VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

pop-up v chromu

https://forum.viry.cz:443/viewtopic.php?t=151733

Stránka 1 z 2

pop-up v chromu

Napsal: 26 bře 2017 11:35
od petrys
Dobrý den
Vyskakují nebo se mění stránky pro opravu win občas přesměruje na stránku s virem který zahlásí avast.Prosím o pomoc.Jinak běh pc se zdá normál.Jen se mi vypli aktualizace win a přenastavil
program se zvukem ale nevím jestli to zpusobil daný problém nebo nějaký program.Už je mám zaplé asi 3tí den a zatim v pohodě
Zde je log FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
Ran by oem (administrator) on ON-PC (26-03-2017 12:32:25)
Running from C:\Users\oem\Desktop
Loaded Profiles: oem (Available Profiles: oem)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) D:\Advanced SystemCare\ASCService.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(IObit) D:\IObit Uninstaller\UninstallMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8900104 2016-11-01] (Realtek Semiconductor)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-08] (AVAST Software)
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\MountPoints2: K - K:\Autorun.exe
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\MountPoints2: {51a3fe8d-2de9-11e5-8358-d8cb8a3b9613} - M:\Setup.exe
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\MountPoints2: {7e6e05b0-2355-11e5-99b3-d8cb8a3b9613} - F:\setup.exe
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\MountPoints2: {8e5fef6a-2d30-11e5-8f1d-d8cb8a3b9613} - L:\setup_papers_please_2.0.0.4.exe
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\MountPoints2: {999c3ff8-431b-11e5-ae91-d8cb8a3b9613} - N:\setup.exe
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-08] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-08] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 176.102.147.2 176.102.144.2 176.102.128.2
Tcpip\..\Interfaces\{E8A0DE12-4648-402A-85E6-8C898C8B5526}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{E8A0DE12-4648-402A-85E6-8C898C8B5526}: [DhcpNameServer] 176.102.147.2 176.102.144.2 176.102.128.2

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKLM -> DefaultScope {E49074B5-EFA0-4538-ADFA-CCC7450A774A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {E49074B5-EFA0-4538-ADFA-CCC7450A774A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {E49074B5-EFA0-4538-ADFA-CCC7450A774A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {E49074B5-EFA0-4538-ADFA-CCC7450A774A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-851051715-1971755352-4237513697-1000 -> {CE45F0D2-A2AD-420A-A605-0490B77619D5} URL =
SearchScopes: HKU\S-1-5-21-851051715-1971755352-4237513697-1000 -> {E49074B5-EFA0-4538-ADFA-CCC7450A774A} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> D:\IObit Uninstaller\UninstallExplorer.dll [2016-05-23] (IObit)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-03-08] (AVAST Software)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-03-08] (AVAST Software)
BHO-x32: IObit Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> D:\Advanced SystemCare\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2016-08-03] (IObit)
BHO-x32: IObit Ads Removal -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> D:\Advanced SystemCare\Surfing Protection\Adblock\Adblock.dll [2016-06-23] (IObit)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2017-02-06]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2017-02-06]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-05-14] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-05-14] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll [2009-06-23] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default [2017-03-26]
CHR Extension: (Web Viewer Plus) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\gohkpobccnmkfgdakigahjikgbiklbgo [2017-02-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Chrome Media Router) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-11]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService10; D:\Advanced SystemCare\ASCService.exe [462624 2016-12-12] (IObit)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7147320 2017-03-08] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-08] (AVAST Software)
S3 Disc Soft Lite Bus Service; D:\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-06-22] (Disc Soft Ltd)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344168 2016-01-23] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
S2 IObitUnSvr; D:\IObit Uninstaller\IUService.exe [360736 2016-10-28] (IObit)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-05-14] (Intel Corporation)
S4 MBAMScheduler; D:\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; D:\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation)
S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation)
S3 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [309272 2017-03-08] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [189768 2017-03-08] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334600 2017-03-08] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [48528 2017-03-08] (AVAST Software s.r.o.)
S3 aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [82936 2017-02-06] (AVAST Software)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-03-08] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [32088 2017-03-08] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [126600 2017-03-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [100640 2017-03-08] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-03-08] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [993608 2017-03-08] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [548928 2017-03-21] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162528 2017-03-08] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [337592 2017-03-14] (AVAST Software)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-08-06] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-08-06] (Disc Soft Ltd)
R3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [190360 2017-03-04] (GenesysLogic)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-08-15] (REALiX(tm))
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [31712 2016-06-12] (Intel Corporation)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [44744 2016-01-26] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [199736 2017-01-08] (Intel Corporation)
R2 NPF; C:\Windows\SysWOW64\drivers\npf64.sys [36600 2015-12-16] (Riverbed Technology, Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation)
S3 NVSWCFilter; C:\Windows\system32\drivers\nvswcfilter.sys [19616 2014-09-06] (Windows (R) Win 7 DDK provider)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46016 2016-12-04] (NVIDIA Corporation)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
S3 GPCIDrv; \??\C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [X]
S3 MSICDSetup; \??\E:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-26 12:32 - 2017-03-26 12:32 - 00014850 _____ C:\Users\oem\Desktop\FRST.txt
2017-03-26 12:26 - 2017-03-26 12:32 - 00000000 ____D C:\FRST
2017-03-26 12:26 - 2017-03-26 12:26 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-03-19 11:17 - 2017-03-19 11:17 - 00000973 _____ C:\Users\oem\Desktop\The Sims 2.lnk
2017-03-19 11:17 - 2017-03-19 11:17 - 00000000 ____D C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Sims 2
2017-03-19 11:17 - 2011-07-28 13:26 - 00000000 ____D C:\Users\oem\Documents\EA Games
2017-03-18 19:42 - 2017-03-18 19:42 - 00000000 ____D C:\Users\Public\Documents\EA Games
2017-03-18 19:41 - 2017-03-19 11:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 2
2017-03-15 23:38 - 2017-02-23 01:42 - 00084712 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-03-15 23:38 - 2017-02-23 01:37 - 01285632 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-03-15 23:38 - 2017-02-18 16:05 - 01609216 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-03-15 23:38 - 2017-02-18 16:05 - 00646656 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-03-15 23:38 - 2016-12-31 17:36 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-03-15 23:38 - 2016-12-31 17:36 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-03-15 23:38 - 2016-12-31 17:36 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-03-15 23:38 - 2016-12-31 17:36 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-03-15 23:38 - 2016-12-31 17:36 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-03-12 19:10 - 2017-03-12 19:10 - 00000000 ____D C:\Users\oem\.QtWebEngineProcess
2017-03-12 19:10 - 2017-03-12 19:10 - 00000000 ____D C:\Users\oem\.Origin
2017-03-12 18:29 - 2017-03-12 19:39 - 00000000 ____D C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2017-03-12 18:21 - 2004-08-18 10:34 - 00442368 ____R (On2.com) C:\Windows\SysWOW64\vp6vfw.dll
2017-03-12 18:20 - 2017-03-12 18:20 - 00000000 ____D C:\Users\oem\AppData\Roaming\Macromedia
2017-03-11 15:07 - 2017-03-11 15:07 - 00000000 ____D C:\Users\oem\Documents\CPY_SAVES
2017-03-11 14:44 - 2017-03-11 14:44 - 00000664 _____ C:\Users\oem\Desktop\No Mans Sky.lnk
2017-03-08 23:11 - 2017-03-26 12:26 - 02424832 _____ (Farbar) C:\Users\oem\Desktop\FRST64.exe
2017-03-08 19:22 - 2017-03-08 19:22 - 00398408 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-03-08 19:22 - 2017-03-08 19:22 - 00334600 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-03-08 19:22 - 2017-03-08 19:22 - 00309272 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-03-08 19:22 - 2017-03-08 19:22 - 00189768 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-03-08 19:22 - 2017-03-08 19:22 - 00048528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-03-08 19:22 - 2017-03-08 19:22 - 00003914 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-03-04 14:14 - 2017-03-04 14:14 - 00217528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2017-03-04 14:14 - 2017-03-04 14:14 - 00047664 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 40192056 _____ C:\Windows\system32\nvcompiler.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 35272760 _____ C:\Windows\SysWOW64\nvcompiler.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 34937280 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 28212280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 19110088 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 19006832 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 16510160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 16398896 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 14674896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 14373824 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2017-03-04 14:01 - 2017-03-04 14:01 - 13377072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 11122912 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 11019704 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 09305984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 08990072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 04064088 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 03627064 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 03583560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 03187256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 01983424 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437866.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 01589696 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437866.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 01051584 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00989120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00961080 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00912440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00687224 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00611384 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00576192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00504104 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00500792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00492744 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00425288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00408272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00170360 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00153184 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00131720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2017-03-04 14:01 - 2017-03-04 14:01 - 00000669 _____ C:\Windows\system32\nv-vk64.json
2017-03-04 13:45 - 2017-03-04 13:45 - 05637816 _____ (Genesys) C:\Windows\system32\GeneIcon.dll
2017-03-04 13:45 - 2017-03-04 13:45 - 01731832 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2017-03-04 13:45 - 2017-03-04 13:45 - 00190360 _____ (GenesysLogic) C:\Windows\system32\Drivers\GeneStor.sys
2017-03-04 13:45 - 2017-03-04 13:45 - 00169752 _____ (Genesys Logic) C:\Windows\system32\GSCoinst.dll
2017-03-04 13:45 - 2017-03-04 13:45 - 00064088 _____ () C:\Windows\SysWOW64\UMonit64.exe
2017-03-04 13:45 - 2017-03-04 13:45 - 00000000 ____D C:\Windows\SysWOW64\sda
2017-03-04 13:45 - 2017-03-04 13:45 - 00000000 ____D C:\Program Files (x86)\Genesyslogic
2017-02-24 21:30 - 2017-03-04 19:04 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-02-24 21:30 - 2017-02-24 21:30 - 00000640 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2017-02-24 21:30 - 2016-03-10 15:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2017-02-24 21:30 - 2016-03-10 15:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-02-24 21:30 - 2016-03-10 15:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-02-24 21:26 - 2017-02-24 21:26 - 05545472 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2017-02-24 21:26 - 2017-02-24 21:26 - 03503048 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\SET5780.tmp
2017-02-24 21:26 - 2017-02-24 21:26 - 03302272 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 03203584 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 03203424 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\SET53E2.tmp
2017-02-24 21:26 - 2017-02-24 21:26 - 02201600 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 02050176 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 01979664 _____ (Creative Technology Ltd.) C:\Windows\system32\SET59C6.tmp
2017-02-24 21:26 - 2017-02-24 21:26 - 01746192 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO232.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 01353824 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00689880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00532376 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00410032 _____ (Creative Technology Ltd.) C:\Windows\system32\SET59D6.tmp
2017-02-24 21:26 - 2017-02-24 21:26 - 00387312 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00343704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00330560 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00321712 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00321712 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00221968 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00214832 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00209536 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00192976 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\SET5D16.tmp
2017-02-24 21:26 - 2017-02-24 21:26 - 00166200 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00122320 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00110984 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00088344 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00041088 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\MBfilt64.sys
2017-02-24 21:26 - 2017-02-24 21:26 - 00023688 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\SET6396.tmp
2017-02-24 21:25 - 2017-02-24 21:25 - 09124224 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2017-02-24 21:25 - 2017-02-24 21:25 - 03014144 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2017-02-24 21:25 - 2017-02-24 21:25 - 00574752 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2017-02-24 21:25 - 2017-02-24 21:25 - 00118592 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2017-02-24 21:20 - 2017-02-24 21:20 - 01044992 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2017-02-24 21:20 - 2017-02-24 21:20 - 00082536 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-26 12:31 - 2016-01-08 20:48 - 00000000 ____D C:\Users\oem\AppData\Local\CrashDumps
2017-03-26 12:31 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2017-03-26 11:01 - 2009-07-14 06:45 - 00021600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-26 11:01 - 2009-07-14 06:45 - 00021600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-26 10:56 - 2015-08-15 14:56 - 00002824 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (oem)
2017-03-26 10:56 - 2010-11-21 11:27 - 00681342 _____ C:\Windows\system32\perfh005.dat
2017-03-26 10:56 - 2010-11-21 11:27 - 00145820 _____ C:\Windows\system32\perfc005.dat
2017-03-26 10:56 - 2009-07-14 07:13 - 01610564 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-26 10:51 - 2015-08-07 19:47 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-03-26 10:51 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-26 02:21 - 2016-10-18 22:30 - 00000958 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2017-03-25 21:01 - 2016-12-05 16:30 - 00000862 _____ C:\Users\Public\Desktop\Advanced SystemCare 10.lnk
2017-03-25 20:23 - 2015-08-07 17:38 - 00000000 ____D C:\Users\oem\AppData\Local\GetNZB
2017-03-25 16:51 - 2015-08-07 19:45 - 00000000 ____D C:\Users\oem\Documents\Electronic Arts
2017-03-25 16:51 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-03-23 16:34 - 2016-01-07 16:27 - 00264808 _____ C:\Windows\system32\FNTCACHE.DAT
2017-03-23 16:33 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\DVD Maker
2017-03-23 16:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2017-03-23 16:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Dism
2017-03-23 16:31 - 2016-02-15 16:30 - 82030592 _____ C:\Windows\system32\config\software.iodefrag.bak
2017-03-23 16:31 - 2016-02-15 16:30 - 00245760 _____ C:\Windows\system32\config\default.iodefrag.bak
2017-03-23 16:31 - 2016-02-15 16:30 - 00024576 _____ C:\Windows\system32\config\security.iodefrag.bak
2017-03-23 16:31 - 2016-02-15 16:30 - 00024576 _____ C:\Windows\system32\config\sam.iodefrag.bak
2017-03-22 16:35 - 2015-08-15 14:56 - 00000000 ____D C:\ProgramData\ProductData
2017-03-21 21:15 - 2016-07-11 20:11 - 00000000 ____D C:\ProgramData\Ubisoft
2017-03-21 21:15 - 2015-03-19 12:06 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-03-21 20:18 - 2017-02-06 16:48 - 00548928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2017-03-21 20:14 - 2015-07-12 02:55 - 00000000 ____D C:\Users\oem\AppData\Local\ElevatedDiagnostics
2017-03-21 20:14 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2017-03-18 21:07 - 2015-07-31 20:00 - 00000000 ____D C:\Users\oem\AppData\Local\Deployment
2017-03-18 16:35 - 2016-01-06 19:46 - 00000000 ____D C:\Program Files (x86)\DLL Suite
2017-03-16 16:34 - 2015-07-06 12:19 - 00000000 ___SD C:\Windows\system32\CompatTel
2017-03-16 16:34 - 2015-07-06 12:19 - 00000000 ____D C:\Windows\system32\appraiser
2017-03-16 00:05 - 2015-07-10 22:51 - 00000000 ____D C:\Windows\system32\MRT
2017-03-16 00:04 - 2015-07-10 22:51 - 138634176 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-03-15 16:39 - 2015-07-05 15:14 - 00000000 ____D C:\ProgramData\AVAST Software
2017-03-14 16:37 - 2017-02-06 16:48 - 00337592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2017-03-14 16:32 - 2015-07-05 21:16 - 00000000 ____D C:\Users\oem\AppData\Roaming\DAEMON Tools Lite
2017-03-12 19:10 - 2015-03-19 11:30 - 00000000 ____D C:\Users\oem
2017-03-12 09:29 - 2016-02-15 16:30 - 48443392 _____ C:\Windows\system32\config\components.iodefrag.bak
2017-03-11 12:19 - 2015-07-16 19:35 - 00000000 ____D C:\Users\oem\Documents\My Games
2017-03-10 16:38 - 2017-02-06 16:49 - 00003886 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1486392599
2017-03-08 19:22 - 2017-02-06 16:49 - 00032088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-03-08 19:22 - 2017-02-06 16:48 - 00993608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-03-08 19:22 - 2017-02-06 16:48 - 00162528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-03-08 19:22 - 2017-02-06 16:48 - 00126600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-03-08 19:22 - 2017-02-06 16:48 - 00100640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-03-08 19:22 - 2017-02-06 16:48 - 00075704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-03-08 19:22 - 2017-02-06 16:48 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-03-07 20:03 - 2009-07-14 07:08 - 00032536 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-03-05 10:13 - 2015-07-04 14:13 - 00000000 ____D C:\Program Files (x86)\Google
2017-03-05 09:38 - 2015-10-25 21:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2017-03-04 14:14 - 2017-02-14 19:46 - 00000840 _____ C:\Users\Public\Desktop\Driver Booster 4.lnk
2017-03-04 14:14 - 2016-11-01 22:52 - 01600056 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2017-03-04 14:02 - 2015-07-31 20:40 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-03-04 14:01 - 2015-02-20 01:18 - 00042606 _____ C:\Windows\system32\nvinfo.pb
2017-02-25 11:06 - 2016-12-15 17:06 - 00003102 _____ C:\Windows\System32\Tasks\SmartDefrag_AutoAnalyze
2017-02-25 11:06 - 2016-12-15 17:06 - 00002948 _____ C:\Windows\System32\Tasks\SmartDefrag_Update
2017-02-25 11:06 - 2016-10-09 08:54 - 00000590 _____ C:\Users\Public\Desktop\Smart Defrag 5.lnk
2017-02-25 11:06 - 2016-06-06 22:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag
2017-02-24 21:35 - 2016-01-06 20:16 - 00000000 ____D C:\ProgramData\Ashampoo
2017-02-24 21:26 - 2015-03-19 12:08 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2017-02-24 21:20 - 2015-03-19 12:06 - 00116288 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll

==================== Files in the root of some directories =======

2015-08-15 11:48 - 2014-05-24 21:09 - 0603763 ___SH () C:\Users\oem\AppData\Roaming\libcurl-4.dll
2015-08-15 11:48 - 2014-05-26 20:16 - 0626176 ___SH (The cURL library, http://curl.haxx.se/) C:\Users\oem\AppData\Roaming\libcurl.dll
2015-08-15 11:48 - 2014-05-26 20:16 - 1704448 ___SH (The OpenSSL Project, http://www.openssl.org/) C:\Users\oem\AppData\Roaming\libeay32.dll
2015-08-15 11:48 - 2014-05-26 20:16 - 0112142 ___SH () C:\Users\oem\AppData\Roaming\libgcc_s_dw2-1.dll
2015-08-15 11:48 - 2014-05-26 20:16 - 0279955 ___SH () C:\Users\oem\AppData\Roaming\libidn-11.dll
2015-08-15 11:48 - 2014-05-26 20:16 - 0148760 ___SH () C:\Users\oem\AppData\Roaming\libpdcurses.dll
2015-08-15 11:48 - 2014-05-04 11:16 - 0207360 ___SH (CodePlex Community) C:\Users\oem\AppData\Roaming\Microsoft.Win32.TaskScheduler.dll
2015-08-15 11:48 - 2013-08-11 15:41 - 0044032 ___SH (NirSoft) C:\Users\oem\AppData\Roaming\nircmd.exe
2015-04-19 14:20 - 2015-10-12 20:16 - 0000626 _____ () C:\Users\oem\AppData\Roaming\OsasGC28BU3BMhsM3C1RV
2015-08-15 11:48 - 2014-05-24 21:09 - 0042496 ___SH (Open Source Software community project) C:\Users\oem\AppData\Roaming\pthreadGC2-w64.dll
2015-08-15 11:48 - 2014-05-26 20:16 - 0119704 ___SH (Open Source Software community LGPL) C:\Users\oem\AppData\Roaming\pthreadGC2.dll
2015-08-15 11:48 - 2014-05-26 20:16 - 0364544 ___SH (The OpenSSL Project, http://www.openssl.org/) C:\Users\oem\AppData\Roaming\ssleay32.dll
2015-08-15 11:48 - 2014-05-26 20:16 - 0113166 ___SH () C:\Users\oem\AppData\Roaming\zlib1.dll
2015-12-20 16:13 - 2015-12-20 16:13 - 0003072 _____ () C:\Users\oem\AppData\Local\file__0.localstorage
2015-10-03 14:18 - 2015-10-03 14:18 - 0000000 ___SH () C:\Users\oem\AppData\Local\LumaEmu
2015-08-02 16:18 - 2016-07-17 21:07 - 0007599 _____ () C:\Users\oem\AppData\Local\resmon.resmoncfg
2015-03-19 12:08 - 2015-03-19 12:08 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-03-24 18:06

==================== End of FRST.txt ============================

Re: pop-up v chromu

Napsal: 26 bře 2017 13:48
od Rudy
Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: pop-up v chromu

Napsal: 26 bře 2017 15:59
od petrys
Děkuji za pomoc
Zde je log

# AdwCleaner v6.044 - Log vytvořen 26/03/2017 v 15:33:59
# Aktualizováno dne 28/02/2017 z Malwarebytes
# Databáze : 2017-03-23.2 [Server]
# Operační systém : Windows 7 Home Premium Service Pack 1 (X64)
# Uživatelské jméno : oem - ON-PC
# Spuštěno z : C:\Users\oem\Desktop\adwcleaner_6.044.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****



***** [ Složky ] *****

[-] Složka smazána: C:\Users\oem\AppData\LocalLow\IObit\Advanced SystemCare
[-] Složka smazána: C:\Users\oem\AppData\Roaming\IObit\Advanced SystemCare
[-] Složka smazána: C:\ProgramData\IObit\ASCDownloader
[-] Složka smazána: C:\ProgramData\IObit\Advanced SystemCare
[#] Složka smazána po restartu: C:\ProgramData\Application Data\IObit\ASCDownloader
[#] Složka smazána po restartu: C:\ProgramData\Application Data\IObit\Advanced SystemCare
[-] Složka smazána: C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
[-] Složka smazána: C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare


***** [ Soubory ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupci ] *****



***** [ Naplánované úlohy ] *****



***** [ Registry ] *****

[-] Klíč smazán: HKLM\SOFTWARE\Classes\ASCExtMenu.CExtMenu
[-] Klíč smazán: HKLM\SOFTWARE\Classes\ASCExtMenu.CExtMenu.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\ASCExtMenu.CExtMenu
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\ASCExtMenu.CExtMenu.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Klíč smazán: HKLM\SOFTWARE\IOBIT\ASC
[-] Klíč smazán: HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
[-] Klíč smazán: HKLM\SOFTWARE\CLASSES\DRIVE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
[-] Klíč smazán: HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare


***** [ Prohlížeče ] *****



*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2309 Bajty] - [26/03/2017 15:33:59]
C:\AdwCleaner\AdwCleaner[S0].txt - [2666 Bajty] - [26/03/2017 15:32:51]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2455 Bajty] ##########

Re: pop-up v chromu

Napsal: 26 bře 2017 16:14
od Rudy
Dejte nový log FRST.

Re: pop-up v chromu

Napsal: 26 bře 2017 17:45
od petrys
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
Ran by oem (administrator) on ON-PC (26-03-2017 18:41:55)
Running from C:\Users\oem\Desktop
Loaded Profiles: oem (Available Profiles: oem)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) D:\Advanced SystemCare\ASCService.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(IObit) D:\IObit Uninstaller\UninstallMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8900104 2016-11-01] (Realtek Semiconductor)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-08] (AVAST Software)
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\MountPoints2: K - K:\Autorun.exe
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\MountPoints2: {51a3fe8d-2de9-11e5-8358-d8cb8a3b9613} - M:\Setup.exe
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\MountPoints2: {7e6e05b0-2355-11e5-99b3-d8cb8a3b9613} - F:\setup.exe
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\MountPoints2: {8e5fef6a-2d30-11e5-8f1d-d8cb8a3b9613} - L:\setup_papers_please_2.0.0.4.exe
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\MountPoints2: {999c3ff8-431b-11e5-ae91-d8cb8a3b9613} - N:\setup.exe
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-08] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-08] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 176.102.147.2 176.102.144.2 176.102.128.2
Tcpip\..\Interfaces\{E8A0DE12-4648-402A-85E6-8C898C8B5526}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{E8A0DE12-4648-402A-85E6-8C898C8B5526}: [DhcpNameServer] 176.102.147.2 176.102.144.2 176.102.128.2

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKLM -> DefaultScope {E49074B5-EFA0-4538-ADFA-CCC7450A774A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {E49074B5-EFA0-4538-ADFA-CCC7450A774A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {E49074B5-EFA0-4538-ADFA-CCC7450A774A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {E49074B5-EFA0-4538-ADFA-CCC7450A774A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-851051715-1971755352-4237513697-1000 -> {CE45F0D2-A2AD-420A-A605-0490B77619D5} URL =
SearchScopes: HKU\S-1-5-21-851051715-1971755352-4237513697-1000 -> {E49074B5-EFA0-4538-ADFA-CCC7450A774A} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> D:\IObit Uninstaller\UninstallExplorer.dll [2016-05-23] (IObit)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-03-08] (AVAST Software)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-03-08] (AVAST Software)
BHO-x32: IObit Ads Removal -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> D:\Advanced SystemCare\Surfing Protection\Adblock\Adblock.dll [2016-06-23] (IObit)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2017-02-06]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2017-02-06]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-05-14] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-05-14] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll [2009-06-23] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default [2017-03-26]
CHR Extension: (Web Viewer Plus) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\gohkpobccnmkfgdakigahjikgbiklbgo [2017-02-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Chrome Media Router) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-11]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService10; D:\Advanced SystemCare\ASCService.exe [462624 2016-12-12] (IObit)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7147320 2017-03-08] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-08] (AVAST Software)
S3 Disc Soft Lite Bus Service; D:\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-06-22] (Disc Soft Ltd)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344168 2016-01-23] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
S2 IObitUnSvr; D:\IObit Uninstaller\IUService.exe [360736 2016-10-28] (IObit)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-05-14] (Intel Corporation)
S4 MBAMScheduler; D:\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; D:\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation)
S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation)
S3 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [309272 2017-03-08] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [189768 2017-03-08] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334600 2017-03-08] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [48528 2017-03-08] (AVAST Software s.r.o.)
S3 aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [82936 2017-02-06] (AVAST Software)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-03-08] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [32088 2017-03-08] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [126600 2017-03-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [100640 2017-03-08] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-03-08] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [993608 2017-03-08] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [548928 2017-03-21] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162528 2017-03-08] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [337592 2017-03-14] (AVAST Software)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-08-06] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-08-06] (Disc Soft Ltd)
R3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [190360 2017-03-04] (GenesysLogic)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-08-15] (REALiX(tm))
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [31712 2016-06-12] (Intel Corporation)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [44744 2016-01-26] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [199736 2017-01-08] (Intel Corporation)
R2 NPF; C:\Windows\SysWOW64\drivers\npf64.sys [36600 2015-12-16] (Riverbed Technology, Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation)
S3 NVSWCFilter; C:\Windows\system32\drivers\nvswcfilter.sys [19616 2014-09-06] (Windows (R) Win 7 DDK provider)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46016 2016-12-04] (NVIDIA Corporation)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
S3 GPCIDrv; \??\C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [X]
S3 MSICDSetup; \??\E:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-26 18:41 - 2017-03-26 18:42 - 00014218 _____ C:\Users\oem\Desktop\FRST.txt
2017-03-26 15:32 - 2017-03-26 15:33 - 00000000 ____D C:\AdwCleaner
2017-03-26 12:26 - 2017-03-26 18:41 - 00000000 ____D C:\FRST
2017-03-19 11:17 - 2017-03-19 11:17 - 00000000 ____D C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Sims 2
2017-03-19 11:17 - 2011-07-28 13:26 - 00000000 ____D C:\Users\oem\Documents\EA Games
2017-03-18 19:42 - 2017-03-18 19:42 - 00000000 ____D C:\Users\Public\Documents\EA Games
2017-03-18 19:41 - 2017-03-19 11:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 2
2017-03-15 23:38 - 2017-02-23 01:42 - 00084712 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-03-15 23:38 - 2017-02-23 01:37 - 01285632 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-03-15 23:38 - 2017-02-18 16:05 - 01609216 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-03-15 23:38 - 2017-02-18 16:05 - 00646656 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-03-15 23:38 - 2016-12-31 17:36 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-03-15 23:38 - 2016-12-31 17:36 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-03-15 23:38 - 2016-12-31 17:36 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-03-15 23:38 - 2016-12-31 17:36 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-03-15 23:38 - 2016-12-31 17:36 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-03-12 19:10 - 2017-03-12 19:10 - 00000000 ____D C:\Users\oem\.QtWebEngineProcess
2017-03-12 19:10 - 2017-03-12 19:10 - 00000000 ____D C:\Users\oem\.Origin
2017-03-12 18:29 - 2017-03-12 19:39 - 00000000 ____D C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2017-03-12 18:21 - 2004-08-18 10:34 - 00442368 ____R (On2.com) C:\Windows\SysWOW64\vp6vfw.dll
2017-03-12 18:20 - 2017-03-12 18:20 - 00000000 ____D C:\Users\oem\AppData\Roaming\Macromedia
2017-03-11 15:07 - 2017-03-11 15:07 - 00000000 ____D C:\Users\oem\Documents\CPY_SAVES
2017-03-11 14:44 - 2017-03-11 14:44 - 00000664 _____ C:\Users\oem\Desktop\No Mans Sky.lnk
2017-03-08 23:11 - 2017-03-26 12:26 - 02424832 _____ (Farbar) C:\Users\oem\Desktop\FRST64.exe
2017-03-08 19:22 - 2017-03-08 19:22 - 00398408 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-03-08 19:22 - 2017-03-08 19:22 - 00334600 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-03-08 19:22 - 2017-03-08 19:22 - 00309272 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-03-08 19:22 - 2017-03-08 19:22 - 00189768 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-03-08 19:22 - 2017-03-08 19:22 - 00048528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-03-08 19:22 - 2017-03-08 19:22 - 00003914 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-03-04 14:14 - 2017-03-04 14:14 - 00217528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2017-03-04 14:14 - 2017-03-04 14:14 - 00047664 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 40192056 _____ C:\Windows\system32\nvcompiler.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 35272760 _____ C:\Windows\SysWOW64\nvcompiler.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 34937280 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 28212280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 19110088 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 19006832 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 16510160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 16398896 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 14674896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 14373824 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2017-03-04 14:01 - 2017-03-04 14:01 - 13377072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 11122912 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 11019704 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 09305984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 08990072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 04064088 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 03627064 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 03583560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 03187256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 01983424 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437866.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 01589696 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437866.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 01051584 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00989120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00961080 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00912440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00687224 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00611384 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00576192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00504104 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00500792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00492744 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00425288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00408272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00170360 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00153184 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00131720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2017-03-04 14:01 - 2017-03-04 14:01 - 00000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2017-03-04 14:01 - 2017-03-04 14:01 - 00000669 _____ C:\Windows\system32\nv-vk64.json
2017-03-04 13:45 - 2017-03-04 13:45 - 05637816 _____ (Genesys) C:\Windows\system32\GeneIcon.dll
2017-03-04 13:45 - 2017-03-04 13:45 - 01731832 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2017-03-04 13:45 - 2017-03-04 13:45 - 00190360 _____ (GenesysLogic) C:\Windows\system32\Drivers\GeneStor.sys
2017-03-04 13:45 - 2017-03-04 13:45 - 00169752 _____ (Genesys Logic) C:\Windows\system32\GSCoinst.dll
2017-03-04 13:45 - 2017-03-04 13:45 - 00064088 _____ () C:\Windows\SysWOW64\UMonit64.exe
2017-03-04 13:45 - 2017-03-04 13:45 - 00000000 ____D C:\Windows\SysWOW64\sda
2017-03-04 13:45 - 2017-03-04 13:45 - 00000000 ____D C:\Program Files (x86)\Genesyslogic
2017-02-24 21:30 - 2017-03-04 19:04 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-02-24 21:30 - 2017-02-24 21:30 - 00000640 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2017-02-24 21:30 - 2016-03-10 15:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2017-02-24 21:30 - 2016-03-10 15:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-02-24 21:30 - 2016-03-10 15:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-02-24 21:26 - 2017-02-24 21:26 - 05545472 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2017-02-24 21:26 - 2017-02-24 21:26 - 03503048 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\SET5780.tmp
2017-02-24 21:26 - 2017-02-24 21:26 - 03302272 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 03203584 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 03203424 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\SET53E2.tmp
2017-02-24 21:26 - 2017-02-24 21:26 - 02201600 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 02050176 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 01979664 _____ (Creative Technology Ltd.) C:\Windows\system32\SET59C6.tmp
2017-02-24 21:26 - 2017-02-24 21:26 - 01746192 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO232.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 01353824 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00689880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00532376 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00410032 _____ (Creative Technology Ltd.) C:\Windows\system32\SET59D6.tmp
2017-02-24 21:26 - 2017-02-24 21:26 - 00387312 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00343704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00330560 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00321712 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00321712 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00221968 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00214832 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00209536 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00192976 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\SET5D16.tmp
2017-02-24 21:26 - 2017-02-24 21:26 - 00166200 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00122320 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00110984 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00088344 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2017-02-24 21:26 - 2017-02-24 21:26 - 00041088 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\MBfilt64.sys
2017-02-24 21:26 - 2017-02-24 21:26 - 00023688 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\SET6396.tmp
2017-02-24 21:25 - 2017-02-24 21:25 - 09124224 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2017-02-24 21:25 - 2017-02-24 21:25 - 03014144 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2017-02-24 21:25 - 2017-02-24 21:25 - 00574752 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2017-02-24 21:25 - 2017-02-24 21:25 - 00118592 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2017-02-24 21:20 - 2017-02-24 21:20 - 01044992 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2017-02-24 21:20 - 2017-02-24 21:20 - 00082536 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-26 15:43 - 2009-07-14 06:45 - 00021600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-26 15:43 - 2009-07-14 06:45 - 00021600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-26 15:40 - 2015-08-15 14:56 - 00002824 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (oem)
2017-03-26 15:39 - 2010-11-21 11:27 - 00681342 _____ C:\Windows\system32\perfh005.dat
2017-03-26 15:39 - 2010-11-21 11:27 - 00145820 _____ C:\Windows\system32\perfc005.dat
2017-03-26 15:39 - 2009-07-14 07:13 - 01610564 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-26 15:39 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2017-03-26 15:35 - 2015-08-15 14:56 - 00000000 ____D C:\Users\oem\AppData\LocalLow\IObit
2017-03-26 15:35 - 2015-08-15 14:48 - 00000000 ____D C:\Users\oem\AppData\Roaming\IObit
2017-03-26 15:35 - 2015-08-15 14:48 - 00000000 ____D C:\ProgramData\IObit
2017-03-26 15:35 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-26 12:31 - 2016-01-08 20:48 - 00000000 ____D C:\Users\oem\AppData\Local\CrashDumps
2017-03-26 10:51 - 2015-08-07 19:47 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-03-26 02:21 - 2016-10-18 22:30 - 00000958 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2017-03-25 21:01 - 2016-12-05 16:30 - 00000862 _____ C:\Users\Public\Desktop\Advanced SystemCare 10.lnk
2017-03-25 20:23 - 2015-08-07 17:38 - 00000000 ____D C:\Users\oem\AppData\Local\GetNZB
2017-03-25 16:51 - 2015-08-07 19:45 - 00000000 ____D C:\Users\oem\Documents\Electronic Arts
2017-03-25 16:51 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-03-23 16:34 - 2016-01-07 16:27 - 00264808 _____ C:\Windows\system32\FNTCACHE.DAT
2017-03-23 16:33 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\DVD Maker
2017-03-23 16:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2017-03-23 16:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Dism
2017-03-23 16:31 - 2016-02-15 16:30 - 82030592 _____ C:\Windows\system32\config\software.iodefrag.bak
2017-03-23 16:31 - 2016-02-15 16:30 - 00245760 _____ C:\Windows\system32\config\default.iodefrag.bak
2017-03-23 16:31 - 2016-02-15 16:30 - 00024576 _____ C:\Windows\system32\config\security.iodefrag.bak
2017-03-23 16:31 - 2016-02-15 16:30 - 00024576 _____ C:\Windows\system32\config\sam.iodefrag.bak
2017-03-22 16:35 - 2015-08-15 14:56 - 00000000 ____D C:\ProgramData\ProductData
2017-03-21 21:15 - 2016-07-11 20:11 - 00000000 ____D C:\ProgramData\Ubisoft
2017-03-21 21:15 - 2015-03-19 12:06 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-03-21 20:18 - 2017-02-06 16:48 - 00548928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2017-03-21 20:14 - 2015-07-12 02:55 - 00000000 ____D C:\Users\oem\AppData\Local\ElevatedDiagnostics
2017-03-21 20:14 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2017-03-18 21:07 - 2015-07-31 20:00 - 00000000 ____D C:\Users\oem\AppData\Local\Deployment
2017-03-18 16:35 - 2016-01-06 19:46 - 00000000 ____D C:\Program Files (x86)\DLL Suite
2017-03-16 16:34 - 2015-07-06 12:19 - 00000000 ___SD C:\Windows\system32\CompatTel
2017-03-16 16:34 - 2015-07-06 12:19 - 00000000 ____D C:\Windows\system32\appraiser
2017-03-16 00:05 - 2015-07-10 22:51 - 00000000 ____D C:\Windows\system32\MRT
2017-03-16 00:04 - 2015-07-10 22:51 - 138634176 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-03-15 16:39 - 2015-07-05 15:14 - 00000000 ____D C:\ProgramData\AVAST Software
2017-03-14 16:37 - 2017-02-06 16:48 - 00337592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2017-03-14 16:32 - 2015-07-05 21:16 - 00000000 ____D C:\Users\oem\AppData\Roaming\DAEMON Tools Lite
2017-03-12 19:10 - 2015-03-19 11:30 - 00000000 ____D C:\Users\oem
2017-03-12 09:29 - 2016-02-15 16:30 - 48443392 _____ C:\Windows\system32\config\components.iodefrag.bak
2017-03-11 12:19 - 2015-07-16 19:35 - 00000000 ____D C:\Users\oem\Documents\My Games
2017-03-10 16:38 - 2017-02-06 16:49 - 00003886 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1486392599
2017-03-08 19:22 - 2017-02-06 16:49 - 00032088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-03-08 19:22 - 2017-02-06 16:48 - 00993608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-03-08 19:22 - 2017-02-06 16:48 - 00162528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-03-08 19:22 - 2017-02-06 16:48 - 00126600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-03-08 19:22 - 2017-02-06 16:48 - 00100640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-03-08 19:22 - 2017-02-06 16:48 - 00075704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-03-08 19:22 - 2017-02-06 16:48 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-03-07 20:03 - 2009-07-14 07:08 - 00032536 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-03-05 10:13 - 2015-07-04 14:13 - 00000000 ____D C:\Program Files (x86)\Google
2017-03-05 09:38 - 2015-10-25 21:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2017-03-04 14:14 - 2017-02-14 19:46 - 00000840 _____ C:\Users\Public\Desktop\Driver Booster 4.lnk
2017-03-04 14:14 - 2016-11-01 22:52 - 01600056 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2017-03-04 14:02 - 2015-07-31 20:40 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-03-04 14:01 - 2015-02-20 01:18 - 00042606 _____ C:\Windows\system32\nvinfo.pb
2017-02-25 11:06 - 2016-12-15 17:06 - 00003102 _____ C:\Windows\System32\Tasks\SmartDefrag_AutoAnalyze
2017-02-25 11:06 - 2016-12-15 17:06 - 00002948 _____ C:\Windows\System32\Tasks\SmartDefrag_Update
2017-02-25 11:06 - 2016-10-09 08:54 - 00000590 _____ C:\Users\Public\Desktop\Smart Defrag 5.lnk
2017-02-25 11:06 - 2016-06-06 22:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag
2017-02-24 21:35 - 2016-01-06 20:16 - 00000000 ____D C:\ProgramData\Ashampoo
2017-02-24 21:26 - 2015-03-19 12:08 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2017-02-24 21:20 - 2015-03-19 12:06 - 00116288 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll

==================== Files in the root of some directories =======

2015-08-15 11:48 - 2014-05-24 21:09 - 0603763 ___SH () C:\Users\oem\AppData\Roaming\libcurl-4.dll
2015-08-15 11:48 - 2014-05-26 20:16 - 0626176 ___SH (The cURL library, http://curl.haxx.se/) C:\Users\oem\AppData\Roaming\libcurl.dll
2015-08-15 11:48 - 2014-05-26 20:16 - 1704448 ___SH (The OpenSSL Project, http://www.openssl.org/) C:\Users\oem\AppData\Roaming\libeay32.dll
2015-08-15 11:48 - 2014-05-26 20:16 - 0112142 ___SH () C:\Users\oem\AppData\Roaming\libgcc_s_dw2-1.dll
2015-08-15 11:48 - 2014-05-26 20:16 - 0279955 ___SH () C:\Users\oem\AppData\Roaming\libidn-11.dll
2015-08-15 11:48 - 2014-05-26 20:16 - 0148760 ___SH () C:\Users\oem\AppData\Roaming\libpdcurses.dll
2015-08-15 11:48 - 2014-05-04 11:16 - 0207360 ___SH (CodePlex Community) C:\Users\oem\AppData\Roaming\Microsoft.Win32.TaskScheduler.dll
2015-08-15 11:48 - 2013-08-11 15:41 - 0044032 ___SH (NirSoft) C:\Users\oem\AppData\Roaming\nircmd.exe
2015-04-19 14:20 - 2015-10-12 20:16 - 0000626 _____ () C:\Users\oem\AppData\Roaming\OsasGC28BU3BMhsM3C1RV
2015-08-15 11:48 - 2014-05-24 21:09 - 0042496 ___SH (Open Source Software community project) C:\Users\oem\AppData\Roaming\pthreadGC2-w64.dll
2015-08-15 11:48 - 2014-05-26 20:16 - 0119704 ___SH (Open Source Software community LGPL) C:\Users\oem\AppData\Roaming\pthreadGC2.dll
2015-08-15 11:48 - 2014-05-26 20:16 - 0364544 ___SH (The OpenSSL Project, http://www.openssl.org/) C:\Users\oem\AppData\Roaming\ssleay32.dll
2015-08-15 11:48 - 2014-05-26 20:16 - 0113166 ___SH () C:\Users\oem\AppData\Roaming\zlib1.dll
2015-12-20 16:13 - 2015-12-20 16:13 - 0003072 _____ () C:\Users\oem\AppData\Local\file__0.localstorage
2015-10-03 14:18 - 2015-10-03 14:18 - 0000000 ___SH () C:\Users\oem\AppData\Local\LumaEmu
2015-08-02 16:18 - 2016-07-17 21:07 - 0007599 _____ () C:\Users\oem\AppData\Local\resmon.resmoncfg
2015-03-19 12:08 - 2015-03-19 12:08 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-03-24 18:06

==================== End of FRST.txt ============================

Re: pop-up v chromu

Napsal: 26 bře 2017 18:07
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\MountPoints2: K - K:\Autorun.exe
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\MountPoints2: {51a3fe8d-2de9-11e5-8358-d8cb8a3b9613} - M:\Setup.exe
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\MountPoints2: {7e6e05b0-2355-11e5-99b3-d8cb8a3b9613} - F:\setup.exe
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\MountPoints2: {8e5fef6a-2d30-11e5-8f1d-d8cb8a3b9613} - L:\setup_papers_please_2.0.0.4.exe
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\MountPoints2: {999c3ff8-431b-11e5-ae91-d8cb8a3b9613} - N:\setup.exe
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKLM -> DefaultScope {E49074B5-EFA0-4538-ADFA-CCC7450A774A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {E49074B5-EFA0-4538-ADFA-CCC7450A774A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {E49074B5-EFA0-4538-ADFA-CCC7450A774A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {E49074B5-EFA0-4538-ADFA-CCC7450A774A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-851051715-1971755352-4237513697-1000 -> {CE45F0D2-A2AD-420A-A605-0490B77619D5} URL =
SearchScopes: HKU\S-1-5-21-851051715-1971755352-4237513697-1000 -> {E49074B5-EFA0-4538-ADFA-CCC7450A774A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Windows\system32\SET5780.tmp
C:\Windows\system32\SET53E2.tmp
C:\Windows\system32\SET59C6.tmp
C:\Windows\system32\SET59D6.tmp
C:\Windows\system32\SET5D16.tmp
C:\Windows\system32\SET6396.tmp
C:\ProgramData\DP45977C.lfl

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Doporučuji odinstalovat AdvancedSystemCare. Tento optimizer občas vidí chyby i tam, kde nejsou a laik si jím snadno může poškodit systém.

Re: pop-up v chromu

Napsal: 26 bře 2017 20:49
od petrys
Ok odinstaluji program na vaše doporučení.Stačí když budu používat ccleaner+win programy nebo by jste mohl dát tip na jiný optimizer?díky
Zatím stále vyskakuje stránka reimage repair
Tady je log

Fix result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
Ran by oem (26-03-2017 21:22:02) Run:1
Running from C:\Users\oem\Desktop
Loaded Profiles: oem (Available Profiles: oem)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\MountPoints2: K - K:\Autorun.exe
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\MountPoints2: {51a3fe8d-2de9-11e5-8358-d8cb8a3b9613} - M:\Setup.exe
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\MountPoints2: {7e6e05b0-2355-11e5-99b3-d8cb8a3b9613} - F:\setup.exe
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\MountPoints2: {8e5fef6a-2d30-11e5-8f1d-d8cb8a3b9613} - L:\setup_papers_please_2.0.0.4.exe
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\...\MountPoints2: {999c3ff8-431b-11e5-ae91-d8cb8a3b9613} - N:\setup.exe
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKLM -> DefaultScope {E49074B5-EFA0-4538-ADFA-CCC7450A774A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {E49074B5-EFA0-4538-ADFA-CCC7450A774A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {E49074B5-EFA0-4538-ADFA-CCC7450A774A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {E49074B5-EFA0-4538-ADFA-CCC7450A774A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-851051715-1971755352-4237513697-1000 -> {CE45F0D2-A2AD-420A-A605-0490B77619D5} URL =
SearchScopes: HKU\S-1-5-21-851051715-1971755352-4237513697-1000 -> {E49074B5-EFA0-4538-ADFA-CCC7450A774A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Windows\system32\SET5780.tmp
C:\Windows\system32\SET53E2.tmp
C:\Windows\system32\SET59C6.tmp
C:\Windows\system32\SET59D6.tmp
C:\Windows\system32\SET5D16.tmp
C:\Windows\system32\SET6396.tmp
C:\ProgramData\DP45977C.lfl

EmptyTemp:
End

*****************

HKU\S-1-5-21-851051715-1971755352-4237513697-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\K => key removed successfully
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{51a3fe8d-2de9-11e5-8358-d8cb8a3b9613} => key removed successfully
HKCR\CLSID\{51a3fe8d-2de9-11e5-8358-d8cb8a3b9613} => key not found.
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7e6e05b0-2355-11e5-99b3-d8cb8a3b9613} => key removed successfully
HKCR\CLSID\{7e6e05b0-2355-11e5-99b3-d8cb8a3b9613} => key not found.
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8e5fef6a-2d30-11e5-8f1d-d8cb8a3b9613} => key removed successfully
HKCR\CLSID\{8e5fef6a-2d30-11e5-8f1d-d8cb8a3b9613} => key not found.
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{999c3ff8-431b-11e5-ae91-d8cb8a3b9613} => key removed successfully
HKCR\CLSID\{999c3ff8-431b-11e5-ae91-d8cb8a3b9613} => key not found.
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E49074B5-EFA0-4538-ADFA-CCC7450A774A} => key removed successfully
HKCR\CLSID\{E49074B5-EFA0-4538-ADFA-CCC7450A774A} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{E49074B5-EFA0-4538-ADFA-CCC7450A774A} => key removed successfully
HKCR\Wow6432Node\CLSID\{E49074B5-EFA0-4538-ADFA-CCC7450A774A} => key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CE45F0D2-A2AD-420A-A605-0490B77619D5} => key removed successfully
HKCR\CLSID\{CE45F0D2-A2AD-420A-A605-0490B77619D5} => key not found.
HKU\S-1-5-21-851051715-1971755352-4237513697-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E49074B5-EFA0-4538-ADFA-CCC7450A774A} => key removed successfully
HKCR\CLSID\{E49074B5-EFA0-4538-ADFA-CCC7450A774A} => key not found.
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => key removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => key removed successfully
C:\Windows\system32\SET5780.tmp => moved successfully
C:\Windows\system32\SET53E2.tmp => moved successfully
C:\Windows\system32\SET59C6.tmp => moved successfully
C:\Windows\system32\SET59D6.tmp => moved successfully
C:\Windows\system32\SET5D16.tmp => moved successfully
C:\Windows\system32\SET6396.tmp => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 4075668 B
Java, Flash, Steam htmlcache => 492 B
Windows/system/drivers => 0 B
Edge => 0 B
Chrome => 8262387 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 66228 B
Public => 0 B
ProgramData => 0 B
systemprofile => 58502876 B
systemprofile32 => 71163 B
LocalService => 86507 B
NetworkService => 66228 B
oem => 4710449 B
Petr => 0 B

RecycleBin => 0 B
EmptyTemp: => 80.3 MB temporary data Removed.

Re: pop-up v chromu

Napsal: 26 bře 2017 21:10
od Rudy
CCleaner postačí. Smazáno. Spusťte ještě tyto skeny:

1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize




autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;





Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

Re: pop-up v chromu

Napsal: 27 bře 2017 18:34
od petrys
Dobrý den
Zde jsou logy

Zoek.exe v5.0.0.1 Updated 27-09-2015
Tool run by oem on po 27.03.2017 at 16:58:07,55.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\oem\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

27.3.2017 17:00:13 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~3\Ashampoo deleted successfully
C:\PROGRA~3\Logs deleted successfully
C:\PROGRA~3\LumaEmu_SteamCloud deleted successfully
C:\PROGRA~3\NVIDIA deleted successfully
C:\PROGRA~3\Ubisoft deleted successfully
C:\PROGRA~3\{74E9F814-C737-42CC-B721-DBBC4059367A} deleted successfully
C:\PROGRA~3\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} deleted successfully
C:\PROGRA~3\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705} deleted successfully
C:\PROGRA~3\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98} deleted successfully
C:\Users\Default\AppData\Roaming\ProductData deleted successfully
C:\Users\oem\AppData\Roaming\MPC-HC deleted successfully
C:\Users\oem\AppData\Local\CrashDumps deleted successfully
C:\Users\oem\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~3\{74E9F814-C737-42CC-B721-DBBC4059367A} not found
C:\PROGRA~3\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} not found
C:\PROGRA~3\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705} not found
C:\PROGRA~3\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98} not found
C:\PROGRA~2\Windows Live SkyDrive deleted
C:\Users\oem\AppData\Roaming\libcurl-4.dll deleted
C:\Users\oem\AppData\Roaming\libcurl.dll deleted
C:\Users\oem\AppData\Roaming\libeay32.dll deleted
C:\Users\oem\AppData\Roaming\libgcc_s_dw2-1.dll deleted
C:\Users\oem\AppData\Roaming\libidn-11.dll deleted
C:\Users\oem\AppData\Roaming\libpdcurses.dll deleted
C:\Users\oem\AppData\Roaming\Microsoft.Win32.TaskScheduler.dll deleted
C:\Users\oem\AppData\Roaming\pthreadGC2-w64.dll deleted
C:\Users\oem\AppData\Roaming\pthreadGC2.dll deleted
C:\Users\oem\AppData\Roaming\ssleay32.dll deleted
C:\Users\oem\AppData\Roaming\zlib1.dll deleted
C:\Users\oem\AppData\Roaming\ProductData deleted
C:\PROGRA~3\AlawarWrapper deleted
C:\PROGRA~3\ProductData deleted
C:\PROGRA~3\Package Cache deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Windows\Syswow64\SET2ED8.tmp deleted
C:\Windows\Syswow64\SET3664.tmp deleted
C:\Windows\Syswow64\SETEE33.tmp deleted
C:\Windows\Syswow64\SETF163.tmp deleted
C:\Windows\Syswow64\SETF4E6.tmp deleted
C:\Users\Public\Documents\AlawarWrapper deleted
C:\Users\oem\AppData\Roaming\nircmd.exe deleted
"C:\Users\oem\AppData\Local\LumaEmu" deleted
"C:\Users\oem\AppData\Roaming\OsasGC28BU3BMhsM3C1RV" deleted
"C:\Users\oem\AppData\Roaming\Tunngle\Local.key" deleted
"C:\Users\oem\AppData\Roaming\Tunngle\Local.pub" deleted
"C:\Users\oem\AppData\Roaming\Tunngle" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [06.02.2017 16:48]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [06.02.2017 16:48]

==== Chromium Look ======================

Google Chrome Version: 46.0.2490.86


Chrome Media Router - oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Chromium Fix ======================

C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_stranded-deep.en.softonic.com_0.localstorage deleted successfully
C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_stranded-deep.en.softonic.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/"
"Search Page"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.seznam.cz/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IESR02"

==== Reset Google Chrome ======================

C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Web Data.ReadOnly was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\oem\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=442 folders=115 139438210 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\oem\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\oem\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on po 27.03.2017 at 17:36:41,67 ======================




Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.2 (03.10.2017)
Operating System: Windows 7 Home Premium x64
Ran by oem (Administrator) on po 27.03.2017 at 17:41:23,97
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 6

Successfully deleted: C:\ProgramData\productdata (Folder)
Successfully deleted: C:\Users\oem\AppData\Local\alawarwrapper (Folder)
Successfully deleted: C:\Users\oem\AppData\Roaming\3909 (Folder)
Successfully deleted: C:\Windows\system32\Tasks\Driver Booster Scheduler (Task)
Successfully deleted: C:\Windows\system32\Tasks\Driver Booster SkipUAC (oem) (Task)
Successfully deleted: C:\Windows\system32\Tasks\Uninstaller_SkipUac_oem (Task)



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 27.03.2017 at 17:42:45,42
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Re: pop-up v chromu

Napsal: 27 bře 2017 18:40
od Rudy
OK. Nastala nyní nějaká změna?

Re: pop-up v chromu

Napsal: 27 bře 2017 19:36
od petrys
Prohlížeč už vypadá v pořádku :thumbsup:

Ještě bych měl prosím otázku ohledně aktualizaci win.Nevím si rady s některými updaty,nechtěly se instalovat a vždy to skončilo tím že se pc 2krát zrestartovalo a vrátilo změny...tak jsem je skryl a ignoroval
Dříve jsem zkoušel i nějaký fix přímo z update zřejmě jsem neměl problém sám ale to nepomohlo.
Ted za ty měsíce jich mám asi 6 skrytých a prý jsou duležité ale jsou staré.Nevím jestli je ignorovat nebo třeba by nepomohlo v nouzovém režimu instalovat.Co by jste mi poradil?

Re: pop-up v chromu

Napsal: 27 bře 2017 20:09
od Rudy
Zkuste tento postup: https://support.microsoft.com/cs-cz/hel ... iness-tool .

Re: pop-up v chromu

Napsal: 02 dub 2017 11:06
od petrys
Dobrý den
Omlouvám se za zpožděnou odpověd
Bohužel tento nástroj nepomáhá.Spustil jsem nástroj připravenosti pak dal instal.problémový update a zase se vrátily změny.Jedná se o 1nu nejnovější kumulativní aktualizaci za březen
Je tam i ruční cesta ale s tím si nák nevím rady protože nemužu najít ten špatný update v logu.Ve windows update jsem dal myslím checksur.log nebo tak nějak a vypsalo mi to tyhle logy kde vypisuje kod chyby a náký errory jestli vám to pomuže.



Proxy server: Přímý přístup (bez serveru proxy).
Poslední nainstalovaná aktualizace:Březen 2017, měsíční kumulativní aktualizace zabezpečení pro zvýšení kvality pro Windows 7 pro procesory x64 (KB4012215),03/28/2017 19:56:02
Poslední zobrazená zpráva:2017-03-30 16:34:04:186 608 554 Agent WARNING: Failed to read the service id for re-registration 0x80070002
Nastavení jazyka:cs-CZ
bits : Running
wuauserv : Running
PRACOVNÍ SKUPINA:WORKGROUP
Verze agenta služby Windows Update:7.6.7601.23453
Microsoft Windows 7 Home Premium SP: 1
Typ procesoru: x64
Architektura operačního systému:64-bit



Package Version 26.0
2017-03-28 20:38

Checking Windows Servicing Packages

Checking Package Manifests and Catalogs

Checking Package Watchlist

Checking Component Watchlist

Checking Packages

Checking Component Store
(f) CSI C Mark Deployment Missing 0x00000000 c!avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_0b20a8ff883c3a4a x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c
(f) CSI C Mark Deployment Missing 0x00000000 c!avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_c373722873c01144 amd64_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_d58a6d64ab65b396
(f) CSI C Mark Deployment Missing 0x00000000 c!avast.vc140.mfc_fcc99ee6193ebbca_14.0.24210.0_49391d6d8244622b x86_avast.vc140.mfc_fcc99ee6193ebbca_14.0.24210.0_none_a338d8ea2df29efb
(f) CSI C Mark Deployment Missing 0x00000000 c!policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_ef17e13d91c55d96 amd64_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_none_499a1b14d5902dfc
(f) CSI C Mark Deployment Missing 0x00000000 c!policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_36c51814a641869c x86_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_none_914751ebea0c5702
(f) CSI C Mark Deployment Missing 0x00000000 c!avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_020285fe6d6e0580 amd64_avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_none_56aba0211ca246c2
(f) CSI C Mark Deployment Missing 0x00000000 c!policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_14.0.24210.0_364e78aca69bba41 x86_policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_14.0.24210.0_none_962753dde6e08635
(f) CSI C Mark Deployment Missing 0x00000000 c!avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_49afbcd581ea2e86 x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_none_9e58d6f8311e6fc8

Summary:
Seconds executed: 142
Found 8 errors
CSI C Mark Deployment Missing Total count: 8

Re: pop-up v chromu

Napsal: 02 dub 2017 11:19
od Rudy
To fixování byl asi WUFix: http://www.smartestcomputing.us.com/top ... pdate-fix/ . Ten občas pomůže. Další možností je odinstalovat všechny aktualizace po datu, kdy se vám nenainstalovaly ty skryté a necht vš znovu zaktualizovat.

Re: pop-up v chromu

Napsal: 02 dub 2017 18:57
od petrys
Bez změny tak zkusím odinstalovat k datu
Jak to bude možné dám hned vědět.
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz