18:38 - 2017-01-09 18:38 - 00018970 _____ C:\Users\pcuser\Desktop\log.zip
2017-01-09 18:31 - 2017-01-09 18:31 - 00000000 ____D C:\rsit
2017-01-09 18:31 - 2017-01-09 18:31 - 00000000 ____D C:\Program Files\trend micro
2017-01-09 18:30 - 2017-01-09 18:30 - 01323520 _____ C:\Users\pcuser\Downloads\RSITx64.exe
2017-01-09 11:36 - 2017-01-09 11:36 - 12770858 _____ C:\Users\pcuser\Downloads\Všechno.mp4
2017-01-09 09:07 - 2017-01-09 09:08 - 00000000 ____D C:\Users\pcuser\Downloads\Family.Guy.S15E10.HDTV.x264-LOL
2017-01-09 09:06 - 2017-01-09 09:06 - 00000000 ____D C:\Users\pcuser\AppData\LocalLow\uTorrent
2017-01-08 18:21 - 2017-01-08 18:21 - 00323586 _____ C:\Users\pcuser\Downloads\NO BPP.pdf
2017-01-07 18:59 - 2017-01-07 20:20 - 00000000 ____D C:\Users\pcuser\Downloads\Krigen.2015.720p.BRRip.x264.Danish.AAC-ETRG
2017-01-06 19:02 - 2017-01-06 19:03 - 52903324 _____ C:\Users\pcuser\Downloads\atheros_ar5xx_ar9xx_ar1xx_ar2xx_10_0_0_303_wireless_whql_driver.zip
2017-01-06 18:58 - 2017-01-06 18:58 - 00001027 _____ C:\Users\Public\Desktop\MiniTool Partition Wizard Free.lnk
2017-01-06 18:58 - 2017-01-06 18:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Free 9.1
2017-01-06 18:58 - 2017-01-06 18:58 - 00000000 ____D C:\Program Files\MiniTool Partition Wizard Free 9.1
2017-01-06 18:58 - 2015-08-11 12:22 - 03067392 _____ C:\WINDOWS\system32\pwNative.exe
2017-01-06 18:58 - 2013-09-30 15:26 - 00019152 ____N C:\WINDOWS\system32\pwdrvio.sys
2017-01-06 18:58 - 2013-09-30 15:26 - 00012504 ____N C:\WINDOWS\system32\pwdspio.sys
2017-01-06 18:54 - 2017-01-06 18:58 - 32262960 _____ (MiniTool Solution Ltd. ) C:\Users\pcuser\Downloads\pwfree91.exe
2017-01-06 18:42 - 2017-01-06 18:42 - 00000000 ____D C:\Program Files (x86)\EaseUS
2017-01-06 18:40 - 2017-01-06 18:42 - 53242944 _____ (EaseUS ) C:\Users\pcuser\Downloads\epm_trial.exe
2017-01-06 14:52 - 2017-01-06 14:52 - 00000068 _____ C:\Users\pcuser\Downloads\rufus.ini
2017-01-06 13:50 - 2017-01-06 14:51 - 00937592 _____ (Akeo Consulting (hxxp://akeo.ie)) C:\Users\pcuser\Downloads\rufus-2.11p.exe
2017-01-06 13:50 - 2017-01-06 14:35 - 00000000 ____D C:\Users\pcuser\Downloads\Windows 7 Ultimate SP1 (32 Bit)
2017-01-06 13:20 - 2017-01-06 13:20 - 04874935 _____ C:\Users\pcuser\Downloads\CrystalDiskInfo7_0_5.zip
2017-01-06 12:26 - 2017-01-06 12:26 - 06060113 _____ C:\Users\pcuser\Downloads\memtest86-usb.zip
2017-01-06 12:26 - 2017-01-06 12:26 - 00000000 ____D C:\Users\pcuser\Downloads\memtest86-usb
2017-01-05 21:55 - 2017-01-05 21:55 - 00002327 _____ C:\Users\Public\Desktop\SmartShare.lnk
2017-01-05 21:54 - 2017-01-05 21:54 - 00000000 ____D C:\WINDOWS\SysWOW64\SSFilter
2017-01-05 21:54 - 2017-01-05 21:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG Software
2017-01-05 21:54 - 2011-08-10 14:00 - 00378880 _____ C:\WINDOWS\SysWOW64\av_dll.dll
2017-01-05 21:54 - 2011-08-10 14:00 - 00020992 _____ C:\WINDOWS\SysWOW64\av_proxy.dll
2017-01-05 21:32 - 2017-01-05 21:32 - 00000000 ____D C:\Users\pcuser\Downloads\LG_SmartShare_WAL_33_2.3.1511.1201
2017-01-05 21:26 - 2017-01-05 21:32 - 191087726 _____ C:\Users\pcuser\Downloads\LG_SmartShare_WAL_33_2.3.1511.1201.zip
2017-01-04 21:33 - 2017-01-04 21:53 - 00000000 ____D C:\Users\pcuser\Downloads\From [ http://WWW.TORRENTING.COM ] - This.Is.Us.S01E10.HDTV.x264-FLEET
2017-01-03 20:18 - 2017-01-03 20:27 - 00000000 ____D C:\Users\pcuser\Downloads\From [ http://WWW.TORRENTING.COM ] - This.Is.Us.S01E09.HDTV.x264-FLEET
2017-01-02 19:05 - 2017-01-02 21:42 - 00000000 ____D C:\Users\pcuser\Downloads\From [ http://WWW.TORRENTING.COM ] - This.Is.Us.S01E08.HDTV.x264-FLEET
2017-01-02 16:21 - 2017-01-02 16:21 - 00000000 ____D C:\Users\pcuser\AppData\Local\Chromium
2017-01-02 16:15 - 2017-01-09 19:13 - 00000000 ____D C:\Program Files (x86)\Steam
2017-01-02 16:15 - 2017-01-02 16:15 - 01446792 _____ C:\Users\pcuser\Downloads\SteamSetup.exe
2017-01-02 16:15 - 2017-01-02 16:15 - 00001034 _____ C:\Users\Public\Desktop\Steam.lnk
2017-01-02 16:15 - 2017-01-02 16:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-12-27 13:03 - 2016-12-27 13:03 - 00559616 _____ C:\Users\pcuser\Downloads\zvyk.pps
2016-12-25 13:59 - 2016-12-26 16:25 - 00000000 ____D C:\Users\pcuser\Downloads\Prometheus (2012) [1080p]
2016-12-25 13:23 - 2016-12-25 13:23 - 00020316 _____ C:\Users\pcuser\Desktop\porn.jpg
2016-12-24 18:47 - 2017-01-02 21:42 - 00000000 ____D C:\Users\pcuser\Downloads\From [ http://WWW.TORRENTING.COM ] - This.Is.Us.S01E07.HDTV.x264-FLEET
2016-12-23 11:23 - 2016-12-23 11:31 - 00000000 ____D C:\Users\pcuser\Downloads\www.torrenting.com - This.Is.Us.S01E06.HDTV.x264-FLEET
2016-12-22 22:35 - 2016-12-23 09:36 - 00000000 ____D C:\Users\pcuser\Downloads\www.torrenting.com - This.Is.Us.S01E05.HDTV.x264-FLEET
2016-12-22 20:29 - 2016-12-22 21:47 - 00000000 ____D C:\Users\pcuser\Downloads\This.Is.Us.S01E04.HDTV.x264-FLEET[PRiME]
2016-12-22 20:20 - 2016-12-22 20:21 - 07298048 _____ C:\Users\pcuser\Downloads\Spomenici1.pps
2016-12-22 16:21 - 2016-12-22 16:49 - 00000000 ____D C:\Users\pcuser\Downloads\This.Is.Us.S01E04.WEB-DL.XviD-FUM[ettv]
2016-12-22 14:57 - 2016-12-22 15:08 - 00000000 ____D C:\Users\pcuser\Downloads\www.torrenting.com - This.Is.Us.S01E03.XviD-AFG
2016-12-22 14:27 - 2016-12-22 15:07 - 00000000 ____D C:\Users\pcuser\Downloads\www.torrenting.com - This.Is.Us.S01E03.HDTV.x264-KILLERS
2016-12-22 10:51 - 2016-12-22 10:51 - 05897216 _____ C:\Users\pcuser\Downloads\60-Teryho Chata_30sep2016.pps
2016-12-22 10:35 - 2016-12-22 11:16 - 00000000 ____D C:\Users\pcuser\Downloads\This.is.Us.S01E02.HDTV.x264-KILLERS[ettv]
2016-12-22 09:06 - 2017-01-05 21:22 - 00000000 ____D C:\Users\pcuser\Downloads\This.is.Us.S01E01.HDTV.x264-KILLERS[ettv]
2016-12-17 10:31 - 2016-09-09 08:11 - 00391496 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-12-15 18:42 - 2016-12-15 18:42 - 00003266 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2016-12-13 19:48 - 2016-12-09 11:32 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-12-13 19:48 - 2016-12-09 11:29 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-13 19:48 - 2016-12-09 11:19 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-12-13 19:48 - 2016-12-09 11:18 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-12-13 19:48 - 2016-12-09 11:18 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-12-13 19:48 - 2016-12-09 11:18 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-12-13 19:48 - 2016-12-09 11:18 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-12-13 19:48 - 2016-12-09 11:15 - 08168000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-12-13 19:48 - 2016-12-09 11:15 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-12-13 19:48 - 2016-12-09 11:14 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-12-13 19:48 - 2016-12-09 11:01 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-12-13 19:48 - 2016-12-09 10:57 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-12-13 19:48 - 2016-12-09 10:52 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-12-13 19:48 - 2016-12-09 10:41 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2016-12-13 19:48 - 2016-12-09 10:38 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-12-13 19:48 - 2016-12-09 10:36 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-12-13 19:48 - 2016-12-09 10:36 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-12-13 19:48 - 2016-12-09 10:36 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-12-13 19:48 - 2016-12-09 10:33 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-12-13 19:48 - 2016-12-09 10:33 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-12-13 19:48 - 2016-12-09 10:31 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-12-13 19:48 - 2016-12-09 10:30 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-12-13 19:48 - 2016-12-09 10:28 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-12-13 19:48 - 2016-12-09 10:24 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-12-13 19:48 - 2016-12-09 10:22 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-12-13 19:48 - 2016-12-09 10:18 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-12-13 19:48 - 2016-12-09 10:16 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-12-13 19:48 - 2016-12-09 10:15 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-12-13 19:48 - 2016-12-09 10:15 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-12-13 19:48 - 2016-12-09 10:15 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2016-12-13 19:47 - 2016-12-09 11:42 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-12-13 19:47 - 2016-12-09 11:42 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-12-13 19:47 - 2016-12-09 11:34 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-12-13 19:47 - 2016-12-09 11:34 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-12-13 19:47 - 2016-12-09 11:33 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-12-13 19:47 - 2016-12-09 11:33 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-12-13 19:47 - 2016-12-09 11:30 - 00377184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-12-13 19:47 - 2016-12-09 11:28 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-12-13 19:47 - 2016-12-09 11:27 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-12-13 19:47 - 2016-12-09 11:20 - 02677544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-12-13 19:47 - 2016-12-09 11:20 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-12-13 19:47 - 2016-12-09 11:20 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-12-13 19:47 - 2016-12-09 11:20 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-12-13 19:47 - 2016-12-09 11:20 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-12-13 19:47 - 2016-12-09 11:19 - 00168424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2016-12-13 19:47 - 2016-12-09 11:18 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-12-13 19:47 - 2016-12-09 11:18 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-12-13 19:47 - 2016-12-09 11:18 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-12-13 19:47 - 2016-12-09 11:14 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-12-13 19:47 - 2016-12-09 11:11 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-12-13 19:47 - 2016-12-09 11:10 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-12-13 19:47 - 2016-12-09 11:10 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-12-13 19:47 - 2016-12-09 11:09 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2016-12-13 19:47 - 2016-12-09 11:01 - 01503544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-12-13 19:47 - 2016-12-09 11:01 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-12-13 19:47 - 2016-12-09 11:00 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2016-12-13 19:47 - 2016-12-09 10:59 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-12-13 19:47 - 2016-12-09 10:59 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-12-13 19:47 - 2016-12-09 10:57 - 06668040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-12-13 19:47 - 2016-12-09 10:56 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-12-13 19:47 - 2016-12-09 10:52 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-12-13 19:47 - 2016-12-09 10:51 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-12-13 19:47 - 2016-12-09 10:47 - 22563328 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-12-13 19:47 - 2016-12-09 10:45 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-12-13 19:47 - 2016-12-09 10:45 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2016-12-13 19:47 - 2016-12-09 10:42 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-12-13 19:47 - 2016-12-09 10:41 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-12-13 19:47 - 2016-12-09 10:40 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-12-13 19:47 - 2016-12-09 10:37 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-12-13 19:47 - 2016-12-09 10:37 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-12-13 19:47 - 2016-12-09 10:37 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-12-13 19:47 - 2016-12-09 10:36 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-12-13 19:47 - 2016-12-09 10:36 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-12-13 19:47 - 2016-12-09 10:34 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-12-13 19:47 - 2016-12-09 10:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-12-13 19:47 - 2016-12-09 10:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-12-13 19:47 - 2016-12-09 10:31 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-12-13 19:47 - 2016-12-09 10:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-12-13 19:47 - 2016-12-09 10:30 - 23677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-12-13 19:47 - 2016-12-09 10:30 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-12-13 19:47 - 2016-12-09 10:29 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-12-13 19:47 - 2016-12-09 10:28 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-12-13 19:47 - 2016-12-09 10:27 - 19417088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-12-13 19:47 - 2016-12-09 10:27 - 13084160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-12-13 19:47 - 2016-12-09 10:27 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-12-13 19:47 - 2016-12-09 10:27 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-12-13 19:47 - 2016-12-09 10:26 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-12-13 19:47 - 2016-12-09 10:26 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-12-13 19:47 - 2016-12-09 10:25 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2016-12-13 19:47 - 2016-12-09 10:23 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-12-13 19:47 - 2016-12-09 10:22 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-12-13 19:47 - 2016-12-09 10:22 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-12-13 19:47 - 2016-12-09 10:21 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-12-13 19:47 - 2016-12-09 10:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-12-13 19:47 - 2016-12-09 10:21 - 01512960 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-12-13 19:47 - 2016-12-09 10:21 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-12-13 19:47 - 2016-12-09 10:20 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-12-13 19:47 - 2016-12-09 10:20 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-12-13 19:47 - 2016-12-09 10:20 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-12-13 19:47 - 2016-12-09 10:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-12-13 19:47 - 2016-12-09 10:20 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-12-13 19:47 - 2016-12-09 10:19 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-12-13 19:47 - 2016-12-09 10:19 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-12-13 19:47 - 2016-12-09 10:19 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-12-13 19:47 - 2016-12-09 10:19 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-12-13 19:47 - 2016-12-09 10:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2016-12-13 19:47 - 2016-12-09 10:18 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-12-13 19:47 - 2016-12-09 10:18 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-12-13 19:47 - 2016-12-09 10:17 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-12-13 19:47 - 2016-12-09 10:17 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-12-13 19:47 - 2016-12-09 10:16 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-12-13 19:47 - 2016-12-09 10:16 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-12-13 19:47 - 2016-12-09 09:54 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-12-13 14:08 - 2016-12-13 14:08 - 00088576 _____ C:\Users\pcuser\Downloads\Obyvatelia bývalej NDR 10.13.16.doc
2016-12-13 14:08 - 2016-12-13 14:08 - 00045797 _____ C:\Users\pcuser\Downloads\02_DETI_jsou_v_prvni_linii_boje_za_zniceni_naroda.docx
2016-12-13 09:22 - 2016-12-13 09:22 - 01944805 _____ C:\Users\pcuser\Downloads\SOCHY.pdf
2016-12-12 21:52 - 2016-12-12 21:55 - 94988712 ____R C:\Users\pcuser\Downloads\Family.Guy.S15E09.HDTV.x264-FLEET.mkv
2016-12-12 20:02 - 2016-12-12 20:22 - 00000000 ____D C:\Users\pcuser\Downloads\Coherence (2013)

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-09 19:14 - 2016-08-06 12:45 - 00004028 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1466020826
2017-01-09 19:14 - 2016-06-15 21:00 - 00001090 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-01-09 19:12 - 2016-09-30 20:10 - 00331752 _____ C:\WINDOWS\system32\perfh01B.dat
2017-01-09 19:12 - 2016-09-30 20:10 - 00099824 _____ C:\WINDOWS\system32\perfc01B.dat
2017-01-09 19:12 - 2015-10-25 13:04 - 01727690 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-01-09 19:08 - 2016-08-06 12:29 - 00000000 ____D C:\ProgramData\NVIDIA
2017-01-09 19:07 - 2015-04-28 23:15 - 00000093 _____ C:\Users\pcuser\AppData\Roaming\sp_data.sys
2017-01-09 19:06 - 2016-08-06 12:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-09 19:05 - 2016-07-16 07:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-01-09 19:04 - 2015-06-29 19:21 - 00000000 ____D C:\Users\pcuser\AppData\Roaming\uTorrent
2017-01-09 18:19 - 2016-08-06 12:27 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-01-08 22:24 - 2016-08-06 12:34 - 00000000 ____D C:\Users\pcuser
2017-01-08 22:21 - 2016-07-08 13:56 - 00000000 ____D C:\Users\pcuser\AppData\Local\Battle.net
2017-01-08 22:13 - 2015-07-19 17:48 - 00000000 ____D C:\Users\pcuser\AppData\Roaming\Skype
2017-01-08 10:06 - 2016-07-08 13:55 - 00000000 ____D C:\Program Files (x86)\Battle.net
2017-01-07 22:57 - 2015-11-19 19:08 - 00000000 ____D C:\Users\pcuser\AppData\Roaming\vlc
2017-01-06 16:38 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-06 15:06 - 2016-02-02 17:48 - 00000290 __RSH C:\ProgramData\ntuser.pol
2017-01-05 21:54 - 2016-08-06 12:45 - 00003528 _____ C:\WINDOWS\System32\Tasks\SmartShare
2017-01-05 21:54 - 2016-01-03 19:16 - 00000000 ____D C:\ProgramData\LG Software
2017-01-05 21:54 - 2016-01-03 19:16 - 00000000 ____D C:\Program Files (x86)\LG Software
2017-01-05 21:53 - 2015-03-17 12:07 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-01-05 16:35 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-02 15:17 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-12-28 16:14 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\twain_32
2016-12-27 18:46 - 2016-08-06 12:33 - 00524288 ___SH C:\WINDOWS\system32\config\COMPONENTS{f5b135e6-4b48-11e6-80cb-e41d2d012050}.TMContainer00000000000000000002.regtrans-ms
2016-12-27 18:46 - 2016-08-06 12:33 - 00524288 ___SH C:\WINDOWS\system32\config\COMPONENTS{f5b135e6-4b48-11e6-80cb-e41d2d012050}.TMContainer00000000000000000001.regtrans-ms
2016-12-27 18:46 - 2016-08-06 12:33 - 00065536 ___SH C:\WINDOWS\system32\config\COMPONENTS{f5b135e6-4b48-11e6-80cb-e41d2d012050}.TM.blf
2016-12-27 18:46 - 2016-07-16 07:04 - 45613056 _____ C:\WINDOWS\system32\config\COMPONENTS
2016-12-27 17:30 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\WinSxS
2016-12-27 17:30 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\DriverStore
2016-12-27 13:03 - 2016-03-16 14:58 - 00045360 _____ C:\Users\pcuser\AppData\Local\GDIPFONTCACHEV1.DAT
2016-12-25 13:42 - 2016-11-22 19:31 - 00000000 ____D C:\Users\pcuser\AppData\Local\Diagnostics
2016-12-22 17:38 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\catroot2
2016-12-22 07:58 - 2016-10-04 07:11 - 00000000 ____D C:\Users\pcuser\AppData\Local\Eclipse
2016-12-22 07:58 - 2016-10-04 06:59 - 00000000 ____D C:\Users\pcuser\.p2
2016-12-19 20:08 - 2016-02-15 20:28 - 00000000 ____D C:\Users\pcuser\AppData\Local\CrashDumps
2016-12-17 10:32 - 2015-11-27 22:45 - 00001981 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2016-12-17 10:32 - 2015-10-25 13:47 - 00001969 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-12-17 10:31 - 2016-08-06 12:45 - 00004004 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-12-17 00:11 - 2015-05-21 21:00 - 00002286 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-17 00:11 - 2015-05-21 21:00 - 00002274 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-17 00:09 - 2016-07-16 12:47 - 00000000 _SHDC C:\WINDOWS\Installer
2016-12-17 00:09 - 2016-06-01 09:19 - 00000000 ___HD C:\Config.Msi
2016-12-17 00:04 - 2016-08-06 12:45 - 00003454 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-17 00:04 - 2016-08-06 12:45 - 00003330 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-17 00:04 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Tasks
2016-12-15 20:27 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2016-12-15 18:42 - 2016-08-06 12:34 - 00000000 ___RD C:\Users\pcuser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-15 18:42 - 2015-10-25 13:14 - 00002372 _____ C:\Users\pcuser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-12-15 18:42 - 2015-10-25 13:14 - 00000000 ___RD C:\Users\pcuser\OneDrive
2016-12-14 20:12 - 2016-07-16 12:47 - 00000000 __RSD C:\WINDOWS\assembly
2016-12-14 07:26 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-12-14 07:02 - 2016-08-06 12:27 - 00221016 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-12-13 22:42 - 2016-08-06 12:27 - 00524288 ___SH C:\WINDOWS\system32\config\DRIVERS{f5b135f1-4b48-11e6-80cb-e41d2d012050}.TMContainer00000000000000000001.regtrans-ms
2016-12-13 22:42 - 2016-08-06 12:27 - 00065536 ___SH C:\WINDOWS\system32\config\DRIVERS{f5b135f1-4b48-11e6-80cb-e41d2d012050}.TM.blf
2016-12-13 22:42 - 2016-07-16 12:47 - 00000796 ___SH C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini
2016-12-13 22:42 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\en-US
2016-12-13 22:42 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\en-US
2016-12-13 22:42 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Boot
2016-12-13 22:42 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-12-13 22:42 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppPatch
2016-12-13 20:18 - 2015-05-04 19:40 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-12-13 20:16 - 2015-05-04 19:40 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-12-12 00:56 - 2016-10-29 16:44 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-12 00:56 - 2016-10-29 16:44 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-11 00:15 - 2016-08-06 12:34 - 00524288 ___SH C:\Users\pcuser\NTUSER.DAT{1120cdbd-5bd1-11e6-828f-ca2736320a12}.TMContainer00000000000000000002.regtrans-ms
2016-12-10 09:29 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2016-12-10 09:24 - 2016-08-06 13:02 - 00000174 ___SH C:\Users\pcuser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini
2016-12-10 09:24 - 2015-09-10 06:44 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-12-10 09:24 - 2015-04-28 23:15 - 00000402 ___SH C:\Users\pcuser\Documents\desktop.ini
2016-12-10 09:24 - 2015-04-28 23:15 - 00000282 ___SH C:\Users\pcuser\Downloads\desktop.ini
2016-12-10 09:24 - 2015-04-28 23:15 - 00000282 ___SH C:\Users\pcuser\Desktop\desktop.ini
2016-12-10 09:24 - 2015-04-28 23:15 - 00000174 ___SH C:\Users\pcuser\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini
2016-12-10 09:24 - 2015-04-28 23:15 - 00000000 ___RD C:\Users\pcuser\Searches
2016-12-10 09:24 - 2015-04-28 23:15 - 00000000 ___RD C:\Users\pcuser\Contacts
2016-12-10 09:24 - 2015-04-28 23:15 - 00000000 ___RD C:\Users\pcuser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2016-12-10 09:24 - 2015-04-28 23:15 - 00000000 ___RD C:\Users\pcuser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2016-12-10 09:24 - 2015-04-28 23:14 - 00000000 ___RD C:\Users\pcuser\Saved Games
2016-12-10 09:24 - 2015-04-28 23:14 - 00000000 ___RD C:\Users\pcuser\Pictures
2016-12-10 09:24 - 2015-04-28 23:14 - 00000000 ___RD C:\Users\pcuser\Music
2016-12-10 09:24 - 2015-04-28 23:14 - 00000000 ___RD C:\Users\pcuser\Links
2016-12-10 09:24 - 2015-04-28 23:14 - 00000000 ___RD C:\Users\pcuser\Favorites
2016-12-10 09:24 - 2015-04-28 23:14 - 00000000 ___RD C:\Users\pcuser\Documents
2016-12-10 09:22 - 2016-07-16 07:04 - 00262144 _____ C:\Users\Default\NTUSER.DAT

==================== Files in the root of some directories =======

2015-04-28 23:15 - 2017-01-09 19:07 - 0000093 _____ () C:\Users\pcuser\AppData\Roaming\sp_data.sys
2016-07-12 06:54 - 2016-07-12 06:54 - 0011262 _____ () C:\Users\pcuser\AppData\Local\recently-used.xbel
2016-08-06 12:30 - 2016-08-06 12:30 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-06-01 09:19 - 2016-11-10 17:24 - 0001422 _____ () C:\ProgramData\hpzinstall.log
2014-10-21 05:28 - 2012-09-07 12:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2014-10-21 05:28 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-10-21 05:28 - 2012-09-07 12:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

Some files in TEMP:
====================
C:\Users\pcuser\AppData\Local\Temp\Foxit PhantomPDF Updater.exe
C:\Users\pcuser\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\pcuser\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\pcuser\AppData\Local\Temp\nvStInst.exe
C:\Users\pcuser\AppData\Local\Temp\sonarinst.exe
C:\Users\pcuser\AppData\Local\Temp\{9C8133CA-BF52-40FC-A2AD-2B67CD6A3409}-54.0.2840.71_chrome_installer.exe


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-01-02 15:32

==================== End of FRST.txt ============================

Re: adware

Napsal: 09 led 2017 20:22
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-05-20] (Oracle Corporation)
HKU\S-1-5-21-197042236-3741169000-3781826669-1001\...\MountPoints2: {698940e0-3165-11e5-8269-cc3d82165caf} - "F:\setup.exe"
GroupPolicy: Restriction <======= ATTENTION
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\DP45977C.lfl
C:\ProgramData\SetStretch.VBS
C:\Users\pcuser\AppData\Local\Temp
Task: {1B2C8321-6062-40A8-A09C-6C149490F27F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {3F934BA8-9E2C-4B66-890C-79AF13892F06} - \WPD\SqmUpload_S-1-5-21-197042236-3741169000-3781826669-1001 -> No File <==== ATTENTION
Task: {569B0229-AEBD-4FAF-A917-6921A151ACC6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {69891B0D-152B-4C5C-9570-FE3CE446885F} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {742BF253-B6D0-4EA2-B9BD-FC33F1576E7B} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {97A12270-BB61-48B2-A585-1261FF8BA2BF} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {97D65E60-EAA3-4E0A-A344-E9543B4D0BFE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {B71C7286-4459-44CB-84D3-7D1CF2FD82E4} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {B7EE7BCD-2D12-4D12-B30D-8D2BF9C1716D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {D173BDEC-25B0-4153-9228-203A59B21B0C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {E430933A-5E2D-46A6-B25B-ADC9AC510077} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {F0AEACA6-44F4-4805-911B-5A7D149FEE9D} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: adware

Napsal: 09 led 2017 20:41
od M142
Fix result of Farbar Recovery Scan Tool (x64) Version: 08-01-2017
Ran by pcuser (09-01-2017 20:37:18) Run:1
Running from C:\Users\pcuser\Desktop
Loaded Profiles: pcuser (Available Profiles: pcuser)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-05-20] (Oracle Corporation)
HKU\S-1-5-21-197042236-3741169000-3781826669-1001\...\MountPoints2: {698940e0-3165-11e5-8269-cc3d82165caf} - "F:\setup.exe"
GroupPolicy: Restriction <======= ATTENTION
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\DP45977C.lfl
C:\ProgramData\SetStretch.VBS
C:\Users\pcuser\AppData\Local\Temp
Task: {1B2C8321-6062-40A8-A09C-6C149490F27F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {3F934BA8-9E2C-4B66-890C-79AF13892F06} - \WPD\SqmUpload_S-1-5-21-197042236-3741169000-3781826669-1001 -> No File <==== ATTENTION
Task: {569B0229-AEBD-4FAF-A917-6921A151ACC6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {69891B0D-152B-4C5C-9570-FE3CE446885F} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {742BF253-B6D0-4EA2-B9BD-FC33F1576E7B} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {97A12270-BB61-48B2-A585-1261FF8BA2BF} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {97D65E60-EAA3-4E0A-A344-E9543B4D0BFE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {B71C7286-4459-44CB-84D3-7D1CF2FD82E4} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {B7EE7BCD-2D12-4D12-B30D-8D2BF9C1716D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {D173BDEC-25B0-4153-9228-203A59B21B0C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {E430933A-5E2D-46A6-B25B-ADC9AC510077} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {F0AEACA6-44F4-4805-911B-5A7D149FEE9D} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION

EmptyTemp:
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-197042236-3741169000-3781826669-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{698940e0-3165-11e5-8269-cc3d82165caf} => key removed successfully
HKCR\CLSID\{698940e0-3165-11e5-8269-cc3d82165caf} => key not found.
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
C:\ProgramData\SetStretch.VBS => moved successfully
C:\Users\pcuser\AppData\Local\Temp => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1B2C8321-6062-40A8-A09C-6C149490F27F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1B2C8321-6062-40A8-A09C-6C149490F27F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3F934BA8-9E2C-4B66-890C-79AF13892F06} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3F934BA8-9E2C-4B66-890C-79AF13892F06} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-197042236-3741169000-3781826669-1001 => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{569B0229-AEBD-4FAF-A917-6921A151ACC6} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{569B0229-AEBD-4FAF-A917-6921A151ACC6} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{69891B0D-152B-4C5C-9570-FE3CE446885F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{69891B0D-152B-4C5C-9570-FE3CE446885F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{742BF253-B6D0-4EA2-B9BD-FC33F1576E7B} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{742BF253-B6D0-4EA2-B9BD-FC33F1576E7B} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{97A12270-BB61-48B2-A585-1261FF8BA2BF} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{97A12270-BB61-48B2-A585-1261FF8BA2BF} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{97D65E60-EAA3-4E0A-A344-E9543B4D0BFE} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{97D65E60-EAA3-4E0A-A344-E9543B4D0BFE} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B71C7286-4459-44CB-84D3-7D1CF2FD82E4} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B71C7286-4459-44CB-84D3-7D1CF2FD82E4} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B7EE7BCD-2D12-4D12-B30D-8D2BF9C1716D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B7EE7BCD-2D12-4D12-B30D-8D2BF9C1716D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D173BDEC-25B0-4153-9228-203A59B21B0C} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D173BDEC-25B0-4153-9228-203A59B21B0C} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E430933A-5E2D-46A6-B25B-ADC9AC510077} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E430933A-5E2D-46A6-B25B-ADC9AC510077} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F0AEACA6-44F4-4805-911B-5A7D149FEE9D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F0AEACA6-44F4-4805-911B-5A7D149FEE9D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 308208 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 273188730 B
Java, Flash, Steam htmlcache => 160802801 B
Windows/system/drivers => 181964414 B
Edge => 38016211 B
Chrome => 853882032 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 279794 B
NetworkService => 19196 B
pcuser => 742326 B

RecycleBin => 14267851555 B
EmptyTemp: => 14.7 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:37:41 ====

Re: adware

Napsal: 09 led 2017 21:17
od Rudy
Smazáno. Nastala nějaká změna?

Re: adware

Napsal: 09 led 2017 21:18
od M142
bohuzial nie, problem zostal.

Re: adware

Napsal: 09 led 2017 21:21
od Rudy
Zkuste ještě tyto skeny:

1. Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize




autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;





Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

Re: adware

Napsal: 09 led 2017 21:48
od M142
zda sa ze je to prec :)

Zoek.exe v5.0.0.1 Updated 19-September-2016
Tool run by pcuser on Mon 09.01.2017 at 21:23:46,92.
Microsoft Windows 10 Home 10.0.14393 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\pcuser\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

9.1.2017 21:24:17 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\Cisco deleted successfully
C:\PROGRA~2\R.G. Mechanics deleted successfully
C:\PROGRA~2\COMMON~1\Blizzard Entertainment deleted successfully
C:\Program Files\Common Files\Intel deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\pcuser\AppData\Local\ActiveSync deleted successfully
C:\Users\pcuser\AppData\Local\CAPCOM deleted successfully
C:\Users\pcuser\AppData\Local\Skype deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\CrashDumps deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\Cisco not found
C:\PROGRA~2\R.G. Mechanics not found
C:\Users\pcuser\AppData\Roaming\Factorio deleted
C:\PROGRA~3\Package Cache deleted
C:\windows\SysNative\GroupPolicy\User deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [17.12.2016 10:31]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [17.12.2016 10:31]

==== Chromium Look ======================

Google Chrome Version: 46.0.2490.86

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eofcbnmajmjmplflapaojjnihcjkigck - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx[]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[]

Send Link - pcuser\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciaphlkefgpbpjfohdklmmmainekohil
Back to Backspace - pcuser\AppData\Local\Google\Chrome\User Data\Default\Extensions\cldokedgmomhbifmiiogjjkgffhcbaec
Avast SafePrice - pcuser\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Boomerang for Gmail - pcuser\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdanidgdpmkimeiiojknlnekblgmpdll
Chrome Media Router - pcuser\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Chromium Fix ======================

C:\Users\pcuser\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adexchangeprediction.com_0.localstorage deleted successfully
C:\Users\pcuser\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adexchangeprediction.com_0.localstorage-journal deleted successfully
C:\Users\pcuser\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.donation-tools.org_0.localstorage deleted successfully
C:\Users\pcuser\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.donation-tools.org_0.localstorage-journal deleted successfully
C:\Users\pcuser\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage deleted successfully
C:\Users\pcuser\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage-journal deleted successfully
C:\Users\pcuser\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_pstatic.davebestdeals.com_0.localstorage deleted successfully
C:\Users\pcuser\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_pstatic.davebestdeals.com_0.localstorage-journal deleted successfully
C:\Users\pcuser\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.davebestdeals.com_0.localstorage deleted successfully
C:\Users\pcuser\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.davebestdeals.com_0.localstorage-journal deleted successfully
C:\Users\pcuser\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://asus13.msn.com/?pc=ASJB"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://asus13.msn.com/?pc=ASJB"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... TR&pc=ASJB
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... TR&pc=ASJB
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IESR02

==== Reset Google Chrome ======================

C:\Users\pcuser\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\pcuser\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\pcuser\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\pcuser\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\pcuser\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\pcuser\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\pcuser\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\pcuser\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\pcuser\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=145 folders=106 190334361 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\pcuser\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on Mon 09.01.2017 at 21:38:39,17 ======================


Operating System: Windows 10 Home x64
Ran by pcuser (Administrator) on Mon 09.01.2017 at 21:39:10,77
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0




Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 09.01.2017 at 21:41:09,30
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Re: adware

Napsal: 09 led 2017 22:06
od Rudy
Tak to jsem rád. :)

Re: adware

Napsal: 09 led 2017 22:08
od M142
moc krat diky za pomoc :thumbsup:

Re: adware

Napsal: 09 led 2017 22:11
od Rudy
Rádo se stalo! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz