VIRY.CZ

Počítač byl hodně pomalý, dlouho nabíhala plocha. Klasické neduhy produktů od IObit a jiných čisticích programů. Mám tam nyní jen Acebyte Utilities (na optimalizaci RAM) a CCleaner na základní čištění. Víc nic.

Problém je, že nová verze IObit Unninstaller, zřejmě, zapříčinila BSOD počítače tehdy, bylo-li zrovna přehráváno nějaké video v prohlížeči či ve Windows. Případně docházelo k modré smrti za jinačích podmínek, ale doufám, že už k ní docházet nebude. Chci především odstranit zbytkové soubory po klasické odinstalaci (IObit produkty a případně něco dalšího).

Potíže se BSOD se projevily i tehdy, když byly aktualizovány graf. drivery přes vestavěnou GeForce Experience, ale ovládač se jaksi zvládl nainstalovat dobře, alespoň na první pohled. Multimediální aplikace, benchmarky a hry fungují dobře.

AdwCleaner ty ASC zůstatky najde, ale nedokáže odstranit. Hodí to nějakou nespecifikovanou chybu. Malwarebytes nejnovější nic ve Skenu hrozeb nenašel. V ProgramData je toho zbytečného dost, rád bych se toho též zbavil. Za ochotu a snahu předem díky.

V počítači byl řádně před třemi dny vyčištěn veškerý prach v něm zanesený.



Přikládám proto dva logy.


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-08-2017
Ran by Pavel (administrator) on PAVEL-PC (05-09-2017 12:19:53)
Running from C:\Users\Pavel\Desktop
Loaded Profiles: Pavel (Available Profiles: Pavel)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(AO Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Malwarebytes) C:\Users\Pavel\Programy\Malware Bytes Anti-Malware\MBAMService.exe
(AO Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Renesas Electronics Corporation) C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(SEC) C:\Program Files\MagicTune Premium\MagicTune.exe
() C:\Program Files\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Acebyte) C:\Users\Pavel\Programy\Acebyte Utilities\Acebyte Utilities 3\AcebyteTray.exe
(Lamantine Software a.s.) C:\Program Files\Sticky Password\stpass.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Lamantine Software a.s.) C:\Program Files\Sticky Password\spUIAManager.exe
(Node.js) C:\Program Files\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(AO Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
(AO Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Malwarebytes) C:\Users\Pavel\Programy\Malware Bytes Anti-Malware\mbam.exe
(Acebyte) C:\Users\Pavel\Programy\Acebyte Utilities\Acebyte Utilities 3\Acebyte Utilities.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NUSB3MON] => C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-10-08] (Renesas Electronics Corporation)
HKLM\...\Run: [MagicTuneLauncher] => C:\Program Files\MagicTune Premium\MagicTuneLauncher.exe [51712 2012-11-08] ()
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [9742952 2010-10-05] (Realtek Semiconductor)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1160408 2016-12-17] (Adobe Systems Incorporated)
HKLM\...\Run: [PowerDVD17Agent] => C:\Users\Pavel\Programy\PowerDVD 17 Ultra\PowerDVD17\PowerDVD17Agent.exe [527400 2017-06-06] (CyberLink Corp.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
HKLM\...\Run: [ProductUpdater] => C:\Program Files\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [80896 2017-08-23] ()
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
HKU\S-1-5-21-3394997470-964147142-4037502327-1000\...\Run: [Google Update] => C:\Users\Pavel\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-04-28] (Google Inc.)
HKU\S-1-5-21-3394997470-964147142-4037502327-1000\...\Run: [AcebyteTray] => C:\Users\Pavel\Programy\Acebyte Utilities\Acebyte Utilities 3\AcebyteTray.exe [499712 2013-08-09] (Acebyte)
HKU\S-1-5-21-3394997470-964147142-4037502327-1000\...\Run: [StickyPassword] => C:\Program Files\Sticky Password\stpass.exe [64000 2017-08-27] (Lamantine Software a.s.)
HKU\S-1-5-21-3394997470-964147142-4037502327-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7680216 2017-08-03] (Piriform Ltd)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.21
Tcpip\..\Interfaces\{255F6AAE-4BB2-4BC6-8B82-020D8273C41C}: [DhcpNameServer] 192.168.1.21

Internet Explorer:
==================
HKU\S-1-5-21-3394997470-964147142-4037502327-1000\Software\Microsoft\Internet Explorer\Main,Start Page = seznam.cz
SearchScopes: HKU\S-1-5-21-3394997470-964147142-4037502327-1000 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={7149999F-7152-4A04-8AE3-8E20743B6FDA}&mid=24e693f0d18647d194a43120d393f5c4-ea00e829ffd21ae1a1b06f603638b8956d215046&lang=cs&ds=AVG&pr=pr&d=2012-07-28 17:11:17&v=15.2.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3394997470-964147142-4037502327-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={7149999F-7152-4A04-8AE3-8E20743B6FDA}&mid=24e693f0d18647d194a43120d393f5c4-ea00e829ffd21ae1a1b06f603638b8956d215046&lang=cs&ds=AVG&pr=pr&d=2012-07-28 17:11:17&v=15.2.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-08-01] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-08-01] (Oracle Corporation)
BHO: No Name -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> No File
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/s ... ab_nvd.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
Handler: linkscanner - No CLSID Value -

FireFox:
========
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2017-07-25]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-17] ()
FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-08-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-08-01] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Users\Pavel\Programy\VLC Player\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Users\Pavel\Programy\VLC Player\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.5.1 -> C:\Users\Pavel\Programy\VLC Player\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Users\Pavel\Programy\VLC Player\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-07-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3394997470-964147142-4037502327-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Pavel\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-3394997470-964147142-4037502327-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Pavel\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "chrome-extension://chphlpgkkbolifaimnlloiipkdnihall/onetab.html"
CHR Profile: C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default [2017-09-05]
CHR Extension: (Sticky Password extension) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnfdmghkeppfadphbnkjcicejfepnbfe [2017-08-08]
CHR Extension: (OneTab) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2017-02-20]
CHR Extension: (Ochrana Kaspersky) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2017-01-27]
CHR Extension: (Ads Removal) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopdddcinljmpmioaklghcalngfhbaen [2014-08-26]
CHR Extension: (AdBlock) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-08-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Chrome Media Router) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-30]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
StartMenuInternet: Google Chrome - C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVP17.0.0; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
S3 Futuremark SystemInfo Service; C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe [130976 2011-03-01] (Futuremark Corporation)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 Intel® PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [87712 2010-08-12] (Intel Corporation)
R2 KSDE1.0.0; C:\Program Files\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 MBAMService; C:\Users\Pavel\Programy\Malware Bytes Anti-Malware\mbamservice.exe [4430792 2017-08-21] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-08-18] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-08-18] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-08-18] (NVIDIA Corporation)
S3 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [66872 2015-02-13] ()
S3 PnkBstrB; C:\Windows\system32\PnkBstrB.exe [107832 2015-02-13] ()
R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [36664 2015-02-12] (AVG Technologies)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AcebyteUnlocker; C:\Users\Pavel\Programy\Acebyte Utilities\Acebyte Utilities 3\Unlocker.sys [11176 2013-07-17] ()
R1 CLVirtualDrive; C:\Windows\System32\DRIVERS\CLVirtualDrive.sys [73712 2011-12-26] (CyberLink)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [170840 2016-06-10] (AO Kaspersky Lab)
S3 cpuz138; C:\Users\Pavel\AppData\Local\Temp\cpuz138\cpuz138_x32.sys [27832 2017-09-05] (CPUID)
R3 e1cexpress; C:\Windows\System32\DRIVERS\e1c6232.sys [238248 2010-09-21] (Intel Corporation)
S3 ENTECH; C:\Windows\system32\DRIVERS\ENTECH.sys [21664 2004-10-25] (EnTech Taiwan) [File not signed]
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae.sys [59904 2017-08-29] ()
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2014-12-22] (REALiX(tm))
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [165296 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [57264 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [71504 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [69000 2016-05-31] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [155328 2017-07-25] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [129496 2017-07-25] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [807104 2017-07-25] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [49744 2016-12-08] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [46000 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [38072 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41392 2016-05-31] (AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [48056 2016-06-07] (The OpenVPN Project)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [71088 2016-05-17] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [116960 2017-03-15] (AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [165336 2017-07-25] (AO Kaspersky Lab)
R1 MagicRotation; C:\Windows\system32\drivers\MTiCtwl.sys [14336 2010-04-22] (Samsung Electronics, Inc. ) [File not signed]
S1 MagicTune; C:\Windows\system32\drivers\MTiCtwl.sys [14336 2010-04-22] (Samsung Electronics, Inc. ) [File not signed]
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [166848 2017-09-04] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [85440 2017-09-05] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [40352 2017-09-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [221632 2017-09-05] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [65824 2017-09-05] (Malwarebytes)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [41088 2010-10-19] (Intel Corporation)
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [64904 2010-10-08] (Renesas Electronics Corporation)
R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [146568 2010-10-08] (Renesas Electronics Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-08-18] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [41920 2017-08-18] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [50112 2017-08-18] (NVIDIA Corporation)
R1 SamDCC; C:\Windows\system32\drivers\SamDCC.sys [14848 2010-12-22] (Samsung Electronics, Inc. ) [File not signed]
R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [59388 2010-04-12] (PowerISO Computing, Inc.) [File not signed]
S4 secdrv; C:\Windows\system32\Drivers\secdrv.sys [29392 2016-12-10] () [File not signed]
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [24688 2016-11-07] ()
R2 {41E8078B-96D9-42DC-8789-A1CF102CD880}; C:\Users\Pavel\Programy\PowerDVD 16 Ultra\PowerDVD16\Common\NavFilter\000.fcl [33048 2016-12-19] (CyberLink Corp.)
R2 {687703DE-DC6D-4649-892B-B8497854A6AB}; C:\Users\Pavel\Programy\PowerDVD 15 Ultra\PowerDVD15\Common\NavFilter\000.fcl [24776 2016-09-14] (CyberLink Corp.)
R2 {A14A8EF6-B11D-4356-9ECC-4B937E6CC626}; C:\Users\Pavel\Programy\PowerDVD 17 Ultra\PowerDVD17\Common\NavFilter\000.fcl [33048 2017-06-08] (CyberLink Corp.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-05 12:19 - 2017-09-05 12:21 - 000017071 _____ C:\Users\Pavel\Desktop\FRST.txt
2017-09-05 07:50 - 2017-09-05 07:51 - 000000000 ____D C:\Program Files\CCleaner
2017-09-05 07:50 - 2017-09-05 07:50 - 000000965 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-09-05 07:50 - 2017-09-05 07:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-09-05 07:28 - 2017-09-05 07:28 - 001792512 _____ (Farbar) C:\Users\Pavel\Desktop\FRST.exe
2017-09-05 07:16 - 2017-09-05 07:16 - 008182736 _____ (Malwarebytes) C:\Users\Pavel\Desktop\AdwCleaner.exe
2017-09-04 19:05 - 2017-09-04 19:05 - 000000017 _____ C:\Users\Pavel\AppData\Local\resmon.resmoncfg
2017-09-04 05:01 - 2017-09-05 08:34 - 000085440 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-09-03 17:41 - 2017-09-03 17:41 - 000011863 _____ C:\Users\Pavel\Documents\BSOD-Pavel.odt
2017-08-31 03:27 - 2017-08-01 17:16 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-08-31 03:27 - 2017-07-07 17:10 - 000973312 _____ (Microsoft Corporation) C:\Windows\system32\DXPTaskRingtone.dll
2017-08-31 03:03 - 2017-08-31 03:03 - 000000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2017-08-31 03:03 - 2017-08-31 03:03 - 000000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2017-08-31 03:02 - 2017-08-31 03:02 - 000000000 ____D C:\Program Files\Common Files\Adobe AIR
2017-08-31 02:40 - 2017-09-03 16:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sticky Password
2017-08-30 14:33 - 2017-08-18 06:37 - 000050112 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2017-08-30 14:33 - 2017-08-18 06:37 - 000041920 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad32v.sys
2017-08-30 14:33 - 2017-08-17 18:26 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2017-08-30 00:16 - 2017-08-22 02:44 - 035314112 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2017-08-30 00:16 - 2017-08-22 02:44 - 028985976 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll
2017-08-30 00:16 - 2017-08-22 02:44 - 018849272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2017-08-30 00:16 - 2017-08-22 02:44 - 013308536 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2017-08-30 00:16 - 2017-08-22 02:44 - 011692528 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2017-08-30 00:16 - 2017-08-22 02:44 - 010072768 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2017-08-30 00:16 - 2017-08-22 02:44 - 003354560 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2017-08-30 00:16 - 2017-08-22 02:44 - 001095800 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3238541.dll
2017-08-30 00:16 - 2017-08-22 02:44 - 001005176 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC.dll
2017-08-30 00:16 - 2017-08-22 02:44 - 000931776 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3238541.dll
2017-08-30 00:16 - 2017-08-22 02:44 - 000924280 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR.dll
2017-08-30 00:16 - 2017-08-22 02:44 - 000578056 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2017-08-30 00:16 - 2017-08-22 02:44 - 000407064 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshim.dll
2017-08-30 00:16 - 2017-08-22 02:44 - 000149040 _____ (NVIDIA Corporation) C:\Windows\system32\nvinit.dll
2017-08-30 00:16 - 2017-08-22 02:44 - 000132072 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim32.dll
2017-08-30 00:16 - 2017-08-22 02:44 - 000000669 _____ C:\Windows\system32\nv-vk32.json
2017-08-29 16:28 - 2017-09-05 11:44 - 000065824 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-08-29 16:28 - 2017-09-05 08:34 - 000221632 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-08-29 16:28 - 2017-09-05 08:34 - 000040352 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-08-29 16:28 - 2017-09-04 19:02 - 000166848 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-08-29 16:24 - 2017-09-03 16:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-08-29 16:24 - 2017-08-29 16:31 - 000059904 _____ C:\Windows\system32\Drivers\mbae.sys
2017-08-29 16:24 - 2017-08-29 16:24 - 000001983 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-08-29 16:24 - 2017-08-29 16:24 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-08-29 16:01 - 2017-08-29 16:01 - 000221600 _____ (Malwarebytes) C:\Windows\system32\Drivers\24D3415C.sys
2017-08-29 16:01 - 2017-08-29 16:01 - 000162240 _____ (Malwarebytes) C:\Windows\system32\Drivers\20BD4170.sys
2017-08-29 15:43 - 2017-08-29 15:43 - 000000000 ____D C:\Users\Pavel\AppData\Local\FreemakeAudioConverter
2017-08-17 15:30 - 2017-08-17 15:30 - 000001426 _____ C:\Users\Public\Desktop\LibreOffice 5.4.lnk
2017-08-17 15:30 - 2017-08-17 15:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.4
2017-08-17 15:29 - 2017-08-17 15:29 - 000000000 ____D C:\Program Files\LibreOffice 5
2017-08-17 15:13 - 2017-09-03 16:53 - 000000000 ____D C:\Program Files\Common Files\Freemake Shared
2017-08-17 14:07 - 2017-07-29 16:50 - 000074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-08-17 14:07 - 2017-07-21 16:26 - 000518144 _____ C:\Windows\system32\msjetoledb40.dll
2017-08-17 14:07 - 2017-07-21 16:26 - 000409600 _____ (Microsoft Corporation) C:\Windows\system32\msexch40.dll
2017-08-17 14:07 - 2017-07-21 16:26 - 000290816 _____ (Microsoft Corporation) C:\Windows\system32\msjtes40.dll
2017-08-17 14:07 - 2017-07-21 16:26 - 000282624 _____ (Microsoft Corporation) C:\Windows\system32\mstext40.dll
2017-08-17 14:07 - 2017-07-15 19:52 - 000346320 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-08-17 14:07 - 2017-07-14 17:10 - 001549824 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-08-17 14:07 - 2017-07-14 17:10 - 001400320 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-08-17 14:07 - 2017-07-14 17:10 - 001363968 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2017-08-17 14:07 - 2017-07-14 17:10 - 000666624 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-08-17 14:07 - 2017-07-14 17:10 - 000382976 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2017-08-17 14:07 - 2017-07-14 17:10 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-08-17 14:07 - 2017-07-14 17:10 - 000197120 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-08-17 14:07 - 2017-07-14 17:10 - 000104448 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-08-17 14:07 - 2017-07-14 17:10 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-08-17 14:07 - 2017-07-14 17:10 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-08-17 14:07 - 2017-07-14 17:00 - 000427520 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-08-17 14:07 - 2017-07-14 17:00 - 000164352 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-08-17 14:07 - 2017-07-14 16:59 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-08-17 14:07 - 2017-07-14 16:59 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-08-17 14:07 - 2017-07-14 16:50 - 000054272 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2017-08-17 14:07 - 2017-07-14 16:50 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2017-08-17 14:07 - 2017-07-14 05:01 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-08-17 14:07 - 2017-07-14 05:00 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-08-17 14:07 - 2017-07-14 04:54 - 020270080 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-08-17 14:07 - 2017-07-14 04:48 - 000499200 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-08-17 14:07 - 2017-07-14 04:48 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-08-17 14:07 - 2017-07-14 04:48 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-08-17 14:07 - 2017-07-14 04:48 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-08-17 14:07 - 2017-07-14 04:47 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-08-17 14:07 - 2017-07-14 04:44 - 002290176 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-08-17 14:07 - 2017-07-14 04:42 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-08-17 14:07 - 2017-07-14 04:41 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-08-17 14:07 - 2017-07-14 04:39 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-08-17 14:07 - 2017-07-14 04:38 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-08-17 14:07 - 2017-07-14 04:38 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-08-17 14:07 - 2017-07-14 04:38 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-08-17 14:07 - 2017-07-14 04:38 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-08-17 14:07 - 2017-07-14 04:33 - 000667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-08-17 14:07 - 2017-07-14 04:30 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-08-17 14:07 - 2017-07-14 04:26 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-08-17 14:07 - 2017-07-14 04:25 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-08-17 14:07 - 2017-07-14 04:25 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-08-17 14:07 - 2017-07-14 04:23 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-08-17 14:07 - 2017-07-14 04:22 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-08-17 14:07 - 2017-07-14 04:21 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-08-17 14:07 - 2017-07-14 04:20 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-08-17 14:07 - 2017-07-14 04:17 - 004546048 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-08-17 14:07 - 2017-07-14 04:13 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-08-17 14:07 - 2017-07-14 04:12 - 000693248 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-08-17 14:07 - 2017-07-14 04:12 - 000689664 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-08-17 14:07 - 2017-07-14 04:11 - 002057216 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-08-17 14:07 - 2017-07-14 04:11 - 001155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-08-17 14:07 - 2017-07-14 04:09 - 013663744 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-08-17 14:07 - 2017-07-14 03:53 - 002767872 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-08-17 14:07 - 2017-07-14 03:50 - 001314816 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-08-17 14:07 - 2017-07-14 03:48 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-08-17 14:07 - 2017-07-08 17:19 - 000250600 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2017-08-17 14:07 - 2017-07-08 16:51 - 002402816 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-08-17 14:07 - 2017-07-07 17:15 - 004001000 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2017-08-17 14:07 - 2017-07-07 17:15 - 003945192 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-08-17 14:07 - 2017-07-07 17:15 - 000296680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys
2017-08-17 14:07 - 2017-07-07 17:15 - 000137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-08-17 14:07 - 2017-07-07 17:15 - 000067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-08-17 14:07 - 2017-07-07 17:13 - 001310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-08-17 14:07 - 2017-07-07 17:11 - 000655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-08-17 14:07 - 2017-07-07 17:11 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-08-17 14:07 - 2017-07-07 17:11 - 000261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-08-17 14:07 - 2017-07-07 17:11 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-08-17 14:07 - 2017-07-07 17:11 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-08-17 14:07 - 2017-07-07 17:11 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-08-17 14:07 - 2017-07-07 17:11 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-08-17 14:07 - 2017-07-07 17:11 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2017-08-17 14:07 - 2017-07-07 17:11 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-08-17 14:07 - 2017-07-07 17:11 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-08-17 14:07 - 2017-07-07 17:11 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-08-17 14:07 - 2017-07-07 17:11 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-08-17 14:07 - 2017-07-07 17:11 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-08-17 14:07 - 2017-07-07 17:10 - 001062912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-08-17 14:07 - 2017-07-07 17:10 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-08-17 14:07 - 2017-07-07 17:10 - 000644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-08-17 14:07 - 2017-07-07 17:10 - 000554496 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-08-17 14:07 - 2017-07-07 17:10 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-08-17 14:07 - 2017-07-07 17:10 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-08-17 14:07 - 2017-07-07 17:10 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-08-17 14:07 - 2017-07-07 17:10 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-08-17 14:07 - 2017-07-07 17:10 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-08-17 14:07 - 2017-07-07 17:10 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-08-17 14:07 - 2017-07-07 17:10 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-08-17 14:07 - 2017-07-07 16:52 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-08-17 14:07 - 2017-07-07 16:52 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-08-17 14:07 - 2017-07-07 16:52 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-08-17 14:07 - 2017-07-07 16:52 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-08-17 14:07 - 2017-07-07 16:51 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-08-17 14:07 - 2017-07-07 16:50 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-08-17 14:07 - 2017-07-07 16:48 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-08-17 14:07 - 2017-07-07 16:48 - 000124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-08-17 14:07 - 2017-07-07 16:48 - 000098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-08-17 14:07 - 2017-07-07 16:47 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-08-17 14:07 - 2017-07-07 16:47 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-08-17 14:07 - 2017-07-07 16:47 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-08-17 14:07 - 2017-07-07 16:47 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-08-17 14:07 - 2017-07-01 15:05 - 001311744 _____ (Microsoft Corporation) C:\Windows\system32\msjet40.dll
2017-08-17 14:07 - 2017-07-01 15:05 - 000866816 _____ (Microsoft Corporation) C:\Windows\system32\mswdat10.dll
2017-08-17 14:07 - 2017-07-01 15:05 - 000641536 _____ (Microsoft Corporation) C:\Windows\system32\mswstr10.dll
2017-08-17 14:07 - 2017-07-01 15:05 - 000616448 _____ (Microsoft Corporation) C:\Windows\system32\msrepl40.dll
2017-08-17 14:07 - 2017-07-01 15:05 - 000475648 _____ (Microsoft Corporation) C:\Windows\system32\msxbde40.dll
2017-08-17 14:07 - 2017-07-01 15:05 - 000375808 _____ (Microsoft Corporation) C:\Windows\system32\mspbde40.dll
2017-08-17 14:07 - 2017-07-01 15:05 - 000343552 _____ (Microsoft Corporation) C:\Windows\system32\msrd3x40.dll
2017-08-17 14:07 - 2017-07-01 15:05 - 000339968 _____ (Microsoft Corporation) C:\Windows\system32\msexcl40.dll
2017-08-17 14:07 - 2017-07-01 15:05 - 000310272 _____ (Microsoft Corporation) C:\Windows\system32\msrd2x40.dll
2017-08-17 14:07 - 2017-07-01 15:05 - 000240640 _____ (Microsoft Corporation) C:\Windows\system32\msltus40.dll
2017-08-17 14:07 - 2017-07-01 15:05 - 000144896 _____ (Microsoft Corporation) C:\Windows\system32\msjint40.dll
2017-08-17 14:07 - 2017-07-01 15:05 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\msjter40.dll
2017-08-17 14:07 - 2017-06-15 22:18 - 000514048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2017-08-17 14:07 - 2017-06-13 00:29 - 001227264 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2017-08-17 14:07 - 2017-06-13 00:29 - 000444928 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2017-08-17 14:07 - 2017-06-13 00:29 - 000390144 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2017-08-17 14:07 - 2017-06-13 00:28 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\pdhui.dll
2017-08-17 14:07 - 2017-06-13 00:06 - 000303616 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2017-08-17 14:07 - 2017-06-13 00:06 - 000157184 _____ (Microsoft Corporation) C:\Windows\system32\perfmon.exe
2017-08-17 14:07 - 2017-06-13 00:06 - 000103424 _____ (Microsoft Corporation) C:\Windows\system32\resmon.exe
2017-08-17 14:07 - 2017-06-10 17:39 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2017-08-17 14:07 - 2017-06-09 17:17 - 001213672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-08-17 14:07 - 2017-06-06 17:12 - 001499648 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-08-17 14:07 - 2017-05-30 06:39 - 001309928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-08-17 14:07 - 2017-05-30 06:39 - 000240872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2017-08-17 14:07 - 2017-05-30 06:39 - 000187624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2017-08-17 14:07 - 2017-05-21 06:06 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-08-17 14:07 - 2017-05-16 17:16 - 000730856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-08-17 14:07 - 2017-05-16 17:16 - 000218856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-08-17 14:07 - 2017-05-16 17:12 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2017-08-17 14:06 - 2017-05-03 17:15 - 000081640 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-08-17 14:06 - 2017-05-03 17:10 - 000987648 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-08-17 14:06 - 2017-05-03 15:05 - 001327616 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-08-17 14:06 - 2017-05-03 15:05 - 000505856 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-08-17 14:06 - 2017-05-03 15:05 - 000446464 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-08-17 14:06 - 2017-05-03 15:05 - 000275456 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-08-17 14:06 - 2017-05-03 15:05 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-08-17 14:06 - 2017-05-03 15:05 - 000182784 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-08-17 14:06 - 2017-05-03 15:05 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-08-17 14:06 - 2017-03-23 04:06 - 001602048 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-05 12:19 - 2016-11-07 17:23 - 000000000 ____D C:\FRST
2017-09-05 12:16 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\inf
2017-09-05 11:27 - 2017-07-23 10:17 - 000290304 _____ (Microsoft Corporation) C:\Windows\system32\subinacl.exe
2017-09-05 10:59 - 2011-09-15 14:25 - 000000000 ____D C:\Users\Pavel\Documents\Dokumrnty
2017-09-05 10:22 - 2016-07-01 22:58 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2017-09-05 10:07 - 2016-05-04 15:48 - 000000000 ___SD C:\Users\Pavel\Documents\Sticky Passwords
2017-09-05 08:42 - 2009-07-14 06:34 - 000028320 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-09-05 08:42 - 2009-07-14 06:34 - 000028320 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-09-05 08:36 - 2011-09-15 11:06 - 000000000 ____D C:\ProgramData\NVIDIA
2017-09-05 08:33 - 2009-07-14 06:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-09-05 08:00 - 2016-07-20 15:05 - 000000000 ____D C:\Users\Pavel\AppData\Local\CrashDumps
2017-09-05 07:50 - 2011-09-15 16:09 - 000000000 ____D C:\Users\Pavel\Programy
2017-09-05 07:26 - 2016-11-07 14:34 - 000000000 ____D C:\AdwCleaner
2017-09-05 06:42 - 2016-08-04 18:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2017-09-05 06:38 - 2013-10-15 12:49 - 057094144 _____ C:\Windows\system32\config\SOFTWARE.iobit
2017-09-05 06:38 - 2013-10-15 12:49 - 001552384 _____ C:\Windows\system32\config\DEFAULT.iobit
2017-09-05 06:38 - 2013-10-15 12:49 - 000028672 _____ C:\Windows\system32\config\SAM.iobit
2017-09-05 06:38 - 2013-10-15 12:49 - 000024576 _____ C:\Windows\system32\config\SECURITY.iobit
2017-09-04 18:20 - 2010-11-21 03:16 - 000668882 _____ C:\Windows\system32\perfh005.dat
2017-09-04 18:20 - 2010-11-21 03:16 - 000141542 _____ C:\Windows\system32\perfc005.dat
2017-09-04 18:20 - 2010-11-20 23:01 - 001559340 _____ C:\Windows\system32\PerfStringBackup.INI
2017-09-03 16:53 - 2016-11-15 20:36 - 000000000 ____D C:\ProgramData\ReIcon
2017-09-03 16:53 - 2016-09-08 14:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2017-09-03 16:53 - 2016-05-04 15:47 - 000000000 ____D C:\Program Files\Sticky Password
2017-09-03 16:53 - 2015-06-16 12:24 - 000000000 ____D C:\Program Files\Common Files\AV
2017-09-03 16:53 - 2014-07-28 19:54 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\vlc
2017-09-03 16:53 - 2013-11-08 14:38 - 000000000 ____D C:\ProgramData\ProductData
2017-09-03 16:53 - 2013-03-12 15:53 - 000000000 ____D C:\Users\Pavel\AppData\LocalLow\IObit
2017-09-03 16:53 - 2012-10-29 04:24 - 000000000 ____D C:\ProgramData\IObit
2017-09-03 16:53 - 2011-11-22 02:12 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2017-09-03 16:53 - 2011-09-17 03:32 - 000000000 ____D C:\Program Files\Common Files\Steam
2017-09-03 16:53 - 2011-09-15 12:04 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\IObit
2017-09-03 16:53 - 2011-09-15 11:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-09-03 16:53 - 2011-09-15 10:49 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-09-03 16:53 - 2010-11-21 03:24 - 000000000 ___RD C:\Users\Public\Recorded TV
2017-09-03 16:52 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\registration
2017-09-03 16:01 - 2012-05-15 15:39 - 000000000 ____D C:\Windows\Minidump
2017-09-03 15:01 - 2011-09-16 14:55 - 000000058 _____ C:\Users\Pavel\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2017-09-03 12:39 - 2011-09-15 12:04 - 000000000 ____D C:\Program Files\IObit
2017-09-02 22:09 - 2017-07-19 14:47 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\ICQ
2017-09-02 16:04 - 2015-02-07 15:27 - 000000000 ___HD C:\ProgramData\vid
2017-09-02 16:04 - 2015-01-05 03:49 - 000000000 ___HD C:\ProgramData\tks
2017-09-01 14:22 - 2013-10-15 12:49 - 040075264 _____ C:\Windows\system32\config\COMPONENTS.iobit
2017-08-31 03:02 - 2016-07-19 18:09 - 000000000 ____D C:\Program Files\Adobe
2017-08-31 02:40 - 2016-05-04 15:48 - 000001050 _____ C:\Users\Public\Desktop\Sticky Password.lnk
2017-08-30 14:36 - 2011-09-15 11:05 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2017-08-30 14:35 - 2016-10-07 18:33 - 000001370 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-08-30 14:34 - 2013-12-07 14:18 - 000000000 ____D C:\Users\Pavel\AppData\Local\NVIDIA Corporation
2017-08-29 15:42 - 2016-09-08 14:26 - 000001278 _____ C:\Users\Public\Desktop\Freemake Audio Converter.lnk
2017-08-29 15:42 - 2016-09-08 14:26 - 000000000 ____D C:\ProgramData\Freemake
2017-08-28 19:32 - 2014-08-31 21:28 - 000002364 _____ C:\Users\Pavel\Desktop\Google Chrome.lnk
2017-08-28 19:32 - 2011-09-22 11:30 - 000002372 _____ C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-24 20:21 - 2016-07-19 18:09 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2017-08-24 20:20 - 2011-09-15 12:05 - 000000000 ____D C:\Program Files\Common Files\Adobe
2017-08-22 09:05 - 2016-12-12 13:49 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\TotalD
2017-08-22 02:44 - 2013-10-27 10:13 - 018704744 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2um.dll
2017-08-22 02:44 - 2013-10-27 10:13 - 014687256 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dum.dll
2017-08-22 02:44 - 2013-02-26 00:22 - 003692400 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi.dll
2017-08-22 02:44 - 2011-09-15 10:50 - 000039007 _____ C:\Windows\system32\nvinfo.pb
2017-08-20 23:05 - 2011-09-15 15:23 - 000000000 ____D C:\Users\Pavel\Různé soubory
2017-08-18 06:37 - 2016-10-07 18:33 - 001505728 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap.dll
2017-08-18 06:37 - 2016-10-07 18:33 - 001317312 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge.dll
2017-08-18 06:37 - 2016-10-07 18:33 - 000100288 _____ C:\Windows\system32\NvRtmpStreamer32.dll
2017-08-18 06:36 - 2016-10-07 18:32 - 000146368 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap32v.dll
2017-08-17 22:03 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\rescache
2017-08-17 20:11 - 2016-10-07 18:32 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2017-08-17 15:58 - 2011-09-15 11:47 - 000087600 _____ C:\Users\Pavel\AppData\Local\GDIPFONTCACHEV1.DAT
2017-08-17 15:58 - 2009-07-14 06:33 - 000358328 _____ C:\Windows\system32\FNTCACHE.DAT
2017-08-17 15:54 - 2013-02-24 16:15 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2017-08-17 15:54 - 2011-09-15 11:48 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2017-08-17 15:54 - 2011-09-15 11:48 - 000000000 ____D C:\Windows\system32\Macromed
2017-08-17 15:20 - 2016-12-12 13:48 - 000000945 _____ C:\Users\Public\Desktop\TotalD.lnk
2017-08-17 15:20 - 2016-12-12 13:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TotalD
2017-08-17 15:18 - 2015-08-17 17:30 - 000001121 _____ C:\Users\Pavel\Desktop\Databáze vlastněných Bluček.lnk
2017-08-17 15:18 - 2015-08-17 17:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EMDB
2017-08-17 15:15 - 2016-07-30 00:03 - 000001071 _____ C:\Users\Public\Desktop\FastStone Image Viewer.lnk
2017-08-17 15:15 - 2016-07-21 02:45 - 000002047 _____ C:\Users\Pavel\Desktop\SUMo.lnk
2017-08-17 15:13 - 2016-09-08 14:26 - 000000000 ____D C:\Program Files\Freemake
2017-08-17 14:29 - 2014-12-14 14:10 - 000000000 ____D C:\Windows\system32\appraiser
2017-08-17 14:21 - 2013-08-14 14:53 - 000000000 ____D C:\Windows\system32\MRT
2017-08-17 14:14 - 2011-09-15 13:45 - 137505280 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-08-11 14:52 - 2012-06-21 20:25 - 000000000 ____D C:\Users\Pavel\Documents\Play Mods

==================== Files in the root of some directories =======

2013-12-07 13:59 - 2013-12-07 14:20 - 000003270 _____ () C:\Users\Pavel\AppData\Roaming\MultiScreen_log.log
2014-03-28 21:22 - 2016-11-15 19:33 - 000006108 _____ () C:\Users\Pavel\AppData\Roaming\pcwSIcon.ini
2015-02-13 21:03 - 2015-02-13 21:03 - 000022328 _____ () C:\Users\Pavel\AppData\Roaming\PnkBstrK.sys
2011-09-16 14:55 - 2017-09-03 15:01 - 000000058 _____ () C:\Users\Pavel\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2017-06-24 01:48 - 2017-06-24 01:48 - 000006396 _____ () C:\Users\Pavel\AppData\Local\recently-used.xbel
2017-09-04 19:05 - 2017-09-04 19:05 - 000000017 _____ () C:\Users\Pavel\AppData\Local\resmon.resmoncfg
2008-02-05 13:28 - 2008-02-05 13:28 - 000000051 _____ () C:\Users\Pavel\AppData\Local\setup.txt

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-08-31 22:22

==================== End of FRST.txt ============================

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

WinRar mi hlásí poškozený archiv Addition.rar

Addition.rar - Zabaleno 7Zip, snad již půjde.
https://www.mediafire.com/file/3x735mcb ... dition.zip

Dobrý den. Bohužel to nejde smazat z nějakého důvodu. Program se posléze zastaví, viditelně nereaguje.

Přikládám obrázek

Zkuste to v nouz. režimu.

Díky za radu. Ale to nevím, jestli svedu.

Je to stejné, pouze PC nastartujete do nouz. režimu.

Dnes jsem to tedy zkoušel i v Nouzovém režimu, ale opět to nešlo. Vypisovalo to stejnou chybu. Jako soubor navíc našel AdwCleaner i přítomnou Deluge aplikaci na torrenty. Ale to považuji za nezávadné.

OK. Tak dejte log před mazáním a pak to zkusíme vyhodit přes FRST.

Zaměřte se pouze na IObit zbytky, k nim by mělo náležet i to Ads Removal.

freemake shared je nejspíše něco k Audio Converteru od společnosti Freemake. S tímto programem nemám potíže.

_______________________________________________________________

# AdwCleaner 7.0.2.1 - Logfile created on Wed Sep 06 20:26:51 2017
# Updated on 2017/29/08 by Malwarebytes
# Database: 09-01-2017.2
# Running on Windows 7 Home Premium (X86)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.AdvancedSystemCare, C:\ProgramData\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare, C:\ProgramData\Application Data\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare, C:\Program Files\Common Files\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare, C:\Windows\System32\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare, C:\Users\All Users\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare, C:\Users\Pavel\AppData\LocalLow\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare, C:\Users\Pavel\AppData\Roaming\IObit\Advanced SystemCare
PUP.Optional.Legacy, C:\Program Files\Common Files\freemake shared
PUP.Optional.Legacy, C:\ProgramData\IObit\ASCDownloader
PUP.Optional.Legacy, C:\ProgramData\Application Data\IObit\ASCDownloader
PUP.Optional.Legacy, C:\Users\All Users\IObit\ASCDownloader


***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.AdvancedSystemCare, [Key] - HKLM\SOFTWARE\IOBIT\ASC
PUP.Optional.AdvancedSystemCare, [Key] - HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
PUP.Optional.AdvancedSystemCare, [Key] - HKLM\SOFTWARE\CLASSES\DRIVE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
PUP.Optional.AdvancedSystemCare, [Key] - HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
PUP.Optional.AdvancedSystemCare, [Key] - HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.ascplugin.protect


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

PUP.Optional.Legacy, Plugin found: Ads Removal -

/!\ Please Reset the Chrome Synchronization before cleaning the Chrome Preferences: https://support.google.com/chrome/answer/3097271


*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [10962 B] - [2016/11/7 17:23:34]
C:/AdwCleaner/AdwCleaner[C2].txt - [1779 B] - [2016/11/8 11:42:44]
C:/AdwCleaner/AdwCleaner[C3].txt - [3215 B] - [2017/1/25 13:17:7]
C:/AdwCleaner/AdwCleaner[C4].txt - [3811 B] - [2017/3/10 14:17:53]
C:/AdwCleaner/AdwCleaner[S0].txt - [11001 B] - [2016/11/7 12:35:58]
C:/AdwCleaner/AdwCleaner[S10].txt - [2837 B] - [2016/11/27 22:57:49]
C:/AdwCleaner/AdwCleaner[S11].txt - [3010 B] - [2016/12/1 18:25:21]
C:/AdwCleaner/AdwCleaner[S12].txt - [3044 B] - [2016/12/12 16:0:6]
C:/AdwCleaner/AdwCleaner[S13].txt - [3118 B] - [2016/12/30 18:27:9]
C:/AdwCleaner/AdwCleaner[S14].txt - [3254 B] - [2017/1/6 19:23:45]
C:/AdwCleaner/AdwCleaner[S15].txt - [3328 B] - [2017/1/25 13:14:15]
C:/AdwCleaner/AdwCleaner[S16].txt - [2775 B] - [2017/1/25 13:26:19]
C:/AdwCleaner/AdwCleaner[S17].txt - [2849 B] - [2017/1/27 20:34:4]
C:/AdwCleaner/AdwCleaner[S18].txt - [2923 B] - [2017/2/7 19:41:29]
C:/AdwCleaner/AdwCleaner[S19].txt - [2997 B] - [2017/2/20 21:38:48]
C:/AdwCleaner/AdwCleaner[S1].txt - [1989 B] - [2016/11/8 11:29:13]
C:/AdwCleaner/AdwCleaner[S20].txt - [3071 B] - [2017/3/2 14:26:4]
C:/AdwCleaner/AdwCleaner[S21].txt - [3147 B] - [2017/3/5 7:17:43]
C:/AdwCleaner/AdwCleaner[S22].txt - [3224 B] - [2017/3/10 14:12:19]
C:/AdwCleaner/AdwCleaner[S23].txt - [3610 B] - [2017/3/23 19:25:6]
C:/AdwCleaner/AdwCleaner[S24].txt - [3686 B] - [2017/3/25 14:24:0]
C:/AdwCleaner/AdwCleaner[S25].txt - [4109 B] - [2017/3/25 16:27:35]
C:/AdwCleaner/AdwCleaner[S26].txt - [5275 B] - [2017/4/2 10:36:28]
C:/AdwCleaner/AdwCleaner[S27].txt - [5347 B] - [2017/4/21 20:6:44]
C:/AdwCleaner/AdwCleaner[S28].txt - [5503 B] - [2017/4/27 2:4:35]
C:/AdwCleaner/AdwCleaner[S29].txt - [5495 B] - [2017/5/11 14:8:18]
C:/AdwCleaner/AdwCleaner[S2].txt - [2137 B] - [2016/11/8 11:49:50]
C:/AdwCleaner/AdwCleaner[S30].txt - [5569 B] - [2017/6/1 18:38:9]
C:/AdwCleaner/AdwCleaner[S31].txt - [5643 B] - [2017/7/7 13:11:11]
C:/AdwCleaner/AdwCleaner[S32].txt - [5398 B] - [2017/8/2 15:18:52]
C:/AdwCleaner/AdwCleaner[S33].txt - [5534 B] - [2017/8/19 9:45:7]
C:/AdwCleaner/AdwCleaner[S34].txt - [5705 B] - [2017/9/3 11:11:30]
C:/AdwCleaner/AdwCleaner[S35].txt - [6012 B] - [2017/9/5 4:57:19]
C:/AdwCleaner/AdwCleaner[S36].txt - [5705 B] - [2017/9/5 5:14:6]
C:/AdwCleaner/AdwCleaner[S37].txt - [5351 B] - [2017/9/5 5:18:59]
C:/AdwCleaner/AdwCleaner[S38].txt - [5418 B] - [2017/9/5 5:20:59]
C:/AdwCleaner/AdwCleaner[S39].txt - [5485 B] - [2017/9/5 5:22:42]
C:/AdwCleaner/AdwCleaner[S3].txt - [2317 B] - [2016/11/9 21:51:7]
C:/AdwCleaner/AdwCleaner[S40].txt - [5552 B] - [2017/9/5 5:26:25]
C:/AdwCleaner/AdwCleaner[S41].txt - [5541 B] - [2017/9/5 11:44:53]
C:/AdwCleaner/AdwCleaner[S42].txt - [5609 B] - [2017/9/6 18:12:40]
C:/AdwCleaner/AdwCleaner[S43].txt - [5804 B] - [2017/9/6 18:18:38]
C:/AdwCleaner/AdwCleaner[S44].txt - [5745 B] - [2017/9/6 20:13:17]
C:/AdwCleaner/AdwCleaner[S4].txt - [2394 B] - [2016/11/11 21:35:21]
C:/AdwCleaner/AdwCleaner[S5].txt - [2465 B] - [2016/11/15 2:34:9]
C:/AdwCleaner/AdwCleaner[S6].txt - [2539 B] - [2016/11/18 2:49:23]
C:/AdwCleaner/AdwCleaner[S7].txt - [2613 B] - [2016/11/20 1:20:43]
C:/AdwCleaner/AdwCleaner[S8].txt - [2687 B] - [2016/11/20 16:46:14]
C:/AdwCleaner/AdwCleaner[S9].txt - [2761 B] - [2016/11/25 3:12:46]


########## EOF - C:\AdwCleaner\AdwCleaner[S45].txt ##########

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
SearchScopes: HKU\S-1-5-21-3394997470-964147142-4037502327-1000 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={7149999F-7152-4A04-8AE3-8E20743B6FDA}&mid=24e693f0d18647d194a43120d393f5c4-ea00e829ffd21ae1a1b06f603638b8956d215046&lang=cs&ds=AVG&pr=pr&d=2012-07-28 17:11:17&v=15.2.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3394997470-964147142-4037502327-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={7149999F-7152-4A04-8AE3-8E20743B6FDA}&mid=24e693f0d18647d194a43120d393f5c4-ea00e829ffd21ae1a1b06f603638b8956d215046&lang=cs&ds=AVG&pr=pr&d=2012-07-28 17:11:17&v=15.2.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}
BHO: No Name -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> No File
Handler: linkscanner - No CLSID Value -
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
C:\Users\Pavel\AppData\LocalLow\IObit
C:\Users\Pavel\AppData\Roaming\IObit
C:\Program Files\IObit

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Děkuji za uvedený postup. Chci se jen zeptat na tu Javu. Já ji instaloval v květnu, protože ji vyžadovala jedna modifikace ke starší hře.

Co chcete s Javou dělat? Pokud ji tam máte, ponechte si ji. Je vhodná a potřebná nejen pro hry. Nemáte zač!

Tento fixlog se objevil na ploše při průběhu akce, po přihlášení a restartu se žádný log neotevřel a nezobrazil. Akce měla za následek smazání záložek v OneTab pro Chrome a vyjmutí jednoho dalšího rozšíření pro stejný prohlížeč. Ale to jsem tam zas hned dal. Nicméně AdwCleaner pořád hlásí přítomnost těch IObit zbytků.


Fix result of Farbar Recovery Scan Tool (x86) Version: 20-08-2017
Ran by Pavel (07-09-2017 12:29:16) Run:3
Running from C:\Users\Pavel\Desktop
Loaded Profiles: Pavel (Available Profiles: Pavel)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
SearchScopes: HKU\S-1-5-21-3394997470-964147142-4037502327-1000 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={7149999F-7152-4A04-8AE3-8E20743B6FDA}&mid=24e693f0d18647d194a43120d393f5c4-ea00e829ffd21ae1a1b06f603638b8956d215046&lang=cs&ds=AVG&pr=pr&d=2012-07-28 17:11:17&v=15.2.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3394997470-964147142-4037502327-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={7149999F-7152-4A04-8AE3-8E20743B6FDA}&mid=24e693f0d18647d194a43120d393f5c4-ea00e829ffd21ae1a1b06f603638b8956d215046&lang=cs&ds=AVG&pr=pr&d=2012-07-28 17:11:17&v=15.2.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}
BHO: No Name -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> No File
Handler: linkscanner - No CLSID Value -
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
C:\Users\Pavel\AppData\LocalLow\IObit
C:\Users\Pavel\AppData\Roaming\IObit
C:\Program Files\IObit

EmptyTemp:
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully.
HKU\S-1-5-21-3394997470-964147142-4037502327-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKU\S-1-5-21-3394997470-964147142-4037502327-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} => key removed successfully.
HKLM\Software\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664} => key not found.
HKLM\Software\Classes\CLSID\{FFCB3198-32F3-4E8B-9539-4324694ED664} => key not found.
HKLM\Software\Classes\PROTOCOLS\Handler\linkscanner => key removed successfully.
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => key removed successfully.
C:\Users\Pavel\AppData\LocalLow\IObit => moved successfully
C:\Users\Pavel\AppData\Roaming\IObit => moved successfully
C:\Program Files\IObit => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 8087086 B
Java, Flash, Steam htmlcache => 355863237 B
Windows/system/drivers => 10542 B
Edge => 0 B
Chrome => 115240561 B
Firefox => 0 B
Opera => 643072 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 9817 B
Public => 0 B
ProgramData => 0 B
systemprofile => 21810356 B
LocalService => 66228 B
NetworkService => 0 B
Pavel => 15980621 B
UpdatusUser => 0 B

RecycleBin => 0 B
EmptyTemp: => 501.7 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 12:30:21 ====

Tak některým zbytkům se nevyhneme, odinstalátor nikdy není stoprocentní. Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte. Bude-li třeba pročistíme ještě prohlížeče.

Testuji, už něco našlo. Já dříve dával výjimku, nyní by tam už být neměly. Test potrvá cca 3,5 hodiny. Disk C.