Dobrý den
Vyskakují nebo se mění stránky pro opravu win občas přesměruje na stránku s virem který zahlásí avast.Prosím o pomoc.Jinak běh pc se zdá normál.Jen se mi vypli aktualizace win a přenastavil
program se zvukem ale nevím jestli to zpusobil daný problém nebo nějaký program.Už je mám zaplé asi 3tí den a zatim v pohodě
Zde je log FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
Ran by oem (administrator) on ON-PC (26-03-2017 12:32:25)
Running from C:\Users\oem\Desktop
Loaded Profiles: oem (Available Profiles: oem)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IObit) D:\Advanced SystemCare\ASCService.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(IObit) D:\IObit Uninstaller\UninstallMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8900104 2016-11-01] (Realtek Semiconductor)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-08] (AVAST Software)
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\MountPoints2: K - K:\Autorun.exe
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\MountPoints2: {51a3fe8d-2de9-11e5-8358-d8cb8a3b9613} - M:\Setup.exe
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\MountPoints2: {7e6e05b0-2355-11e5-99b3-d8cb8a3b9613} - F:\setup.exe
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\MountPoints2: {8e5fef6a-2d30-11e5-8f1d-d8cb8a3b9613} - L:\setup_papers_please_2.0.0.4.exe
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\MountPoints2: {999c3ff8-431b-11e5-ae91-d8cb8a3b9613} - N:\setup.exe
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-08] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-08] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 176.102.147.2 176.102.144.2 176.102.128.2
Tcpip\..\Interfaces\{E8A0DE12-4648-402A-85E6-8C898C8B5526}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{E8A0DE12-4648-402A-85E6-8C898C8B5526}: [DhcpNameServer] 176.102.147.2 176.102.144.2 176.102.128.2
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKLM -> DefaultScope {E49074B5-EFA0-4538-ADFA-CCC7450A774A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {E49074B5-EFA0-4538-ADFA-CCC7450A774A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {E49074B5-EFA0-4538-ADFA-CCC7450A774A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {E49074B5-EFA0-4538-ADFA-CCC7450A774A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-851051715-1971755352-4237513697-1000 -> {CE45F0D2-A2AD-420A-A605-0490B77619D5} URL =
SearchScopes: HKU\S-1-5-21-851051715-1971755352-4237513697-1000 -> {E49074B5-EFA0-4538-ADFA-CCC7450A774A} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> D:\IObit Uninstaller\UninstallExplorer.dll [2016-05-23] (IObit)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-03-08] (AVAST Software)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-03-08] (AVAST Software)
BHO-x32: IObit Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> D:\Advanced SystemCare\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2016-08-03] (IObit)
BHO-x32: IObit Ads Removal -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> D:\Advanced SystemCare\Surfing Protection\Adblock\Adblock.dll [2016-06-23] (IObit)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2017-02-06]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2017-02-06]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-05-14] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-05-14] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll [2009-06-23] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default [2017-03-26]
CHR Extension: (Web Viewer Plus) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\gohkpobccnmkfgdakigahjikgbiklbgo [2017-02-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Chrome Media Router) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-11]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdvancedSystemCareService10; D:\Advanced SystemCare\ASCService.exe [462624 2016-12-12] (IObit)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7147320 2017-03-08] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-08] (AVAST Software)
S3 Disc Soft Lite Bus Service; D:\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-06-22] (Disc Soft Ltd)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344168 2016-01-23] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
S2 IObitUnSvr; D:\IObit Uninstaller\IUService.exe [360736 2016-10-28] (IObit)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-05-14] (Intel Corporation)
S4 MBAMScheduler; D:\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; D:\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation)
S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation)
S3 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [309272 2017-03-08] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [189768 2017-03-08] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334600 2017-03-08] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [48528 2017-03-08] (AVAST Software s.r.o.)
S3 aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [82936 2017-02-06] (AVAST Software)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-03-08] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [32088 2017-03-08] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [126600 2017-03-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [100640 2017-03-08] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-03-08] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [993608 2017-03-08] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [548928 2017-03-21] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162528 2017-03-08] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [337592 2017-03-14] (AVAST Software)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-08-06] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-08-06] (Disc Soft Ltd)
R3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [190360 2017-03-04] (GenesysLogic)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-08-15] (REALiX(tm))
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [31712 2016-06-12] (Intel Corporation)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [44744 2016-01-26] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [199736 2017-01-08] (Intel Corporation)
R2 NPF; C:\Windows\SysWOW64\drivers\npf64.sys [36600 2015-12-16] (Riverbed Technology, Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation)
S3 NVSWCFilter; C:\Windows\system32\drivers\nvswcfilter.sys [19616 2014-09-06] (Windows (R) Win 7 DDK provider)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46016 2016-12-04] (NVIDIA Corporation)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
S3 GPCIDrv; \??\C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [X]
S3 MSICDSetup; \??\E:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-26 12:32 - 2017-03-26 12:32 - 00014850 _____ C:\Users\oem\Desktop\FRST.txt
2017-03-26 12:26 - 2017-03-26 12:32 - 00000000 ____D C:\FRST
2017-03-26 12:26 - 2017-03-26 12:26 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-03-19 11:17 - 2017-03-19 11:17 - 00000973 _____ C:\Users\oem\Desktop\The Sims 2.lnk
2017-03-19 11:17 - 2017-03-19 11:17 - 00000000 ____D C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Sims 2
2017-03-19 11:17 - 2011-07-28 13:26 - 00000000 ____D C:\Users\oem\Documents\EA Games
2017-03-18 19:42 - 2017-03-18 19:42 - 00000000 ____D C:\Users\Public\Documents\EA Games
2017-03-18 19:41 - 2017-03-19 11:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 2
2017-03-15 23:38 - 2017-02-23 01:42 - 00084712 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-03-15 23:38 - 2017-02-23 01:37 - 01285632 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-03-15 23:38 - 2017-02-18 16:05 - 01609216 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-03-15 23:38 - 2017-02-18 16:05 - 00646656 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-03-15 23:38 - 2016-12-31 17:36 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-03-15 23:38 - 2016-12-31 17:36 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-03-15 23:38 - 2016-12-31 17:36 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-03-15 23:38 - 2016-12-31 17:36 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-03-15 23:38 - 2016-12-31 17:36 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-03-12 19:10 - 2017-03-12 19:10 - 00000000 ____D C:\Users\oem\.QtWebEngineProcess
2017-03-12 19:10 - 2017-03-12 19:10 - 00000000 ____D C:\Users\oem\.Origin
2017-03-12 18:29 - 2017-03-12 19:39 - 00000000 ____D C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2017-03-12 18:21 - 2004-08-18 10:34 - 00442368 ____R (On2.com) C:\Windows\SysWOW64\vp6vfw.dll
2017-03-12 18:20 - 2017-03-12 18:20 - 00000000 ____D C:\Users\oem\AppData\Roaming\Macromedia
2017-03-11 15:07 - 2017-03-11 15:07 - 00000000 ____D C:\Users\oem\Documents\CPY_SAVES
2017-03-11 14:44 - 2017-03-11 14:44 - 00000664 _____ C:\Users\oem\Desktop\No Mans Sky.lnk
2017-03-08 23:11 - 2017-03-26 12:26 - 02424832 _____ (Farbar) C:\Users\oem\Desktop\FRST64.exe
2017-03-08 19:22 - 2017-03-08 19:22 - 00398408 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-03-08 19:22 - 2017-03-08 19:22 - 00334600 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-03-08 19:22 - 2017-03-08 19:22 - 00309272 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-03-08 19:22 - 2017-03-08 19:22 - 00189768 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-03-08 19:22 - 2017-03-08 19:22 - 00048528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-03-08 19:22 - 2017-03-08 19:22 - 00003914 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-03-04 14:14 - 2017-03-04 14:14 - 00217528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2017-03-04 14:14 - 2017-03-04 14:14 - 00047664 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 40192056 _____ C:\Windows\system32\nvcompiler.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 35272760 _____ C:\Windows\SysWOW64\nvcompiler.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 34937280 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 28212280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 19110088 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 19006832 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 16510160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 16398896 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 14674896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 14373824 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2017-03-04 14:01 - 2017-03-04 14:01 - 13377072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 11122912 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 11019704 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 09305984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 08990072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 04064088 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 03627064 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 03583560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 03187256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 01983424 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437866.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 01589696 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437866.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 01051584 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00989120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00961080 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00912440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00687224 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00611384 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00576192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00504104 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00500792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00492744 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00425288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00408272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00170360 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00153184 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00131720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2017-03-04 14:01 - 2017-03-04 14:01 - 00000669 _____ C:\Windows\system32\nv-vk64.json
2017-03-04 13:45 - 2017-03-04 13:45 - 05637816 _____ (Genesys) C:\Windows\system32\GeneIcon.dll
2017-03-04 13:45 - 2017-03-04 13:45 - 01731832 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2017-03-04 13:45 - 2017-03-04 13:45 - 00190360 _____ (GenesysLogic) C:\Windows\system32\Drivers\GeneStor.sys
2017-03-04 13:45 - 2017-03-04 13:45 - 00169752 _____ (Genesys Logic) C:\Windows\system32\GSCoinst.dll
2017-03-04 13:45 - 2017-03-04 13:45 - 00064088 _____ () C:\Windows\SysWOW64\UMonit64.exe
2017-03-04 13:45 - 2017-03-04 13:45 - 00000000 ____D C:\Windows\SysWOW64\sda
2017-03-04 13:45 - 2017-03-04 13:45 - 00000000 ____D C:\Program Files (x86)\Genesyslogic
2017-02-24 21:30 - 2017-03-04 19:04 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-02-24 21:30 - 2017-02-24 21:30 - 00000640 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2017-02-24 21:30 - 2016-03-10 15:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2017-02-24 21:30 - 2016-03-10 15:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-02-24 21:30 - 2016-03-10 15:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-02-24 21:26 - 2017-02-24 21:26 - 05545472 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2017-02-24 21:26 - 2017-02-24 21:26 - 03503048 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\SET5780.tmp
2017-02-24 21:26 - 2017-02-24 21:26 - 03302272 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 03203584 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 03203424 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\SET53E2.tmp
2017-02-24 21:26 - 2017-02-24 21:26 - 02201600 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 02050176 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 01979664 _____ (Creative Technology Ltd.) C:\Windows\system32\SET59C6.tmp
2017-02-24 21:26 - 2017-02-24 21:26 - 01746192 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO232.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 01353824 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00689880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00532376 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00410032 _____ (Creative Technology Ltd.) C:\Windows\system32\SET59D6.tmp
2017-02-24 21:26 - 2017-02-24 21:26 - 00387312 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00343704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00330560 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00321712 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00321712 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00221968 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00214832 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00209536 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00192976 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\SET5D16.tmp
2017-02-24 21:26 - 2017-02-24 21:26 - 00166200 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00122320 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00110984 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00088344 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00041088 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\MBfilt64.sys
2017-02-24 21:26 - 2017-02-24 21:26 - 00023688 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\SET6396.tmp
2017-02-24 21:25 - 2017-02-24 21:25 - 09124224 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2017-02-24 21:25 - 2017-02-24 21:25 - 03014144 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2017-02-24 21:25 - 2017-02-24 21:25 - 00574752 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2017-02-24 21:25 - 2017-02-24 21:25 - 00118592 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2017-02-24 21:20 - 2017-02-24 21:20 - 01044992 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2017-02-24 21:20 - 2017-02-24 21:20 - 00082536 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-26 12:31 - 2016-01-08 20:48 - 00000000 ____D C:\Users\oem\AppData\Local\CrashDumps
2017-03-26 12:31 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2017-03-26 11:01 - 2009-07-14 06:45 - 00021600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-26 11:01 - 2009-07-14 06:45 - 00021600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-26 10:56 - 2015-08-15 14:56 - 00002824 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (oem)
2017-03-26 10:56 - 2010-11-21 11:27 - 00681342 _____ C:\Windows\system32\perfh005.dat
2017-03-26 10:56 - 2010-11-21 11:27 - 00145820 _____ C:\Windows\system32\perfc005.dat
2017-03-26 10:56 - 2009-07-14 07:13 - 01610564 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-26 10:51 - 2015-08-07 19:47 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-03-26 10:51 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-26 02:21 - 2016-10-18 22:30 - 00000958 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2017-03-25 21:01 - 2016-12-05 16:30 - 00000862 _____ C:\Users\Public\Desktop\Advanced SystemCare 10.lnk
2017-03-25 20:23 - 2015-08-07 17:38 - 00000000 ____D C:\Users\oem\AppData\Local\GetNZB
2017-03-25 16:51 - 2015-08-07 19:45 - 00000000 ____D C:\Users\oem\Documents\Electronic Arts
2017-03-25 16:51 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-03-23 16:34 - 2016-01-07 16:27 - 00264808 _____ C:\Windows\system32\FNTCACHE.DAT
2017-03-23 16:33 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\DVD Maker
2017-03-23 16:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2017-03-23 16:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Dism
2017-03-23 16:31 - 2016-02-15 16:30 - 82030592 _____ C:\Windows\system32\config\software.iodefrag.bak
2017-03-23 16:31 - 2016-02-15 16:30 - 00245760 _____ C:\Windows\system32\config\default.iodefrag.bak
2017-03-23 16:31 - 2016-02-15 16:30 - 00024576 _____ C:\Windows\system32\config\security.iodefrag.bak
2017-03-23 16:31 - 2016-02-15 16:30 - 00024576 _____ C:\Windows\system32\config\sam.iodefrag.bak
2017-03-22 16:35 - 2015-08-15 14:56 - 00000000 ____D C:\ProgramData\ProductData
2017-03-21 21:15 - 2016-07-11 20:11 - 00000000 ____D C:\ProgramData\Ubisoft
2017-03-21 21:15 - 2015-03-19 12:06 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-03-21 20:18 - 2017-02-06 16:48 - 00548928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2017-03-21 20:14 - 2015-07-12 02:55 - 00000000 ____D C:\Users\oem\AppData\Local\ElevatedDiagnostics
2017-03-21 20:14 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2017-03-18 21:07 - 2015-07-31 20:00 - 00000000 ____D C:\Users\oem\AppData\Local\Deployment
2017-03-18 16:35 - 2016-01-06 19:46 - 00000000 ____D C:\Program Files (x86)\DLL Suite
2017-03-16 16:34 - 2015-07-06 12:19 - 00000000 ___SD C:\Windows\system32\CompatTel
2017-03-16 16:34 - 2015-07-06 12:19 - 00000000 ____D C:\Windows\system32\appraiser
2017-03-16 00:05 - 2015-07-10 22:51 - 00000000 ____D C:\Windows\system32\MRT
2017-03-16 00:04 - 2015-07-10 22:51 - 138634176 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-03-15 16:39 - 2015-07-05 15:14 - 00000000 ____D C:\ProgramData\AVAST Software
2017-03-14 16:37 - 2017-02-06 16:48 - 00337592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2017-03-14 16:32 - 2015-07-05 21:16 - 00000000 ____D C:\Users\oem\AppData\Roaming\DAEMON Tools Lite
2017-03-12 19:10 - 2015-03-19 11:30 - 00000000 ____D C:\Users\oem
2017-03-12 09:29 - 2016-02-15 16:30 - 48443392 _____ C:\Windows\system32\config\components.iodefrag.bak
2017-03-11 12:19 - 2015-07-16 19:35 - 00000000 ____D C:\Users\oem\Documents\My Games
2017-03-10 16:38 - 2017-02-06 16:49 - 00003886 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1486392599
2017-03-08 19:22 - 2017-02-06 16:49 - 00032088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-03-08 19:22 - 2017-02-06 16:48 - 00993608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-03-08 19:22 - 2017-02-06 16:48 - 00162528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-03-08 19:22 - 2017-02-06 16:48 - 00126600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-03-08 19:22 - 2017-02-06 16:48 - 00100640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-03-08 19:22 - 2017-02-06 16:48 - 00075704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-03-08 19:22 - 2017-02-06 16:48 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-03-07 20:03 - 2009-07-14 07:08 - 00032536 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-03-05 10:13 - 2015-07-04 14:13 - 00000000 ____D C:\Program Files (x86)\Google
2017-03-05 09:38 - 2015-10-25 21:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2017-03-04 14:14 - 2017-02-14 19:46 - 00000840 _____ C:\Users\Public\Desktop\Driver Booster 4.lnk
2017-03-04 14:14 - 2016-11-01 22:52 - 01600056 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2017-03-04 14:02 - 2015-07-31 20:40 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-03-04 14:01 - 2015-02-20 01:18 - 00042606 _____ C:\Windows\system32\nvinfo.pb
2017-02-25 11:06 - 2016-12-15 17:06 - 00003102 _____ C:\Windows\System32\Tasks\SmartDefrag_AutoAnalyze
2017-02-25 11:06 - 2016-12-15 17:06 - 00002948 _____ C:\Windows\System32\Tasks\SmartDefrag_Update
2017-02-25 11:06 - 2016-10-09 08:54 - 00000590 _____ C:\Users\Public\Desktop\Smart Defrag 5.lnk
2017-02-25 11:06 - 2016-06-06 22:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag
2017-02-24 21:35 - 2016-01-06 20:16 - 00000000 ____D C:\ProgramData\Ashampoo
2017-02-24 21:26 - 2015-03-19 12:08 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2017-02-24 21:20 - 2015-03-19 12:06 - 00116288 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
==================== Files in the root of some directories =======
2015-08-15 11:48 - 2014-05-24 21:09 - 0603763 ___SH () C:\Users\oem\AppData\Roaming\libcurl-4.dll
2015-08-15 11:48 - 2014-05-26 20:16 - 0626176 ___SH (The cURL library, http://curl.haxx.se/) C:\Users\oem\AppData\Roaming\libcurl.dll
2015-08-15 11:48 - 2014-05-26 20:16 - 1704448 ___SH (The OpenSSL Project, http://www.openssl.org/) C:\Users\oem\AppData\Roaming\libeay32.dll
2015-08-15 11:48 - 2014-05-26 20:16 - 0112142 ___SH () C:\Users\oem\AppData\Roaming\libgcc_s_dw2-1.dll
2015-08-15 11:48 - 2014-05-26 20:16 - 0279955 ___SH () C:\Users\oem\AppData\Roaming\libidn-11.dll
2015-08-15 11:48 - 2014-05-26 20:16 - 0148760 ___SH () C:\Users\oem\AppData\Roaming\libpdcurses.dll
2015-08-15 11:48 - 2014-05-04 11:16 - 0207360 ___SH (CodePlex Community) C:\Users\oem\AppData\Roaming\Microsoft.Win32.TaskScheduler.dll
2015-08-15 11:48 - 2013-08-11 15:41 - 0044032 ___SH (NirSoft) C:\Users\oem\AppData\Roaming\nircmd.exe
2015-04-19 14:20 - 2015-10-12 20:16 - 0000626 _____ () C:\Users\oem\AppData\Roaming\OsasGC28BU3BMhsM3C1RV
2015-08-15 11:48 - 2014-05-24 21:09 - 0042496 ___SH (Open Source Software community project) C:\Users\oem\AppData\Roaming\pthreadGC2-w64.dll
2015-08-15 11:48 - 2014-05-26 20:16 - 0119704 ___SH (Open Source Software community LGPL) C:\Users\oem\AppData\Roaming\pthreadGC2.dll
2015-08-15 11:48 - 2014-05-26 20:16 - 0364544 ___SH (The OpenSSL Project, http://www.openssl.org/) C:\Users\oem\AppData\Roaming\ssleay32.dll
2015-08-15 11:48 - 2014-05-26 20:16 - 0113166 ___SH () C:\Users\oem\AppData\Roaming\zlib1.dll
2015-12-20 16:13 - 2015-12-20 16:13 - 0003072 _____ () C:\Users\oem\AppData\Local\file__0.localstorage
2015-10-03 14:18 - 2015-10-03 14:18 - 0000000 ___SH () C:\Users\oem\AppData\Local\LumaEmu
2015-08-02 16:18 - 2016-07-17 21:07 - 0007599 _____ () C:\Users\oem\AppData\Local\resmon.resmoncfg
2015-03-19 12:08 - 2015-03-19 12:08 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-03-24 18:06
==================== End of FRST.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
pop-up v chromu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119665
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: pop-up v chromu
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: pop-up v chromu
Děkuji za pomoc
Zde je log
# AdwCleaner v6.044 - Log vytvořen 26/03/2017 v 15:33:59
# Aktualizováno dne 28/02/2017 z Malwarebytes
# Databáze : 2017-03-23.2 [Server]
# Operační systém : Windows 7 Home Premium Service Pack 1 (X64)
# Uživatelské jméno : oem - ON-PC
# Spuštěno z : C:\Users\oem\Desktop\adwcleaner_6.044.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
***** [ Složky ] *****
[-] Složka smazána: C:\Users\oem\AppData\LocalLow\IObit\Advanced SystemCare
[-] Složka smazána: C:\Users\oem\AppData\Roaming\IObit\Advanced SystemCare
[-] Složka smazána: C:\ProgramData\IObit\ASCDownloader
[-] Složka smazána: C:\ProgramData\IObit\Advanced SystemCare
[#] Složka smazána po restartu: C:\ProgramData\Application Data\IObit\ASCDownloader
[#] Složka smazána po restartu: C:\ProgramData\Application Data\IObit\Advanced SystemCare
[-] Složka smazána: C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
[-] Složka smazána: C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
***** [ Soubory ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
[-] Klíč smazán: HKLM\SOFTWARE\Classes\ASCExtMenu.CExtMenu
[-] Klíč smazán: HKLM\SOFTWARE\Classes\ASCExtMenu.CExtMenu.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\ASCExtMenu.CExtMenu
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\ASCExtMenu.CExtMenu.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Klíč smazán: HKLM\SOFTWARE\IOBIT\ASC
[-] Klíč smazán: HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
[-] Klíč smazán: HKLM\SOFTWARE\CLASSES\DRIVE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
[-] Klíč smazán: HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [2309 Bajty] - [26/03/2017 15:33:59]
C:\AdwCleaner\AdwCleaner[S0].txt - [2666 Bajty] - [26/03/2017 15:32:51]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2455 Bajty] ##########
Zde je log
# AdwCleaner v6.044 - Log vytvořen 26/03/2017 v 15:33:59
# Aktualizováno dne 28/02/2017 z Malwarebytes
# Databáze : 2017-03-23.2 [Server]
# Operační systém : Windows 7 Home Premium Service Pack 1 (X64)
# Uživatelské jméno : oem - ON-PC
# Spuštěno z : C:\Users\oem\Desktop\adwcleaner_6.044.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
***** [ Složky ] *****
[-] Složka smazána: C:\Users\oem\AppData\LocalLow\IObit\Advanced SystemCare
[-] Složka smazána: C:\Users\oem\AppData\Roaming\IObit\Advanced SystemCare
[-] Složka smazána: C:\ProgramData\IObit\ASCDownloader
[-] Složka smazána: C:\ProgramData\IObit\Advanced SystemCare
[#] Složka smazána po restartu: C:\ProgramData\Application Data\IObit\ASCDownloader
[#] Složka smazána po restartu: C:\ProgramData\Application Data\IObit\Advanced SystemCare
[-] Složka smazána: C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
[-] Složka smazána: C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
***** [ Soubory ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
[-] Klíč smazán: HKLM\SOFTWARE\Classes\ASCExtMenu.CExtMenu
[-] Klíč smazán: HKLM\SOFTWARE\Classes\ASCExtMenu.CExtMenu.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\ASCExtMenu.CExtMenu
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\ASCExtMenu.CExtMenu.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Klíč smazán: HKLM\SOFTWARE\IOBIT\ASC
[-] Klíč smazán: HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
[-] Klíč smazán: HKLM\SOFTWARE\CLASSES\DRIVE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
[-] Klíč smazán: HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [2309 Bajty] - [26/03/2017 15:33:59]
C:\AdwCleaner\AdwCleaner[S0].txt - [2666 Bajty] - [26/03/2017 15:32:51]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2455 Bajty] ##########
-
Rudy
- Site Admin
- Příspěvky: 119665
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: pop-up v chromu
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: pop-up v chromu
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
Ran by oem (administrator) on ON-PC (26-03-2017 18:41:55)
Running from C:\Users\oem\Desktop
Loaded Profiles: oem (Available Profiles: oem)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IObit) D:\Advanced SystemCare\ASCService.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(IObit) D:\IObit Uninstaller\UninstallMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8900104 2016-11-01] (Realtek Semiconductor)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-08] (AVAST Software)
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\MountPoints2: K - K:\Autorun.exe
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\MountPoints2: {51a3fe8d-2de9-11e5-8358-d8cb8a3b9613} - M:\Setup.exe
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\MountPoints2: {7e6e05b0-2355-11e5-99b3-d8cb8a3b9613} - F:\setup.exe
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\MountPoints2: {8e5fef6a-2d30-11e5-8f1d-d8cb8a3b9613} - L:\setup_papers_please_2.0.0.4.exe
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\MountPoints2: {999c3ff8-431b-11e5-ae91-d8cb8a3b9613} - N:\setup.exe
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-08] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-08] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 176.102.147.2 176.102.144.2 176.102.128.2
Tcpip\..\Interfaces\{E8A0DE12-4648-402A-85E6-8C898C8B5526}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{E8A0DE12-4648-402A-85E6-8C898C8B5526}: [DhcpNameServer] 176.102.147.2 176.102.144.2 176.102.128.2
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKLM -> DefaultScope {E49074B5-EFA0-4538-ADFA-CCC7450A774A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {E49074B5-EFA0-4538-ADFA-CCC7450A774A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {E49074B5-EFA0-4538-ADFA-CCC7450A774A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {E49074B5-EFA0-4538-ADFA-CCC7450A774A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-851051715-1971755352-4237513697-1000 -> {CE45F0D2-A2AD-420A-A605-0490B77619D5} URL =
SearchScopes: HKU\S-1-5-21-851051715-1971755352-4237513697-1000 -> {E49074B5-EFA0-4538-ADFA-CCC7450A774A} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> D:\IObit Uninstaller\UninstallExplorer.dll [2016-05-23] (IObit)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-03-08] (AVAST Software)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-03-08] (AVAST Software)
BHO-x32: IObit Ads Removal -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> D:\Advanced SystemCare\Surfing Protection\Adblock\Adblock.dll [2016-06-23] (IObit)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2017-02-06]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2017-02-06]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-05-14] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-05-14] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll [2009-06-23] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default [2017-03-26]
CHR Extension: (Web Viewer Plus) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\gohkpobccnmkfgdakigahjikgbiklbgo [2017-02-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Chrome Media Router) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-11]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdvancedSystemCareService10; D:\Advanced SystemCare\ASCService.exe [462624 2016-12-12] (IObit)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7147320 2017-03-08] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-08] (AVAST Software)
S3 Disc Soft Lite Bus Service; D:\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-06-22] (Disc Soft Ltd)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344168 2016-01-23] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
S2 IObitUnSvr; D:\IObit Uninstaller\IUService.exe [360736 2016-10-28] (IObit)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-05-14] (Intel Corporation)
S4 MBAMScheduler; D:\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; D:\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation)
S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation)
S3 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [309272 2017-03-08] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [189768 2017-03-08] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334600 2017-03-08] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [48528 2017-03-08] (AVAST Software s.r.o.)
S3 aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [82936 2017-02-06] (AVAST Software)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-03-08] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [32088 2017-03-08] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [126600 2017-03-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [100640 2017-03-08] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-03-08] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [993608 2017-03-08] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [548928 2017-03-21] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162528 2017-03-08] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [337592 2017-03-14] (AVAST Software)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-08-06] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-08-06] (Disc Soft Ltd)
R3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [190360 2017-03-04] (GenesysLogic)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-08-15] (REALiX(tm))
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [31712 2016-06-12] (Intel Corporation)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [44744 2016-01-26] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [199736 2017-01-08] (Intel Corporation)
R2 NPF; C:\Windows\SysWOW64\drivers\npf64.sys [36600 2015-12-16] (Riverbed Technology, Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation)
S3 NVSWCFilter; C:\Windows\system32\drivers\nvswcfilter.sys [19616 2014-09-06] (Windows (R) Win 7 DDK provider)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46016 2016-12-04] (NVIDIA Corporation)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
S3 GPCIDrv; \??\C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [X]
S3 MSICDSetup; \??\E:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-26 18:41 - 2017-03-26 18:42 - 00014218 _____ C:\Users\oem\Desktop\FRST.txt
2017-03-26 15:32 - 2017-03-26 15:33 - 00000000 ____D C:\AdwCleaner
2017-03-26 12:26 - 2017-03-26 18:41 - 00000000 ____D C:\FRST
2017-03-19 11:17 - 2017-03-19 11:17 - 00000000 ____D C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Sims 2
2017-03-19 11:17 - 2011-07-28 13:26 - 00000000 ____D C:\Users\oem\Documents\EA Games
2017-03-18 19:42 - 2017-03-18 19:42 - 00000000 ____D C:\Users\Public\Documents\EA Games
2017-03-18 19:41 - 2017-03-19 11:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 2
2017-03-15 23:38 - 2017-02-23 01:42 - 00084712 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-03-15 23:38 - 2017-02-23 01:37 - 01285632 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-03-15 23:38 - 2017-02-18 16:05 - 01609216 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-03-15 23:38 - 2017-02-18 16:05 - 00646656 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-03-15 23:38 - 2016-12-31 17:36 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-03-15 23:38 - 2016-12-31 17:36 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-03-15 23:38 - 2016-12-31 17:36 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-03-15 23:38 - 2016-12-31 17:36 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-03-15 23:38 - 2016-12-31 17:36 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-03-12 19:10 - 2017-03-12 19:10 - 00000000 ____D C:\Users\oem\.QtWebEngineProcess
2017-03-12 19:10 - 2017-03-12 19:10 - 00000000 ____D C:\Users\oem\.Origin
2017-03-12 18:29 - 2017-03-12 19:39 - 00000000 ____D C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2017-03-12 18:21 - 2004-08-18 10:34 - 00442368 ____R (On2.com) C:\Windows\SysWOW64\vp6vfw.dll
2017-03-12 18:20 - 2017-03-12 18:20 - 00000000 ____D C:\Users\oem\AppData\Roaming\Macromedia
2017-03-11 15:07 - 2017-03-11 15:07 - 00000000 ____D C:\Users\oem\Documents\CPY_SAVES
2017-03-11 14:44 - 2017-03-11 14:44 - 00000664 _____ C:\Users\oem\Desktop\No Mans Sky.lnk
2017-03-08 23:11 - 2017-03-26 12:26 - 02424832 _____ (Farbar) C:\Users\oem\Desktop\FRST64.exe
2017-03-08 19:22 - 2017-03-08 19:22 - 00398408 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-03-08 19:22 - 2017-03-08 19:22 - 00334600 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-03-08 19:22 - 2017-03-08 19:22 - 00309272 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-03-08 19:22 - 2017-03-08 19:22 - 00189768 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-03-08 19:22 - 2017-03-08 19:22 - 00048528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-03-08 19:22 - 2017-03-08 19:22 - 00003914 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-03-04 14:14 - 2017-03-04 14:14 - 00217528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2017-03-04 14:14 - 2017-03-04 14:14 - 00047664 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 40192056 _____ C:\Windows\system32\nvcompiler.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 35272760 _____ C:\Windows\SysWOW64\nvcompiler.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 34937280 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 28212280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 19110088 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 19006832 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 16510160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 16398896 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 14674896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 14373824 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2017-03-04 14:01 - 2017-03-04 14:01 - 13377072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 11122912 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 11019704 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 09305984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 08990072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 04064088 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 03627064 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 03583560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 03187256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 01983424 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437866.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 01589696 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437866.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 01051584 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00989120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00961080 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00912440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00687224 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00611384 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00576192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00504104 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00500792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00492744 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00425288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00408272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00170360 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00153184 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00131720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2017-03-04 14:01 - 2017-03-04 14:01 - 00000669 _____ C:\Windows\system32\nv-vk64.json
2017-03-04 13:45 - 2017-03-04 13:45 - 05637816 _____ (Genesys) C:\Windows\system32\GeneIcon.dll
2017-03-04 13:45 - 2017-03-04 13:45 - 01731832 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2017-03-04 13:45 - 2017-03-04 13:45 - 00190360 _____ (GenesysLogic) C:\Windows\system32\Drivers\GeneStor.sys
2017-03-04 13:45 - 2017-03-04 13:45 - 00169752 _____ (Genesys Logic) C:\Windows\system32\GSCoinst.dll
2017-03-04 13:45 - 2017-03-04 13:45 - 00064088 _____ () C:\Windows\SysWOW64\UMonit64.exe
2017-03-04 13:45 - 2017-03-04 13:45 - 00000000 ____D C:\Windows\SysWOW64\sda
2017-03-04 13:45 - 2017-03-04 13:45 - 00000000 ____D C:\Program Files (x86)\Genesyslogic
2017-02-24 21:30 - 2017-03-04 19:04 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-02-24 21:30 - 2017-02-24 21:30 - 00000640 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2017-02-24 21:30 - 2016-03-10 15:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2017-02-24 21:30 - 2016-03-10 15:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-02-24 21:30 - 2016-03-10 15:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-02-24 21:26 - 2017-02-24 21:26 - 05545472 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2017-02-24 21:26 - 2017-02-24 21:26 - 03503048 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\SET5780.tmp
2017-02-24 21:26 - 2017-02-24 21:26 - 03302272 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 03203584 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 03203424 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\SET53E2.tmp
2017-02-24 21:26 - 2017-02-24 21:26 - 02201600 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 02050176 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 01979664 _____ (Creative Technology Ltd.) C:\Windows\system32\SET59C6.tmp
2017-02-24 21:26 - 2017-02-24 21:26 - 01746192 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO232.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 01353824 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00689880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00532376 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00410032 _____ (Creative Technology Ltd.) C:\Windows\system32\SET59D6.tmp
2017-02-24 21:26 - 2017-02-24 21:26 - 00387312 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00343704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00330560 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00321712 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00321712 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00221968 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00214832 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00209536 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00192976 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\SET5D16.tmp
2017-02-24 21:26 - 2017-02-24 21:26 - 00166200 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00122320 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00110984 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00088344 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00041088 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\MBfilt64.sys
2017-02-24 21:26 - 2017-02-24 21:26 - 00023688 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\SET6396.tmp
2017-02-24 21:25 - 2017-02-24 21:25 - 09124224 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2017-02-24 21:25 - 2017-02-24 21:25 - 03014144 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2017-02-24 21:25 - 2017-02-24 21:25 - 00574752 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2017-02-24 21:25 - 2017-02-24 21:25 - 00118592 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2017-02-24 21:20 - 2017-02-24 21:20 - 01044992 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2017-02-24 21:20 - 2017-02-24 21:20 - 00082536 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-26 15:43 - 2009-07-14 06:45 - 00021600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-26 15:43 - 2009-07-14 06:45 - 00021600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-26 15:40 - 2015-08-15 14:56 - 00002824 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (oem)
2017-03-26 15:39 - 2010-11-21 11:27 - 00681342 _____ C:\Windows\system32\perfh005.dat
2017-03-26 15:39 - 2010-11-21 11:27 - 00145820 _____ C:\Windows\system32\perfc005.dat
2017-03-26 15:39 - 2009-07-14 07:13 - 01610564 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-26 15:39 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2017-03-26 15:35 - 2015-08-15 14:56 - 00000000 ____D C:\Users\oem\AppData\LocalLow\IObit
2017-03-26 15:35 - 2015-08-15 14:48 - 00000000 ____D C:\Users\oem\AppData\Roaming\IObit
2017-03-26 15:35 - 2015-08-15 14:48 - 00000000 ____D C:\ProgramData\IObit
2017-03-26 15:35 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-26 12:31 - 2016-01-08 20:48 - 00000000 ____D C:\Users\oem\AppData\Local\CrashDumps
2017-03-26 10:51 - 2015-08-07 19:47 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-03-26 02:21 - 2016-10-18 22:30 - 00000958 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2017-03-25 21:01 - 2016-12-05 16:30 - 00000862 _____ C:\Users\Public\Desktop\Advanced SystemCare 10.lnk
2017-03-25 20:23 - 2015-08-07 17:38 - 00000000 ____D C:\Users\oem\AppData\Local\GetNZB
2017-03-25 16:51 - 2015-08-07 19:45 - 00000000 ____D C:\Users\oem\Documents\Electronic Arts
2017-03-25 16:51 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-03-23 16:34 - 2016-01-07 16:27 - 00264808 _____ C:\Windows\system32\FNTCACHE.DAT
2017-03-23 16:33 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\DVD Maker
2017-03-23 16:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2017-03-23 16:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Dism
2017-03-23 16:31 - 2016-02-15 16:30 - 82030592 _____ C:\Windows\system32\config\software.iodefrag.bak
2017-03-23 16:31 - 2016-02-15 16:30 - 00245760 _____ C:\Windows\system32\config\default.iodefrag.bak
2017-03-23 16:31 - 2016-02-15 16:30 - 00024576 _____ C:\Windows\system32\config\security.iodefrag.bak
2017-03-23 16:31 - 2016-02-15 16:30 - 00024576 _____ C:\Windows\system32\config\sam.iodefrag.bak
2017-03-22 16:35 - 2015-08-15 14:56 - 00000000 ____D C:\ProgramData\ProductData
2017-03-21 21:15 - 2016-07-11 20:11 - 00000000 ____D C:\ProgramData\Ubisoft
2017-03-21 21:15 - 2015-03-19 12:06 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-03-21 20:18 - 2017-02-06 16:48 - 00548928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2017-03-21 20:14 - 2015-07-12 02:55 - 00000000 ____D C:\Users\oem\AppData\Local\ElevatedDiagnostics
2017-03-21 20:14 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2017-03-18 21:07 - 2015-07-31 20:00 - 00000000 ____D C:\Users\oem\AppData\Local\Deployment
2017-03-18 16:35 - 2016-01-06 19:46 - 00000000 ____D C:\Program Files (x86)\DLL Suite
2017-03-16 16:34 - 2015-07-06 12:19 - 00000000 ___SD C:\Windows\system32\CompatTel
2017-03-16 16:34 - 2015-07-06 12:19 - 00000000 ____D C:\Windows\system32\appraiser
2017-03-16 00:05 - 2015-07-10 22:51 - 00000000 ____D C:\Windows\system32\MRT
2017-03-16 00:04 - 2015-07-10 22:51 - 138634176 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-03-15 16:39 - 2015-07-05 15:14 - 00000000 ____D C:\ProgramData\AVAST Software
2017-03-14 16:37 - 2017-02-06 16:48 - 00337592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2017-03-14 16:32 - 2015-07-05 21:16 - 00000000 ____D C:\Users\oem\AppData\Roaming\DAEMON Tools Lite
2017-03-12 19:10 - 2015-03-19 11:30 - 00000000 ____D C:\Users\oem
2017-03-12 09:29 - 2016-02-15 16:30 - 48443392 _____ C:\Windows\system32\config\components.iodefrag.bak
2017-03-11 12:19 - 2015-07-16 19:35 - 00000000 ____D C:\Users\oem\Documents\My Games
2017-03-10 16:38 - 2017-02-06 16:49 - 00003886 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1486392599
2017-03-08 19:22 - 2017-02-06 16:49 - 00032088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-03-08 19:22 - 2017-02-06 16:48 - 00993608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-03-08 19:22 - 2017-02-06 16:48 - 00162528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-03-08 19:22 - 2017-02-06 16:48 - 00126600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-03-08 19:22 - 2017-02-06 16:48 - 00100640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-03-08 19:22 - 2017-02-06 16:48 - 00075704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-03-08 19:22 - 2017-02-06 16:48 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-03-07 20:03 - 2009-07-14 07:08 - 00032536 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-03-05 10:13 - 2015-07-04 14:13 - 00000000 ____D C:\Program Files (x86)\Google
2017-03-05 09:38 - 2015-10-25 21:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2017-03-04 14:14 - 2017-02-14 19:46 - 00000840 _____ C:\Users\Public\Desktop\Driver Booster 4.lnk
2017-03-04 14:14 - 2016-11-01 22:52 - 01600056 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2017-03-04 14:02 - 2015-07-31 20:40 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-03-04 14:01 - 2015-02-20 01:18 - 00042606 _____ C:\Windows\system32\nvinfo.pb
2017-02-25 11:06 - 2016-12-15 17:06 - 00003102 _____ C:\Windows\System32\Tasks\SmartDefrag_AutoAnalyze
2017-02-25 11:06 - 2016-12-15 17:06 - 00002948 _____ C:\Windows\System32\Tasks\SmartDefrag_Update
2017-02-25 11:06 - 2016-10-09 08:54 - 00000590 _____ C:\Users\Public\Desktop\Smart Defrag 5.lnk
2017-02-25 11:06 - 2016-06-06 22:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag
2017-02-24 21:35 - 2016-01-06 20:16 - 00000000 ____D C:\ProgramData\Ashampoo
2017-02-24 21:26 - 2015-03-19 12:08 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2017-02-24 21:20 - 2015-03-19 12:06 - 00116288 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
==================== Files in the root of some directories =======
2015-08-15 11:48 - 2014-05-24 21:09 - 0603763 ___SH () C:\Users\oem\AppData\Roaming\libcurl-4.dll
2015-08-15 11:48 - 2014-05-26 20:16 - 0626176 ___SH (The cURL library, http://curl.haxx.se/) C:\Users\oem\AppData\Roaming\libcurl.dll
2015-08-15 11:48 - 2014-05-26 20:16 - 1704448 ___SH (The OpenSSL Project, http://www.openssl.org/) C:\Users\oem\AppData\Roaming\libeay32.dll
2015-08-15 11:48 - 2014-05-26 20:16 - 0112142 ___SH () C:\Users\oem\AppData\Roaming\libgcc_s_dw2-1.dll
2015-08-15 11:48 - 2014-05-26 20:16 - 0279955 ___SH () C:\Users\oem\AppData\Roaming\libidn-11.dll
2015-08-15 11:48 - 2014-05-26 20:16 - 0148760 ___SH () C:\Users\oem\AppData\Roaming\libpdcurses.dll
2015-08-15 11:48 - 2014-05-04 11:16 - 0207360 ___SH (CodePlex Community) C:\Users\oem\AppData\Roaming\Microsoft.Win32.TaskScheduler.dll
2015-08-15 11:48 - 2013-08-11 15:41 - 0044032 ___SH (NirSoft) C:\Users\oem\AppData\Roaming\nircmd.exe
2015-04-19 14:20 - 2015-10-12 20:16 - 0000626 _____ () C:\Users\oem\AppData\Roaming\OsasGC28BU3BMhsM3C1RV
2015-08-15 11:48 - 2014-05-24 21:09 - 0042496 ___SH (Open Source Software community project) C:\Users\oem\AppData\Roaming\pthreadGC2-w64.dll
2015-08-15 11:48 - 2014-05-26 20:16 - 0119704 ___SH (Open Source Software community LGPL) C:\Users\oem\AppData\Roaming\pthreadGC2.dll
2015-08-15 11:48 - 2014-05-26 20:16 - 0364544 ___SH (The OpenSSL Project, http://www.openssl.org/) C:\Users\oem\AppData\Roaming\ssleay32.dll
2015-08-15 11:48 - 2014-05-26 20:16 - 0113166 ___SH () C:\Users\oem\AppData\Roaming\zlib1.dll
2015-12-20 16:13 - 2015-12-20 16:13 - 0003072 _____ () C:\Users\oem\AppData\Local\file__0.localstorage
2015-10-03 14:18 - 2015-10-03 14:18 - 0000000 ___SH () C:\Users\oem\AppData\Local\LumaEmu
2015-08-02 16:18 - 2016-07-17 21:07 - 0007599 _____ () C:\Users\oem\AppData\Local\resmon.resmoncfg
2015-03-19 12:08 - 2015-03-19 12:08 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-03-24 18:06
==================== End of FRST.txt ============================
Ran by oem (administrator) on ON-PC (26-03-2017 18:41:55)
Running from C:\Users\oem\Desktop
Loaded Profiles: oem (Available Profiles: oem)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IObit) D:\Advanced SystemCare\ASCService.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(IObit) D:\IObit Uninstaller\UninstallMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8900104 2016-11-01] (Realtek Semiconductor)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-08] (AVAST Software)
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\MountPoints2: K - K:\Autorun.exe
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\MountPoints2: {51a3fe8d-2de9-11e5-8358-d8cb8a3b9613} - M:\Setup.exe
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\MountPoints2: {7e6e05b0-2355-11e5-99b3-d8cb8a3b9613} - F:\setup.exe
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\MountPoints2: {8e5fef6a-2d30-11e5-8f1d-d8cb8a3b9613} - L:\setup_papers_please_2.0.0.4.exe
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\MountPoints2: {999c3ff8-431b-11e5-ae91-d8cb8a3b9613} - N:\setup.exe
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-08] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-08] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 176.102.147.2 176.102.144.2 176.102.128.2
Tcpip\..\Interfaces\{E8A0DE12-4648-402A-85E6-8C898C8B5526}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{E8A0DE12-4648-402A-85E6-8C898C8B5526}: [DhcpNameServer] 176.102.147.2 176.102.144.2 176.102.128.2
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKLM -> DefaultScope {E49074B5-EFA0-4538-ADFA-CCC7450A774A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {E49074B5-EFA0-4538-ADFA-CCC7450A774A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {E49074B5-EFA0-4538-ADFA-CCC7450A774A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {E49074B5-EFA0-4538-ADFA-CCC7450A774A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-851051715-1971755352-4237513697-1000 -> {CE45F0D2-A2AD-420A-A605-0490B77619D5} URL =
SearchScopes: HKU\S-1-5-21-851051715-1971755352-4237513697-1000 -> {E49074B5-EFA0-4538-ADFA-CCC7450A774A} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> D:\IObit Uninstaller\UninstallExplorer.dll [2016-05-23] (IObit)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-03-08] (AVAST Software)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-03-08] (AVAST Software)
BHO-x32: IObit Ads Removal -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> D:\Advanced SystemCare\Surfing Protection\Adblock\Adblock.dll [2016-06-23] (IObit)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2017-02-06]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2017-02-06]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-05-14] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-05-14] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll [2009-06-23] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default [2017-03-26]
CHR Extension: (Web Viewer Plus) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\gohkpobccnmkfgdakigahjikgbiklbgo [2017-02-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Chrome Media Router) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-11]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdvancedSystemCareService10; D:\Advanced SystemCare\ASCService.exe [462624 2016-12-12] (IObit)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7147320 2017-03-08] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-08] (AVAST Software)
S3 Disc Soft Lite Bus Service; D:\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-06-22] (Disc Soft Ltd)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344168 2016-01-23] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
S2 IObitUnSvr; D:\IObit Uninstaller\IUService.exe [360736 2016-10-28] (IObit)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-05-14] (Intel Corporation)
S4 MBAMScheduler; D:\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; D:\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation)
S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation)
S3 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [309272 2017-03-08] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [189768 2017-03-08] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334600 2017-03-08] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [48528 2017-03-08] (AVAST Software s.r.o.)
S3 aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [82936 2017-02-06] (AVAST Software)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-03-08] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [32088 2017-03-08] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [126600 2017-03-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [100640 2017-03-08] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-03-08] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [993608 2017-03-08] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [548928 2017-03-21] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162528 2017-03-08] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [337592 2017-03-14] (AVAST Software)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-08-06] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-08-06] (Disc Soft Ltd)
R3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [190360 2017-03-04] (GenesysLogic)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-08-15] (REALiX(tm))
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [31712 2016-06-12] (Intel Corporation)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [44744 2016-01-26] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [199736 2017-01-08] (Intel Corporation)
R2 NPF; C:\Windows\SysWOW64\drivers\npf64.sys [36600 2015-12-16] (Riverbed Technology, Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation)
S3 NVSWCFilter; C:\Windows\system32\drivers\nvswcfilter.sys [19616 2014-09-06] (Windows (R) Win 7 DDK provider)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46016 2016-12-04] (NVIDIA Corporation)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
S3 GPCIDrv; \??\C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [X]
S3 MSICDSetup; \??\E:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-26 18:41 - 2017-03-26 18:42 - 00014218 _____ C:\Users\oem\Desktop\FRST.txt
2017-03-26 15:32 - 2017-03-26 15:33 - 00000000 ____D C:\AdwCleaner
2017-03-26 12:26 - 2017-03-26 18:41 - 00000000 ____D C:\FRST
2017-03-19 11:17 - 2017-03-19 11:17 - 00000000 ____D C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Sims 2
2017-03-19 11:17 - 2011-07-28 13:26 - 00000000 ____D C:\Users\oem\Documents\EA Games
2017-03-18 19:42 - 2017-03-18 19:42 - 00000000 ____D C:\Users\Public\Documents\EA Games
2017-03-18 19:41 - 2017-03-19 11:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 2
2017-03-15 23:38 - 2017-02-23 01:42 - 00084712 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-03-15 23:38 - 2017-02-23 01:37 - 01285632 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-03-15 23:38 - 2017-02-18 16:05 - 01609216 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-03-15 23:38 - 2017-02-18 16:05 - 00646656 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-03-15 23:38 - 2016-12-31 17:36 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-03-15 23:38 - 2016-12-31 17:36 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-03-15 23:38 - 2016-12-31 17:36 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-03-15 23:38 - 2016-12-31 17:36 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-03-15 23:38 - 2016-12-31 17:36 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-03-12 19:10 - 2017-03-12 19:10 - 00000000 ____D C:\Users\oem\.QtWebEngineProcess
2017-03-12 19:10 - 2017-03-12 19:10 - 00000000 ____D C:\Users\oem\.Origin
2017-03-12 18:29 - 2017-03-12 19:39 - 00000000 ____D C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2017-03-12 18:21 - 2004-08-18 10:34 - 00442368 ____R (On2.com) C:\Windows\SysWOW64\vp6vfw.dll
2017-03-12 18:20 - 2017-03-12 18:20 - 00000000 ____D C:\Users\oem\AppData\Roaming\Macromedia
2017-03-11 15:07 - 2017-03-11 15:07 - 00000000 ____D C:\Users\oem\Documents\CPY_SAVES
2017-03-11 14:44 - 2017-03-11 14:44 - 00000664 _____ C:\Users\oem\Desktop\No Mans Sky.lnk
2017-03-08 23:11 - 2017-03-26 12:26 - 02424832 _____ (Farbar) C:\Users\oem\Desktop\FRST64.exe
2017-03-08 19:22 - 2017-03-08 19:22 - 00398408 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-03-08 19:22 - 2017-03-08 19:22 - 00334600 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-03-08 19:22 - 2017-03-08 19:22 - 00309272 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-03-08 19:22 - 2017-03-08 19:22 - 00189768 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-03-08 19:22 - 2017-03-08 19:22 - 00048528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-03-08 19:22 - 2017-03-08 19:22 - 00003914 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-03-04 14:14 - 2017-03-04 14:14 - 00217528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2017-03-04 14:14 - 2017-03-04 14:14 - 00047664 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 40192056 _____ C:\Windows\system32\nvcompiler.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 35272760 _____ C:\Windows\SysWOW64\nvcompiler.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 34937280 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 28212280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 19110088 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 19006832 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 16510160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 16398896 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 14674896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 14373824 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2017-03-04 14:01 - 2017-03-04 14:01 - 13377072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 11122912 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 11019704 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 09305984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 08990072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 04064088 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 03627064 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 03583560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 03187256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 01983424 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437866.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 01589696 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437866.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 01051584 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00989120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00961080 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00912440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00687224 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00611384 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00576192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00504104 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00500792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00492744 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00425288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00408272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00170360 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00153184 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00131720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2017-03-04 14:01 - 2017-03-04 14:01 - 00000669 _____ C:\Windows\system32\nv-vk64.json
2017-03-04 13:45 - 2017-03-04 13:45 - 05637816 _____ (Genesys) C:\Windows\system32\GeneIcon.dll
2017-03-04 13:45 - 2017-03-04 13:45 - 01731832 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2017-03-04 13:45 - 2017-03-04 13:45 - 00190360 _____ (GenesysLogic) C:\Windows\system32\Drivers\GeneStor.sys
2017-03-04 13:45 - 2017-03-04 13:45 - 00169752 _____ (Genesys Logic) C:\Windows\system32\GSCoinst.dll
2017-03-04 13:45 - 2017-03-04 13:45 - 00064088 _____ () C:\Windows\SysWOW64\UMonit64.exe
2017-03-04 13:45 - 2017-03-04 13:45 - 00000000 ____D C:\Windows\SysWOW64\sda
2017-03-04 13:45 - 2017-03-04 13:45 - 00000000 ____D C:\Program Files (x86)\Genesyslogic
2017-02-24 21:30 - 2017-03-04 19:04 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-02-24 21:30 - 2017-02-24 21:30 - 00000640 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2017-02-24 21:30 - 2016-03-10 15:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2017-02-24 21:30 - 2016-03-10 15:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-02-24 21:30 - 2016-03-10 15:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-02-24 21:26 - 2017-02-24 21:26 - 05545472 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2017-02-24 21:26 - 2017-02-24 21:26 - 03503048 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\SET5780.tmp
2017-02-24 21:26 - 2017-02-24 21:26 - 03302272 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 03203584 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 03203424 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\SET53E2.tmp
2017-02-24 21:26 - 2017-02-24 21:26 - 02201600 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 02050176 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 01979664 _____ (Creative Technology Ltd.) C:\Windows\system32\SET59C6.tmp
2017-02-24 21:26 - 2017-02-24 21:26 - 01746192 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO232.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 01353824 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00689880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00532376 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00410032 _____ (Creative Technology Ltd.) C:\Windows\system32\SET59D6.tmp
2017-02-24 21:26 - 2017-02-24 21:26 - 00387312 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00343704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00330560 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00321712 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00321712 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00221968 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00214832 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00209536 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00192976 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\SET5D16.tmp
2017-02-24 21:26 - 2017-02-24 21:26 - 00166200 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00122320 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00110984 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00088344 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00041088 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\MBfilt64.sys
2017-02-24 21:26 - 2017-02-24 21:26 - 00023688 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\SET6396.tmp
2017-02-24 21:25 - 2017-02-24 21:25 - 09124224 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2017-02-24 21:25 - 2017-02-24 21:25 - 03014144 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2017-02-24 21:25 - 2017-02-24 21:25 - 00574752 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2017-02-24 21:25 - 2017-02-24 21:25 - 00118592 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2017-02-24 21:20 - 2017-02-24 21:20 - 01044992 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2017-02-24 21:20 - 2017-02-24 21:20 - 00082536 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-26 15:43 - 2009-07-14 06:45 - 00021600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-26 15:43 - 2009-07-14 06:45 - 00021600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-26 15:40 - 2015-08-15 14:56 - 00002824 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (oem)
2017-03-26 15:39 - 2010-11-21 11:27 - 00681342 _____ C:\Windows\system32\perfh005.dat
2017-03-26 15:39 - 2010-11-21 11:27 - 00145820 _____ C:\Windows\system32\perfc005.dat
2017-03-26 15:39 - 2009-07-14 07:13 - 01610564 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-26 15:39 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2017-03-26 15:35 - 2015-08-15 14:56 - 00000000 ____D C:\Users\oem\AppData\LocalLow\IObit
2017-03-26 15:35 - 2015-08-15 14:48 - 00000000 ____D C:\Users\oem\AppData\Roaming\IObit
2017-03-26 15:35 - 2015-08-15 14:48 - 00000000 ____D C:\ProgramData\IObit
2017-03-26 15:35 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-26 12:31 - 2016-01-08 20:48 - 00000000 ____D C:\Users\oem\AppData\Local\CrashDumps
2017-03-26 10:51 - 2015-08-07 19:47 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-03-26 02:21 - 2016-10-18 22:30 - 00000958 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2017-03-25 21:01 - 2016-12-05 16:30 - 00000862 _____ C:\Users\Public\Desktop\Advanced SystemCare 10.lnk
2017-03-25 20:23 - 2015-08-07 17:38 - 00000000 ____D C:\Users\oem\AppData\Local\GetNZB
2017-03-25 16:51 - 2015-08-07 19:45 - 00000000 ____D C:\Users\oem\Documents\Electronic Arts
2017-03-25 16:51 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-03-23 16:34 - 2016-01-07 16:27 - 00264808 _____ C:\Windows\system32\FNTCACHE.DAT
2017-03-23 16:33 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\DVD Maker
2017-03-23 16:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2017-03-23 16:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Dism
2017-03-23 16:31 - 2016-02-15 16:30 - 82030592 _____ C:\Windows\system32\config\software.iodefrag.bak
2017-03-23 16:31 - 2016-02-15 16:30 - 00245760 _____ C:\Windows\system32\config\default.iodefrag.bak
2017-03-23 16:31 - 2016-02-15 16:30 - 00024576 _____ C:\Windows\system32\config\security.iodefrag.bak
2017-03-23 16:31 - 2016-02-15 16:30 - 00024576 _____ C:\Windows\system32\config\sam.iodefrag.bak
2017-03-22 16:35 - 2015-08-15 14:56 - 00000000 ____D C:\ProgramData\ProductData
2017-03-21 21:15 - 2016-07-11 20:11 - 00000000 ____D C:\ProgramData\Ubisoft
2017-03-21 21:15 - 2015-03-19 12:06 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-03-21 20:18 - 2017-02-06 16:48 - 00548928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2017-03-21 20:14 - 2015-07-12 02:55 - 00000000 ____D C:\Users\oem\AppData\Local\ElevatedDiagnostics
2017-03-21 20:14 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2017-03-18 21:07 - 2015-07-31 20:00 - 00000000 ____D C:\Users\oem\AppData\Local\Deployment
2017-03-18 16:35 - 2016-01-06 19:46 - 00000000 ____D C:\Program Files (x86)\DLL Suite
2017-03-16 16:34 - 2015-07-06 12:19 - 00000000 ___SD C:\Windows\system32\CompatTel
2017-03-16 16:34 - 2015-07-06 12:19 - 00000000 ____D C:\Windows\system32\appraiser
2017-03-16 00:05 - 2015-07-10 22:51 - 00000000 ____D C:\Windows\system32\MRT
2017-03-16 00:04 - 2015-07-10 22:51 - 138634176 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-03-15 16:39 - 2015-07-05 15:14 - 00000000 ____D C:\ProgramData\AVAST Software
2017-03-14 16:37 - 2017-02-06 16:48 - 00337592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2017-03-14 16:32 - 2015-07-05 21:16 - 00000000 ____D C:\Users\oem\AppData\Roaming\DAEMON Tools Lite
2017-03-12 19:10 - 2015-03-19 11:30 - 00000000 ____D C:\Users\oem
2017-03-12 09:29 - 2016-02-15 16:30 - 48443392 _____ C:\Windows\system32\config\components.iodefrag.bak
2017-03-11 12:19 - 2015-07-16 19:35 - 00000000 ____D C:\Users\oem\Documents\My Games
2017-03-10 16:38 - 2017-02-06 16:49 - 00003886 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1486392599
2017-03-08 19:22 - 2017-02-06 16:49 - 00032088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-03-08 19:22 - 2017-02-06 16:48 - 00993608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-03-08 19:22 - 2017-02-06 16:48 - 00162528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-03-08 19:22 - 2017-02-06 16:48 - 00126600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-03-08 19:22 - 2017-02-06 16:48 - 00100640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-03-08 19:22 - 2017-02-06 16:48 - 00075704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-03-08 19:22 - 2017-02-06 16:48 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-03-07 20:03 - 2009-07-14 07:08 - 00032536 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-03-05 10:13 - 2015-07-04 14:13 - 00000000 ____D C:\Program Files (x86)\Google
2017-03-05 09:38 - 2015-10-25 21:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2017-03-04 14:14 - 2017-02-14 19:46 - 00000840 _____ C:\Users\Public\Desktop\Driver Booster 4.lnk
2017-03-04 14:14 - 2016-11-01 22:52 - 01600056 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2017-03-04 14:02 - 2015-07-31 20:40 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-03-04 14:01 - 2015-02-20 01:18 - 00042606 _____ C:\Windows\system32\nvinfo.pb
2017-02-25 11:06 - 2016-12-15 17:06 - 00003102 _____ C:\Windows\System32\Tasks\SmartDefrag_AutoAnalyze
2017-02-25 11:06 - 2016-12-15 17:06 - 00002948 _____ C:\Windows\System32\Tasks\SmartDefrag_Update
2017-02-25 11:06 - 2016-10-09 08:54 - 00000590 _____ C:\Users\Public\Desktop\Smart Defrag 5.lnk
2017-02-25 11:06 - 2016-06-06 22:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag
2017-02-24 21:35 - 2016-01-06 20:16 - 00000000 ____D C:\ProgramData\Ashampoo
2017-02-24 21:26 - 2015-03-19 12:08 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2017-02-24 21:20 - 2015-03-19 12:06 - 00116288 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
==================== Files in the root of some directories =======
2015-08-15 11:48 - 2014-05-24 21:09 - 0603763 ___SH () C:\Users\oem\AppData\Roaming\libcurl-4.dll
2015-08-15 11:48 - 2014-05-26 20:16 - 0626176 ___SH (The cURL library, http://curl.haxx.se/) C:\Users\oem\AppData\Roaming\libcurl.dll
2015-08-15 11:48 - 2014-05-26 20:16 - 1704448 ___SH (The OpenSSL Project, http://www.openssl.org/) C:\Users\oem\AppData\Roaming\libeay32.dll
2015-08-15 11:48 - 2014-05-26 20:16 - 0112142 ___SH () C:\Users\oem\AppData\Roaming\libgcc_s_dw2-1.dll
2015-08-15 11:48 - 2014-05-26 20:16 - 0279955 ___SH () C:\Users\oem\AppData\Roaming\libidn-11.dll
2015-08-15 11:48 - 2014-05-26 20:16 - 0148760 ___SH () C:\Users\oem\AppData\Roaming\libpdcurses.dll
2015-08-15 11:48 - 2014-05-04 11:16 - 0207360 ___SH (CodePlex Community) C:\Users\oem\AppData\Roaming\Microsoft.Win32.TaskScheduler.dll
2015-08-15 11:48 - 2013-08-11 15:41 - 0044032 ___SH (NirSoft) C:\Users\oem\AppData\Roaming\nircmd.exe
2015-04-19 14:20 - 2015-10-12 20:16 - 0000626 _____ () C:\Users\oem\AppData\Roaming\OsasGC28BU3BMhsM3C1RV
2015-08-15 11:48 - 2014-05-24 21:09 - 0042496 ___SH (Open Source Software community project) C:\Users\oem\AppData\Roaming\pthreadGC2-w64.dll
2015-08-15 11:48 - 2014-05-26 20:16 - 0119704 ___SH (Open Source Software community LGPL) C:\Users\oem\AppData\Roaming\pthreadGC2.dll
2015-08-15 11:48 - 2014-05-26 20:16 - 0364544 ___SH (The OpenSSL Project, http://www.openssl.org/) C:\Users\oem\AppData\Roaming\ssleay32.dll
2015-08-15 11:48 - 2014-05-26 20:16 - 0113166 ___SH () C:\Users\oem\AppData\Roaming\zlib1.dll
2015-12-20 16:13 - 2015-12-20 16:13 - 0003072 _____ () C:\Users\oem\AppData\Local\file__0.localstorage
2015-10-03 14:18 - 2015-10-03 14:18 - 0000000 ___SH () C:\Users\oem\AppData\Local\LumaEmu
2015-08-02 16:18 - 2016-07-17 21:07 - 0007599 _____ () C:\Users\oem\AppData\Local\resmon.resmoncfg
2015-03-19 12:08 - 2015-03-19 12:08 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-03-24 18:06
==================== End of FRST.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 119665
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: pop-up v chromu
Otevřte poznámkový blok a zkopírujte do něj:
Doporučuji odinstalovat AdvancedSystemCare. Tento optimizer občas vidí chyby i tam, kde nejsou a laik si jím snadno může poškodit systém.
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\MountPoints2: K - K:\Autorun.exe
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\MountPoints2: {51a3fe8d-2de9-11e5-8358-d8cb8a3b9613} - M:\Setup.exe
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\MountPoints2: {7e6e05b0-2355-11e5-99b3-d8cb8a3b9613} - F:\setup.exe
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\MountPoints2: {8e5fef6a-2d30-11e5-8f1d-d8cb8a3b9613} - L:\setup_papers_please_2.0.0.4.exe
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\MountPoints2: {999c3ff8-431b-11e5-ae91-d8cb8a3b9613} - N:\setup.exe
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKLM -> DefaultScope {E49074B5-EFA0-4538-ADFA-CCC7450A774A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {E49074B5-EFA0-4538-ADFA-CCC7450A774A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {E49074B5-EFA0-4538-ADFA-CCC7450A774A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {E49074B5-EFA0-4538-ADFA-CCC7450A774A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-851051715-1971755352-4237513697-1000 -> {CE45F0D2-A2AD-420A-A605-0490B77619D5} URL =
SearchScopes: HKU\S-1-5-21-851051715-1971755352-4237513697-1000 -> {E49074B5-EFA0-4538-ADFA-CCC7450A774A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Windows\system32\SET5780.tmp
C:\Windows\system32\SET53E2.tmp
C:\Windows\system32\SET59C6.tmp
C:\Windows\system32\SET59D6.tmp
C:\Windows\system32\SET5D16.tmp
C:\Windows\system32\SET6396.tmp
C:\ProgramData\DP45977C.lfl
EmptyTemp:
End
Doporučuji odinstalovat AdvancedSystemCare. Tento optimizer občas vidí chyby i tam, kde nejsou a laik si jím snadno může poškodit systém.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: pop-up v chromu
Ok odinstaluji program na vaše doporučení.Stačí když budu používat ccleaner+win programy nebo by jste mohl dát tip na jiný optimizer?díky
Zatím stále vyskakuje stránka reimage repair
Tady je log
Fix result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
Ran by oem (26-03-2017 21:22:02) Run:1
Running from C:\Users\oem\Desktop
Loaded Profiles: oem (Available Profiles: oem)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\MountPoints2: K - K:\Autorun.exe
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\MountPoints2: {51a3fe8d-2de9-11e5-8358-d8cb8a3b9613} - M:\Setup.exe
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\MountPoints2: {7e6e05b0-2355-11e5-99b3-d8cb8a3b9613} - F:\setup.exe
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\MountPoints2: {8e5fef6a-2d30-11e5-8f1d-d8cb8a3b9613} - L:\setup_papers_please_2.0.0.4.exe
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\MountPoints2: {999c3ff8-431b-11e5-ae91-d8cb8a3b9613} - N:\setup.exe
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKLM -> DefaultScope {E49074B5-EFA0-4538-ADFA-CCC7450A774A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {E49074B5-EFA0-4538-ADFA-CCC7450A774A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {E49074B5-EFA0-4538-ADFA-CCC7450A774A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {E49074B5-EFA0-4538-ADFA-CCC7450A774A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-851051715-1971755352-4237513697-1000 -> {CE45F0D2-A2AD-420A-A605-0490B77619D5} URL =
SearchScopes: HKU\S-1-5-21-851051715-1971755352-4237513697-1000 -> {E49074B5-EFA0-4538-ADFA-CCC7450A774A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Windows\system32\SET5780.tmp
C:\Windows\system32\SET53E2.tmp
C:\Windows\system32\SET59C6.tmp
C:\Windows\system32\SET59D6.tmp
C:\Windows\system32\SET5D16.tmp
C:\Windows\system32\SET6396.tmp
C:\ProgramData\DP45977C.lfl
EmptyTemp:
End
*****************
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\K => key removed successfully
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{51a3fe8d-2de9-11e5-8358-d8cb8a3b9613} => key removed successfully
HKCR\CLSID\{51a3fe8d-2de9-11e5-8358-d8cb8a3b9613} => key not found.
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7e6e05b0-2355-11e5-99b3-d8cb8a3b9613} => key removed successfully
HKCR\CLSID\{7e6e05b0-2355-11e5-99b3-d8cb8a3b9613} => key not found.
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8e5fef6a-2d30-11e5-8f1d-d8cb8a3b9613} => key removed successfully
HKCR\CLSID\{8e5fef6a-2d30-11e5-8f1d-d8cb8a3b9613} => key not found.
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{999c3ff8-431b-11e5-ae91-d8cb8a3b9613} => key removed successfully
HKCR\CLSID\{999c3ff8-431b-11e5-ae91-d8cb8a3b9613} => key not found.
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E49074B5-EFA0-4538-ADFA-CCC7450A774A} => key removed successfully
HKCR\CLSID\{E49074B5-EFA0-4538-ADFA-CCC7450A774A} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{E49074B5-EFA0-4538-ADFA-CCC7450A774A} => key removed successfully
HKCR\Wow6432Node\CLSID\{E49074B5-EFA0-4538-ADFA-CCC7450A774A} => key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CE45F0D2-A2AD-420A-A605-0490B77619D5} => key removed successfully
HKCR\CLSID\{CE45F0D2-A2AD-420A-A605-0490B77619D5} => key not found.
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E49074B5-EFA0-4538-ADFA-CCC7450A774A} => key removed successfully
HKCR\CLSID\{E49074B5-EFA0-4538-ADFA-CCC7450A774A} => key not found.
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => key removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => key removed successfully
C:\Windows\system32\SET5780.tmp => moved successfully
C:\Windows\system32\SET53E2.tmp => moved successfully
C:\Windows\system32\SET59C6.tmp => moved successfully
C:\Windows\system32\SET59D6.tmp => moved successfully
C:\Windows\system32\SET5D16.tmp => moved successfully
C:\Windows\system32\SET6396.tmp => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 4075668 B
Java, Flash, Steam htmlcache => 492 B
Windows/system/drivers => 0 B
Edge => 0 B
Chrome => 8262387 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 66228 B
Public => 0 B
ProgramData => 0 B
systemprofile => 58502876 B
systemprofile32 => 71163 B
LocalService => 86507 B
NetworkService => 66228 B
oem => 4710449 B
Petr => 0 B
RecycleBin => 0 B
EmptyTemp: => 80.3 MB temporary data Removed.
Zatím stále vyskakuje stránka reimage repair
Tady je log
Fix result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
Ran by oem (26-03-2017 21:22:02) Run:1
Running from C:\Users\oem\Desktop
Loaded Profiles: oem (Available Profiles: oem)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\MountPoints2: K - K:\Autorun.exe
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\MountPoints2: {51a3fe8d-2de9-11e5-8358-d8cb8a3b9613} - M:\Setup.exe
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\MountPoints2: {7e6e05b0-2355-11e5-99b3-d8cb8a3b9613} - F:\setup.exe
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\MountPoints2: {8e5fef6a-2d30-11e5-8f1d-d8cb8a3b9613} - L:\setup_papers_please_2.0.0.4.exe
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\MountPoints2: {999c3ff8-431b-11e5-ae91-d8cb8a3b9613} - N:\setup.exe
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKLM -> DefaultScope {E49074B5-EFA0-4538-ADFA-CCC7450A774A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {E49074B5-EFA0-4538-ADFA-CCC7450A774A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {E49074B5-EFA0-4538-ADFA-CCC7450A774A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {E49074B5-EFA0-4538-ADFA-CCC7450A774A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-851051715-1971755352-4237513697-1000 -> {CE45F0D2-A2AD-420A-A605-0490B77619D5} URL =
SearchScopes: HKU\S-1-5-21-851051715-1971755352-4237513697-1000 -> {E49074B5-EFA0-4538-ADFA-CCC7450A774A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Windows\system32\SET5780.tmp
C:\Windows\system32\SET53E2.tmp
C:\Windows\system32\SET59C6.tmp
C:\Windows\system32\SET59D6.tmp
C:\Windows\system32\SET5D16.tmp
C:\Windows\system32\SET6396.tmp
C:\ProgramData\DP45977C.lfl
EmptyTemp:
End
*****************
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\K => key removed successfully
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{51a3fe8d-2de9-11e5-8358-d8cb8a3b9613} => key removed successfully
HKCR\CLSID\{51a3fe8d-2de9-11e5-8358-d8cb8a3b9613} => key not found.
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7e6e05b0-2355-11e5-99b3-d8cb8a3b9613} => key removed successfully
HKCR\CLSID\{7e6e05b0-2355-11e5-99b3-d8cb8a3b9613} => key not found.
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8e5fef6a-2d30-11e5-8f1d-d8cb8a3b9613} => key removed successfully
HKCR\CLSID\{8e5fef6a-2d30-11e5-8f1d-d8cb8a3b9613} => key not found.
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{999c3ff8-431b-11e5-ae91-d8cb8a3b9613} => key removed successfully
HKCR\CLSID\{999c3ff8-431b-11e5-ae91-d8cb8a3b9613} => key not found.
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E49074B5-EFA0-4538-ADFA-CCC7450A774A} => key removed successfully
HKCR\CLSID\{E49074B5-EFA0-4538-ADFA-CCC7450A774A} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{E49074B5-EFA0-4538-ADFA-CCC7450A774A} => key removed successfully
HKCR\Wow6432Node\CLSID\{E49074B5-EFA0-4538-ADFA-CCC7450A774A} => key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CE45F0D2-A2AD-420A-A605-0490B77619D5} => key removed successfully
HKCR\CLSID\{CE45F0D2-A2AD-420A-A605-0490B77619D5} => key not found.
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E49074B5-EFA0-4538-ADFA-CCC7450A774A} => key removed successfully
HKCR\CLSID\{E49074B5-EFA0-4538-ADFA-CCC7450A774A} => key not found.
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => key removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => key removed successfully
C:\Windows\system32\SET5780.tmp => moved successfully
C:\Windows\system32\SET53E2.tmp => moved successfully
C:\Windows\system32\SET59C6.tmp => moved successfully
C:\Windows\system32\SET59D6.tmp => moved successfully
C:\Windows\system32\SET5D16.tmp => moved successfully
C:\Windows\system32\SET6396.tmp => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 4075668 B
Java, Flash, Steam htmlcache => 492 B
Windows/system/drivers => 0 B
Edge => 0 B
Chrome => 8262387 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 66228 B
Public => 0 B
ProgramData => 0 B
systemprofile => 58502876 B
systemprofile32 => 71163 B
LocalService => 86507 B
NetworkService => 66228 B
oem => 4710449 B
Petr => 0 B
RecycleBin => 0 B
EmptyTemp: => 80.3 MB temporary data Removed.
-
Rudy
- Site Admin
- Příspěvky: 119665
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: pop-up v chromu
CCleaner postačí. Smazáno. Spusťte ještě tyto skeny:
1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.
a
2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;
Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.
a
2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: pop-up v chromu
Dobrý den
Zde jsou logy
Zoek.exe v5.0.0.1 Updated 27-09-2015
Tool run by oem on po 27.03.2017 at 16:58:07,55.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\oem\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
27.3.2017 17:00:13 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\PROGRA~3\Ashampoo deleted successfully
C:\PROGRA~3\Logs deleted successfully
C:\PROGRA~3\LumaEmu_SteamCloud deleted successfully
C:\PROGRA~3\NVIDIA deleted successfully
C:\PROGRA~3\Ubisoft deleted successfully
C:\PROGRA~3\{74E9F814-C737-42CC-B721-DBBC4059367A} deleted successfully
C:\PROGRA~3\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} deleted successfully
C:\PROGRA~3\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705} deleted successfully
C:\PROGRA~3\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98} deleted successfully
C:\Users\Default\AppData\Roaming\ProductData deleted successfully
C:\Users\oem\AppData\Roaming\MPC-HC deleted successfully
C:\Users\oem\AppData\Local\CrashDumps deleted successfully
C:\Users\oem\AppData\Local\VirtualStore deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\PROGRA~3\{74E9F814-C737-42CC-B721-DBBC4059367A} not found
C:\PROGRA~3\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} not found
C:\PROGRA~3\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705} not found
C:\PROGRA~3\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98} not found
C:\PROGRA~2\Windows Live SkyDrive deleted
C:\Users\oem\AppData\Roaming\libcurl-4.dll deleted
C:\Users\oem\AppData\Roaming\libcurl.dll deleted
C:\Users\oem\AppData\Roaming\libeay32.dll deleted
C:\Users\oem\AppData\Roaming\libgcc_s_dw2-1.dll deleted
C:\Users\oem\AppData\Roaming\libidn-11.dll deleted
C:\Users\oem\AppData\Roaming\libpdcurses.dll deleted
C:\Users\oem\AppData\Roaming\Microsoft.Win32.TaskScheduler.dll deleted
C:\Users\oem\AppData\Roaming\pthreadGC2-w64.dll deleted
C:\Users\oem\AppData\Roaming\pthreadGC2.dll deleted
C:\Users\oem\AppData\Roaming\ssleay32.dll deleted
C:\Users\oem\AppData\Roaming\zlib1.dll deleted
C:\Users\oem\AppData\Roaming\ProductData deleted
C:\PROGRA~3\AlawarWrapper deleted
C:\PROGRA~3\ProductData deleted
C:\PROGRA~3\Package Cache deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Windows\Syswow64\SET2ED8.tmp deleted
C:\Windows\Syswow64\SET3664.tmp deleted
C:\Windows\Syswow64\SETEE33.tmp deleted
C:\Windows\Syswow64\SETF163.tmp deleted
C:\Windows\Syswow64\SETF4E6.tmp deleted
C:\Users\Public\Documents\AlawarWrapper deleted
C:\Users\oem\AppData\Roaming\nircmd.exe deleted
"C:\Users\oem\AppData\Local\LumaEmu" deleted
"C:\Users\oem\AppData\Roaming\OsasGC28BU3BMhsM3C1RV" deleted
"C:\Users\oem\AppData\Roaming\Tunngle\Local.key" deleted
"C:\Users\oem\AppData\Roaming\Tunngle\Local.pub" deleted
"C:\Users\oem\AppData\Roaming\Tunngle" deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [06.02.2017 16:48]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [06.02.2017 16:48]
==== Chromium Look ======================
Google Chrome Version: 46.0.2490.86
Chrome Media Router - oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
==== Chromium Fix ======================
C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_stranded-deep.en.softonic.com_0.localstorage deleted successfully
C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_stranded-deep.en.softonic.com_0.localstorage-journal deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/"
"Search Page"="http://www.google.com"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.seznam.cz/"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IESR02"
==== Reset Google Chrome ======================
C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Web Data.ReadOnly was reset successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\oem\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=442 folders=115 139438210 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\oem\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\oem\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on po 27.03.2017 at 17:36:41,67 ======================
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.2 (03.10.2017)
Operating System: Windows 7 Home Premium x64
Ran by oem (Administrator) on po 27.03.2017 at 17:41:23,97
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 6
Successfully deleted: C:\ProgramData\productdata (Folder)
Successfully deleted: C:\Users\oem\AppData\Local\alawarwrapper (Folder)
Successfully deleted: C:\Users\oem\AppData\Roaming\3909 (Folder)
Successfully deleted: C:\Windows\system32\Tasks\Driver Booster Scheduler (Task)
Successfully deleted: C:\Windows\system32\Tasks\Driver Booster SkipUAC (oem) (Task)
Successfully deleted: C:\Windows\system32\Tasks\Uninstaller_SkipUac_oem (Task)
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 27.03.2017 at 17:42:45,42
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Zde jsou logy
Zoek.exe v5.0.0.1 Updated 27-09-2015
Tool run by oem on po 27.03.2017 at 16:58:07,55.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\oem\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
27.3.2017 17:00:13 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\PROGRA~3\Ashampoo deleted successfully
C:\PROGRA~3\Logs deleted successfully
C:\PROGRA~3\LumaEmu_SteamCloud deleted successfully
C:\PROGRA~3\NVIDIA deleted successfully
C:\PROGRA~3\Ubisoft deleted successfully
C:\PROGRA~3\{74E9F814-C737-42CC-B721-DBBC4059367A} deleted successfully
C:\PROGRA~3\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} deleted successfully
C:\PROGRA~3\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705} deleted successfully
C:\PROGRA~3\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98} deleted successfully
C:\Users\Default\AppData\Roaming\ProductData deleted successfully
C:\Users\oem\AppData\Roaming\MPC-HC deleted successfully
C:\Users\oem\AppData\Local\CrashDumps deleted successfully
C:\Users\oem\AppData\Local\VirtualStore deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\PROGRA~3\{74E9F814-C737-42CC-B721-DBBC4059367A} not found
C:\PROGRA~3\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} not found
C:\PROGRA~3\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705} not found
C:\PROGRA~3\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98} not found
C:\PROGRA~2\Windows Live SkyDrive deleted
C:\Users\oem\AppData\Roaming\libcurl-4.dll deleted
C:\Users\oem\AppData\Roaming\libcurl.dll deleted
C:\Users\oem\AppData\Roaming\libeay32.dll deleted
C:\Users\oem\AppData\Roaming\libgcc_s_dw2-1.dll deleted
C:\Users\oem\AppData\Roaming\libidn-11.dll deleted
C:\Users\oem\AppData\Roaming\libpdcurses.dll deleted
C:\Users\oem\AppData\Roaming\Microsoft.Win32.TaskScheduler.dll deleted
C:\Users\oem\AppData\Roaming\pthreadGC2-w64.dll deleted
C:\Users\oem\AppData\Roaming\pthreadGC2.dll deleted
C:\Users\oem\AppData\Roaming\ssleay32.dll deleted
C:\Users\oem\AppData\Roaming\zlib1.dll deleted
C:\Users\oem\AppData\Roaming\ProductData deleted
C:\PROGRA~3\AlawarWrapper deleted
C:\PROGRA~3\ProductData deleted
C:\PROGRA~3\Package Cache deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Windows\Syswow64\SET2ED8.tmp deleted
C:\Windows\Syswow64\SET3664.tmp deleted
C:\Windows\Syswow64\SETEE33.tmp deleted
C:\Windows\Syswow64\SETF163.tmp deleted
C:\Windows\Syswow64\SETF4E6.tmp deleted
C:\Users\Public\Documents\AlawarWrapper deleted
C:\Users\oem\AppData\Roaming\nircmd.exe deleted
"C:\Users\oem\AppData\Local\LumaEmu" deleted
"C:\Users\oem\AppData\Roaming\OsasGC28BU3BMhsM3C1RV" deleted
"C:\Users\oem\AppData\Roaming\Tunngle\Local.key" deleted
"C:\Users\oem\AppData\Roaming\Tunngle\Local.pub" deleted
"C:\Users\oem\AppData\Roaming\Tunngle" deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [06.02.2017 16:48]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [06.02.2017 16:48]
==== Chromium Look ======================
Google Chrome Version: 46.0.2490.86
Chrome Media Router - oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
==== Chromium Fix ======================
C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_stranded-deep.en.softonic.com_0.localstorage deleted successfully
C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_stranded-deep.en.softonic.com_0.localstorage-journal deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/"
"Search Page"="http://www.google.com"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.seznam.cz/"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IESR02"
==== Reset Google Chrome ======================
C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Web Data.ReadOnly was reset successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\oem\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=442 folders=115 139438210 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\oem\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\oem\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on po 27.03.2017 at 17:36:41,67 ======================
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.2 (03.10.2017)
Operating System: Windows 7 Home Premium x64
Ran by oem (Administrator) on po 27.03.2017 at 17:41:23,97
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 6
Successfully deleted: C:\ProgramData\productdata (Folder)
Successfully deleted: C:\Users\oem\AppData\Local\alawarwrapper (Folder)
Successfully deleted: C:\Users\oem\AppData\Roaming\3909 (Folder)
Successfully deleted: C:\Windows\system32\Tasks\Driver Booster Scheduler (Task)
Successfully deleted: C:\Windows\system32\Tasks\Driver Booster SkipUAC (oem) (Task)
Successfully deleted: C:\Windows\system32\Tasks\Uninstaller_SkipUac_oem (Task)
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 27.03.2017 at 17:42:45,42
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
Rudy
- Site Admin
- Příspěvky: 119665
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: pop-up v chromu
OK. Nastala nyní nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: pop-up v chromu
Prohlížeč už vypadá v pořádku 
Ještě bych měl prosím otázku ohledně aktualizaci win.Nevím si rady s některými updaty,nechtěly se instalovat a vždy to skončilo tím že se pc 2krát zrestartovalo a vrátilo změny...tak jsem je skryl a ignoroval
Dříve jsem zkoušel i nějaký fix přímo z update zřejmě jsem neměl problém sám ale to nepomohlo.
Ted za ty měsíce jich mám asi 6 skrytých a prý jsou duležité ale jsou staré.Nevím jestli je ignorovat nebo třeba by nepomohlo v nouzovém režimu instalovat.Co by jste mi poradil?
Ještě bych měl prosím otázku ohledně aktualizaci win.Nevím si rady s některými updaty,nechtěly se instalovat a vždy to skončilo tím že se pc 2krát zrestartovalo a vrátilo změny...tak jsem je skryl a ignoroval
Dříve jsem zkoušel i nějaký fix přímo z update zřejmě jsem neměl problém sám ale to nepomohlo.
Ted za ty měsíce jich mám asi 6 skrytých a prý jsou duležité ale jsou staré.Nevím jestli je ignorovat nebo třeba by nepomohlo v nouzovém režimu instalovat.Co by jste mi poradil?
-
Rudy
- Site Admin
- Příspěvky: 119665
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: pop-up v chromu
Zkuste tento postup: https://support.microsoft.com/cs-cz/hel ... iness-tool .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: pop-up v chromu
Dobrý den
Omlouvám se za zpožděnou odpověd
Bohužel tento nástroj nepomáhá.Spustil jsem nástroj připravenosti pak dal instal.problémový update a zase se vrátily změny.Jedná se o 1nu nejnovější kumulativní aktualizaci za březen
Je tam i ruční cesta ale s tím si nák nevím rady protože nemužu najít ten špatný update v logu.Ve windows update jsem dal myslím checksur.log nebo tak nějak a vypsalo mi to tyhle logy kde vypisuje kod chyby a náký errory jestli vám to pomuže.
Proxy server: Přímý přístup (bez serveru proxy).
Poslední nainstalovaná aktualizace:Březen 2017, měsíční kumulativní aktualizace zabezpečení pro zvýšení kvality pro Windows 7 pro procesory x64 (KB4012215),03/28/2017 19:56:02
Poslední zobrazená zpráva:2017-03-30 16:34:04:186 608 554 Agent WARNING: Failed to read the service id for re-registration 0x80070002
Nastavení jazyka:cs-CZ
bits : Running
wuauserv : Running
PRACOVNÍ SKUPINA:WORKGROUP
Verze agenta služby Windows Update:7.6.7601.23453
Microsoft Windows 7 Home Premium SP: 1
Typ procesoru: x64
Architektura operačního systému:64-bit
Package Version 26.0
2017-03-28 20:38
Checking Windows Servicing Packages
Checking Package Manifests and Catalogs
Checking Package Watchlist
Checking Component Watchlist
Checking Packages
Checking Component Store
(f) CSI C Mark Deployment Missing 0x00000000 c!avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_0b20a8ff883c3a4a x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c
(f) CSI C Mark Deployment Missing 0x00000000 c!avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_c373722873c01144 amd64_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_d58a6d64ab65b396
(f) CSI C Mark Deployment Missing 0x00000000 c!avast.vc140.mfc_fcc99ee6193ebbca_14.0.24210.0_49391d6d8244622b x86_avast.vc140.mfc_fcc99ee6193ebbca_14.0.24210.0_none_a338d8ea2df29efb
(f) CSI C Mark Deployment Missing 0x00000000 c!policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_ef17e13d91c55d96 amd64_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_none_499a1b14d5902dfc
(f) CSI C Mark Deployment Missing 0x00000000 c!policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_36c51814a641869c x86_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_none_914751ebea0c5702
(f) CSI C Mark Deployment Missing 0x00000000 c!avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_020285fe6d6e0580 amd64_avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_none_56aba0211ca246c2
(f) CSI C Mark Deployment Missing 0x00000000 c!policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_14.0.24210.0_364e78aca69bba41 x86_policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_14.0.24210.0_none_962753dde6e08635
(f) CSI C Mark Deployment Missing 0x00000000 c!avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_49afbcd581ea2e86 x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_none_9e58d6f8311e6fc8
Summary:
Seconds executed: 142
Found 8 errors
CSI C Mark Deployment Missing Total count: 8
Omlouvám se za zpožděnou odpověd
Bohužel tento nástroj nepomáhá.Spustil jsem nástroj připravenosti pak dal instal.problémový update a zase se vrátily změny.Jedná se o 1nu nejnovější kumulativní aktualizaci za březen
Je tam i ruční cesta ale s tím si nák nevím rady protože nemužu najít ten špatný update v logu.Ve windows update jsem dal myslím checksur.log nebo tak nějak a vypsalo mi to tyhle logy kde vypisuje kod chyby a náký errory jestli vám to pomuže.
Proxy server: Přímý přístup (bez serveru proxy).
Poslední nainstalovaná aktualizace:Březen 2017, měsíční kumulativní aktualizace zabezpečení pro zvýšení kvality pro Windows 7 pro procesory x64 (KB4012215),03/28/2017 19:56:02
Poslední zobrazená zpráva:2017-03-30 16:34:04:186 608 554 Agent WARNING: Failed to read the service id for re-registration 0x80070002
Nastavení jazyka:cs-CZ
bits : Running
wuauserv : Running
PRACOVNÍ SKUPINA:WORKGROUP
Verze agenta služby Windows Update:7.6.7601.23453
Microsoft Windows 7 Home Premium SP: 1
Typ procesoru: x64
Architektura operačního systému:64-bit
Package Version 26.0
2017-03-28 20:38
Checking Windows Servicing Packages
Checking Package Manifests and Catalogs
Checking Package Watchlist
Checking Component Watchlist
Checking Packages
Checking Component Store
(f) CSI C Mark Deployment Missing 0x00000000 c!avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_0b20a8ff883c3a4a x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c
(f) CSI C Mark Deployment Missing 0x00000000 c!avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_c373722873c01144 amd64_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_d58a6d64ab65b396
(f) CSI C Mark Deployment Missing 0x00000000 c!avast.vc140.mfc_fcc99ee6193ebbca_14.0.24210.0_49391d6d8244622b x86_avast.vc140.mfc_fcc99ee6193ebbca_14.0.24210.0_none_a338d8ea2df29efb
(f) CSI C Mark Deployment Missing 0x00000000 c!policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_ef17e13d91c55d96 amd64_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_none_499a1b14d5902dfc
(f) CSI C Mark Deployment Missing 0x00000000 c!policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_36c51814a641869c x86_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_none_914751ebea0c5702
(f) CSI C Mark Deployment Missing 0x00000000 c!avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_020285fe6d6e0580 amd64_avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_none_56aba0211ca246c2
(f) CSI C Mark Deployment Missing 0x00000000 c!policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_14.0.24210.0_364e78aca69bba41 x86_policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_14.0.24210.0_none_962753dde6e08635
(f) CSI C Mark Deployment Missing 0x00000000 c!avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_49afbcd581ea2e86 x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_none_9e58d6f8311e6fc8
Summary:
Seconds executed: 142
Found 8 errors
CSI C Mark Deployment Missing Total count: 8
-
Rudy
- Site Admin
- Příspěvky: 119665
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: pop-up v chromu
To fixování byl asi WUFix: http://www.smartestcomputing.us.com/top ... pdate-fix/ . Ten občas pomůže. Další možností je odinstalovat všechny aktualizace po datu, kdy se vám nenainstalovaly ty skryté a necht vš znovu zaktualizovat.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: pop-up v chromu
Bez změny tak zkusím odinstalovat k datu
Jak to bude možné dám hned vědět.
Jak to bude možné dám hned vědět.
Přispějete na provoz fóra?