prehliadač automaticky otvára stránku - vararray.online

[marsell2607]

Dobrý deň, prehliadač automaticky otvára nejakú ruskú stránku, väčšinou pri prvom štarte Chrome.
Prosim o pomoc, ďakujem.



Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-02-2017
Ran by hp (administrator) on HP-PC (12-02-2017 21:52:41)
Running from C:\Users\hp\Desktop
Loaded Profiles: hp (Available Profiles: hp & Administrator)
Platform: Windows 10 Home Version 1607 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\SETA284.tmp
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Windows\System32\fpCSEvtSvc.exe
(Spoločnosť Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\52.0.2743.48\remoting_host.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Novatel Wireless Inc.) C:\Program Files (x86)\Novatel Wireless\LTE Support\VZWMSConfig.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Spoločnosť Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\52.0.2743.48\remoting_host.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\SET9FCB.tmp
(Intel Corporation) C:\Windows\System32\SETA335.tmp
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor Corp.) C:\Windows\RtsCM64.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbNotifier.exe
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1701.10102.0_x64__8wekyb3d8bbwe\Calculator.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.16122.10291.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Google Inc.) C:\Users\hp\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\hp\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\hp\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\hp\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\hp\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\hp\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\hp\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\hp\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\hp\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\hp\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\hp\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Users\hp\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\hp\AppData\Local\Google\Update\GoogleUpdate.exe
(Google Inc.) C:\Users\hp\AppData\Local\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Users\hp\AppData\Local\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(forum.viry.cz) C:\Users\hp\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtsCM] => C:\WINDOWS\RTSCM64.EXE [201944 2015-05-26] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-07-03] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1702912 2013-02-05] (IDT, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-02-08] (AVAST Software)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [127528 2015-07-08] (Hewlett-Packard Company)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [338000 2015-06-22] (Hewlett-Packard Company)
HKLM-x32\...\Run: [File Sanitizer] => C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
HKLM-x32\...\Run: [HPConnectionManager] => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [191200 2015-10-08] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [VmbNotifierRouter] => C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbNotifier.exe [818744 2015-11-30] (Vodafone)
HKLM-x32\...\Run: [MobileBroadband] => C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe [72760 2015-11-30] (Vodafone)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKU\S-1-5-21-3698627944-2826964948-1134695990-1000\...\Run: [Google Update] => C:\Users\hp\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [601752 2016-12-26] (Google Inc.)
HKU\S-1-5-21-3698627944-2826964948-1134695990-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9108184 2016-11-07] (Piriform Ltd)
HKU\S-1-5-21-3698627944-2826964948-1134695990-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27427808 2017-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-3698627944-2826964948-1134695990-1000\...\Run: [WirelessManager] => C:\Program Files (x86)\Dell\Dell Mobile Broadband Manager\WirelessManager.exe
HKU\S-1-5-21-3698627944-2826964948-1134695990-1000\...\Run: [AllAccess.exe] => C:\Program Files (x86)\AT&T\AT&T AllAccess\AllAccess.exe
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-02-08] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-02-08] (AVAST Software)
GroupPolicy: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.10.1
Tcpip\..\Interfaces\{05754af0-07bb-45a4-921f-d488861dac9e}: [DhcpNameServer] 192.168.3.1
Tcpip\..\Interfaces\{2bf0026b-0eb4-48ff-a6e5-24e1d216af12}: [DhcpNameServer] 192.168.10.1
Tcpip\..\Interfaces\{dc164e9a-5ecf-4031-8df7-a8c0afe21274}: [DhcpNameServer] 192.168.3.1

Internet Explorer:
==================
HKU\S-1-5-21-3698627944-2826964948-1134695990-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll => No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll => No File

FireFox:
========
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-12-29]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-12-29]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin HKU\S-1-5-21-3698627944-2826964948-1134695990-1000: @tools.google.com/Google Update;version=3 -> C:\Users\hp\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-26] (Google Inc.)
FF Plugin HKU\S-1-5-21-3698627944-2826964948-1134695990-1000: @tools.google.com/Google Update;version=9 -> C:\Users\hp\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-26] (Google Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.sk/
CHR StartupUrls: Default -> "hxxps://www.google.sk/"
CHR Profile: C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default [2017-02-12]
CHR Extension: (Prezentácie Google) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-11-17]
CHR Extension: (Dokumenty Google) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-17]
CHR Extension: (Disk Google) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-17]
CHR Extension: (YouTube) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-17]
CHR Extension: (Photo Zoom for Facebook) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2016-11-17]
CHR Extension: (Tabuľky Google) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-17]
CHR Extension: (Vzdialená plocha Chrome) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2017-02-08]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-17]
CHR Extension: (AdBlock) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-01-31]
CHR Extension: (Project Viewer 365-Free) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmpghmkgkalhonankenfklpmdgnilapp [2016-11-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-18]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2017-02-08]
CHR Extension: (Gmail) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-17]
CHR Extension: (Chrome Media Router) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-01-27]
CHR Extension: (Chrome Remote Desktop) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pphgllhclmbkkpegmmgfkghmajkamhdb [2016-11-17]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7142136 2017-02-08] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-02-08] (AVAST Software)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\52.0.2743.48\remoting_host.exe [76616 2016-06-20] (Spoločnosť Google Inc.)
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [11071208 2015-07-07] (DisplayLink Corp.)
R2 fpCsEvtSvc; C:\WINDOWS\system32\fpCSEvtSvc.exe [13824 2015-04-28] ()
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [684624 2015-06-22] (Hewlett-Packard Company)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [332800 2013-02-05] (IDT, Inc.) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-07-03] (Synaptics Incorporated)
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [82944 2016-08-10] (Synaptics Incorporated)
R2 VZWConfigService; C:\Program Files (x86)\Novatel Wireless\LTE Support\VZWMSConfig.exe [259664 2012-10-16] (Novatel Wireless Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S2 HPFSService; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [309784 2017-02-08] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [189768 2017-02-08] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334600 2017-02-08] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [48528 2017-02-08] (AVAST Software s.r.o.)
S3 aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys [82936 2016-11-17] (AVAST Software)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-02-08] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [32088 2017-02-08] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [126088 2017-02-08] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [100640 2017-02-08] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [74680 2017-02-08] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [991496 2017-02-08] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [547904 2017-02-08] (AVAST Software)
S2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [162528 2017-02-08] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [337080 2017-02-10] (AVAST Software)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 e1cexpress; C:\WINDOWS\system32\DRIVERS\e1c64x64.sys [468752 2014-05-02] (Intel Corporation)
R3 HpqKbFiltr; C:\WINDOWS\System32\drivers\HpqKbFiltr64.sys [37112 2015-06-17] (Hewlett-Packard Company)
S3 NdisImPlatformMp; C:\WINDOWS\System32\drivers\NdisImPlatform.sys [126464 2016-07-16] (Microsoft Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 netr28ux; C:\WINDOWS\System32\drivers\netr28ux.sys [2224128 2016-07-16] (MediaTek Inc.)
R3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3343872 2016-07-16] (Intel Corporation)
R3 nwhpbus; C:\WINDOWS\System32\drivers\nwhpbus.sys [166472 2012-11-13] (MCCI Corporation)
R3 NWHPMBNet; C:\WINDOWS\System32\drivers\NWHPMBNet.sys [334848 2012-11-13] (Novatel Wireless Inc.)
R3 NWHPModem; C:\WINDOWS\system32\DRIVERS\nwhpmdm.sys [227712 2012-11-13] (Novatel Wireless Inc.)
R3 NWHPPort; C:\WINDOWS\system32\DRIVERS\nwhpser.sys [227712 2012-11-13] (Novatel Wireless Inc.)
R3 NWHPPort2; C:\WINDOWS\system32\DRIVERS\nwhpser2.sys [227712 2012-11-13] (Novatel Wireless Inc.)
R3 nwhpssndis; C:\WINDOWS\System32\Drivers\nwhpssndis.sys [24576 2012-11-13] (Novatel Wireless Inc.)
S3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [5195776 2016-07-16] (Realtek Semiconductor Corporation )
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3059416 2015-06-11] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-07-03] (Synaptics Incorporated)
S3 SRS_PremiumSound_Service; C:\WINDOWS\system32\drivers\srs_PremiumSound_amd64.sys [513312 2011-07-18] ()
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\system32\DRIVERS\WirelessButtonDriver64.sys [30384 2015-06-23] (HP Inc.)
S2 SCWFPFilter; \SystemRoot\system32\DRIVERS\WFPFilter.sys [X]
S3 SWUMX20; system32\DRIVERS\swumx20.sys [X]
S3 SzCCID; \SystemRoot\system32\DRIVERS\SzCCID.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-02-12 21:52 - 2017-02-12 21:52 - 00020259 _____ C:\Users\hp\Desktop\FRST.txt
2017-02-12 21:52 - 2017-02-12 21:52 - 00000000 ____D C:\FRST
2017-02-12 21:51 - 2017-02-12 21:52 - 00112640 _____ (forum.viry.cz) C:\Users\hp\Desktop\FRSTLauncher.exe
2017-02-12 21:50 - 2017-02-12 21:50 - 00112640 _____ (forum.viry.cz) C:\Users\hp\Desktop\Nepotvrdené 966410.crdownload
2017-02-12 21:50 - 2017-02-12 21:50 - 00112640 _____ (forum.viry.cz) C:\Users\hp\Desktop\Nepotvrdené 798047.crdownload
2017-02-12 21:49 - 2017-02-12 21:49 - 02421248 _____ (Farbar) C:\Users\hp\Desktop\FRST64.exe
2017-02-12 21:45 - 2017-02-12 21:45 - 04015056 _____ C:\Users\hp\Desktop\adwcleaner_6.043 (1).exe
2017-02-12 20:51 - 2017-02-12 21:53 - 908099483 _____ C:\Users\hp\Downloads\Nepotvrdené 541399.crdownload
2017-02-12 20:12 - 2017-02-12 20:13 - 00000000 ____D C:\WINDOWS\LastGood
2017-02-12 20:03 - 2017-02-12 20:03 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-02-12 11:17 - 2017-02-12 18:41 - 1262485504 _____ C:\Users\hp\Downloads\WD.Dva.part2.rar
2017-02-12 11:17 - 2017-02-12 18:13 - 1262485504 _____ C:\Users\hp\Downloads\WD.Dva.part1.rar
2017-02-11 20:17 - 2017-02-11 20:17 - 04980001 _____ C:\Users\hp\Documents\MOV_0596.mp4
2017-02-10 20:08 - 2017-02-10 20:08 - 00248153 _____ C:\Users\hp\Downloads\Windows-XP---Professional-CD-key.txt
2017-02-10 19:31 - 2017-02-10 19:32 - 00000000 ____D C:\NeroPortable
2017-02-10 19:31 - 2015-12-21 12:11 - 33532868 _____ (PortableAppZ.blogspot.com) C:\Users\hp\Downloads\Nero_Portable_17.0.5.0_Multilingual.exe
2017-02-10 19:29 - 2010-11-12 02:18 - 734097408 _____ C:\Users\hp\Downloads\Windows Xp 9 In 1 (Pro Home Media Center Oem, Retail, Corp, Upgrade).iso
2017-02-10 19:28 - 2017-02-10 19:30 - 34536975 _____ C:\Users\hp\Downloads\Nero_Portable_17.0.5.0_Multilingual.rar
2017-02-10 16:29 - 2017-02-10 16:29 - 00000107 _____ C:\Users\hp\Downloads\youtube.rar
2017-02-10 16:28 - 2017-02-10 16:28 - 04343437 _____ C:\Users\hp\Downloads\652HD_COMBO_V1.09.17769_07-01-2017.rar
2017-02-10 16:13 - 2017-02-10 16:13 - 04263813 _____ C:\Users\hp\Downloads\652HD_V1.09.17160_22-09-2016_A.rar
2017-02-09 22:31 - 2017-02-09 22:31 - 00017388 _____ C:\WINDOWS\system32\results.xml
2017-02-09 22:27 - 2017-02-09 22:27 - 00000728 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) HD Graphics Control Panel.lnk
2017-02-09 22:27 - 2017-02-09 22:27 - 00000716 _____ C:\Users\Public\Desktop\Intel(R) HD Graphics Control Panel.lnk
2017-02-09 22:27 - 2017-02-09 22:27 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-02-09 22:23 - 2017-02-09 22:26 - 129957096 _____ (Intel Corporation) C:\Users\hp\Downloads\win64_153338.exe
2017-02-09 22:20 - 2017-02-09 22:22 - 72574040 _____ (Intel Corporation) C:\Users\hp\Downloads\win32_153343.4425.exe
2017-02-09 22:12 - 2017-02-09 22:12 - 00000000 ____D C:\Users\hp\Documents\Battlefield 1
2017-02-09 17:27 - 2017-02-09 17:28 - 00000000 ____D C:\Users\hp\Desktop\Dlef
2017-02-08 23:02 - 2017-02-12 17:22 - 00004186 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{BE6EC291-0472-4403-96D8-DB836688300A}
2017-02-08 22:06 - 2017-02-08 22:06 - 00388608 _____ (Trend Micro Inc.) C:\Users\hp\Downloads\hijackthis.exe
2017-02-08 19:42 - 2017-02-08 19:42 - 00398408 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-02-08 19:42 - 2017-02-08 19:42 - 00334600 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-02-08 19:42 - 2017-02-08 19:42 - 00309784 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-02-08 19:42 - 2017-02-08 19:42 - 00189768 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-02-08 19:42 - 2017-02-08 19:42 - 00048528 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-02-08 19:42 - 2017-02-08 19:42 - 00003994 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-02-08 10:06 - 2017-02-08 10:08 - 04015056 _____ C:\Users\hp\Downloads\adwcleaner_6.043.exe
2017-02-07 22:47 - 2017-02-07 22:46 - 01301045 _____ C:\Users\hp\Desktop\20170207_2239_ussr-R61_Object252_BF_01_karelia.wotreplay
2017-02-05 23:18 - 2017-02-05 23:18 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WUDFUsbccidDriver_01_11_00.Wdf
2017-02-05 20:59 - 2017-02-05 21:19 - 1061252001 _____ C:\Users\hp\Downloads\RYCHLY PRACHY 127 - DENISA (03.02.2017).mp4
2017-02-05 12:53 - 2017-02-05 12:53 - 03134937 _____ C:\Users\hp\Downloads\Manual-P3117_SK_W.pdf
2017-02-04 17:03 - 2017-02-04 18:10 - 2814910464 _____ C:\Users\hp\Desktop\[TS](18+) Reality Kings CZ[Young Teens Film Sex Tapes-04-02-2017.13.42.00]-000.ts
2017-02-04 17:03 - 2017-02-04 17:32 - 932720640 _____ C:\Users\hp\Desktop\[TS](18+) EROXXX[Truth About Teens, The-04-02-2017.00.15.00]-000.ts
2017-02-03 19:14 - 2017-02-03 19:41 - 1373095049 _____ C:\Users\hp\Downloads\Jack Reacher Nevracej se Jack Reacher Never Go Back cz dabing.mkv
2017-02-01 18:39 - 2017-02-08 19:37 - 00000000 ____D C:\Users\hp\Desktop\Lesson 3
2017-01-29 11:47 - 2017-02-12 21:00 - 00000000 ____D C:\Users\hp\AppData\Roaming\TS3Client
2017-01-29 11:47 - 2017-01-29 11:47 - 00001275 _____ C:\Users\hp\Desktop\TeamSpeak 3 Client.lnk
2017-01-29 11:47 - 2017-01-29 11:47 - 00001233 _____ C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2017-01-29 11:47 - 2017-01-29 11:47 - 00000000 ____D C:\Users\hp\AppData\Local\TeamSpeak 3 Client
2017-01-29 11:42 - 2017-01-29 11:46 - 77761888 _____ (TeamSpeak Systems GmbH) C:\Users\hp\Downloads\TeamSpeak3-Client-win64-3.1.0.1.exe
2017-01-28 23:13 - 2017-01-28 23:13 - 00001715 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRS PRO Audio.lnk
2017-01-28 23:13 - 2013-02-05 03:59 - 08078848 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNGUI.exe
2017-01-28 23:13 - 2013-02-05 03:59 - 07973376 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNHP.dll
2017-01-28 23:13 - 2013-02-05 03:59 - 06101504 _____ (IDT, Inc.) C:\WINDOWS\system32\stlang64.dll
2017-01-28 23:13 - 2013-02-05 03:59 - 02221056 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNX.dll
2017-01-28 23:13 - 2013-02-05 03:59 - 01897984 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNC64.cpl
2017-01-28 23:13 - 2013-02-05 03:59 - 01702912 _____ (IDT, Inc.) C:\WINDOWS\sttray64.exe
2017-01-28 23:13 - 2013-02-05 03:59 - 00253952 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNJ.exe
2017-01-28 23:13 - 2013-02-05 03:59 - 00225280 _____ (IDT, Inc.) C:\WINDOWS\system32\HPToneCtrls64.dll
2017-01-28 23:13 - 2012-07-10 02:36 - 00042512 _____ C:\WINDOWS\system32\BanditEQ4.xml
2017-01-28 23:13 - 2011-05-17 17:25 - 00464384 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\slapoi64.dll
2017-01-28 19:45 - 2017-01-28 19:43 - 00725538 _____ C:\Users\hp\Desktop\20170128_1940_ussr-R61_Object252_BF_28_desert.wotreplay
2017-01-28 19:10 - 2017-01-28 19:09 - 01010237 _____ C:\Users\hp\Desktop\20170128_1905_france-F62_ELC_AMX_28_desert.wotreplay
2017-01-28 15:14 - 2017-01-28 15:19 - 00000000 ____D C:\WinSetupFromUSB
2017-01-28 15:14 - 2017-01-28 15:18 - 00001629 _____ C:\Users\hp\Desktop\WinSetupFromUSB.lnk
2017-01-28 15:14 - 2017-01-28 15:18 - 00000727 _____ C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinSetupFromUSB.lnk
2017-01-28 15:01 - 2017-01-28 15:01 - 00562352 _____ (mdftoiso.com ) C:\Users\hp\Downloads\mdftoiso_setup.exe
2017-01-28 15:01 - 2017-01-28 15:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MDF to ISO
2017-01-28 15:01 - 2017-01-28 15:01 - 00000000 ____D C:\Program Files (x86)\MDF to ISO
2017-01-28 15:00 - 2017-01-28 15:01 - 00000000 ____D C:\Users\hp\Downloads\Windows XP Professional SP2 CZ B 32 Bit
2017-01-28 14:29 - 2017-01-28 14:42 - 656341820 _____ C:\Users\hp\Downloads\Windows XP Professional SP2 CZ B 32 Bit.rar
2017-01-28 14:23 - 2011-02-02 22:45 - 00000000 ____D C:\Users\hp\Downloads\Windows Xp 9 In 1 (Pro Home Media Center Oem, Retail, Corp, Upgrade)
2017-01-28 14:05 - 2017-01-28 14:22 - 742908346 _____ C:\Users\hp\Downloads\windows.xp.9.in.1.rar
2017-01-27 21:19 - 2017-01-27 21:19 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2017-01-27 21:19 - 2017-01-27 21:19 - 00000000 ____D C:\Program Files\Common Files\AV
2017-01-26 20:58 - 2017-01-26 20:58 - 00000000 _____ C:\Users\hp\Desktop\742951.txt
2017-01-25 18:55 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2017-01-25 18:55 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2017-01-24 17:36 - 2017-01-28 15:59 - 00000099 _____ C:\Users\hp\Downloads\rufus.ini
2017-01-24 17:36 - 2017-01-24 17:36 - 00937592 _____ (Akeo Consulting (hxxp://akeo.ie)) C:\Users\hp\Downloads\rufus-2.11p.exe
2017-01-24 17:35 - 2017-01-24 17:35 - 02458945 _____ C:\Users\hp\Downloads\rufus-2.11.zip
2017-01-23 22:40 - 2017-01-23 22:40 - 00930120 _____ C:\Users\hp\Downloads\Priloha A Cennika programov Happy_2017_01_19.pdf
2017-01-22 12:47 - 2017-01-22 12:48 - 00000000 ____D C:\Program Files\IDT
2017-01-22 12:47 - 2013-02-05 03:59 - 02193920 _____ (IDT, Inc.) C:\WINDOWS\system32\stapo64.dll
2017-01-22 12:47 - 2013-02-05 03:59 - 00674304 ____N (IDT, Inc.) C:\WINDOWS\system32\stapi64.dll
2017-01-22 12:47 - 2013-02-05 03:59 - 00544768 _____ (IDT, Inc.) C:\WINDOWS\system32\Drivers\stwrt64.sys
2017-01-22 12:47 - 2013-02-05 03:59 - 00499200 _____ (IDT, Inc.) C:\WINDOWS\system32\stcplx64.dll
2017-01-22 12:47 - 2013-02-05 03:59 - 00256000 _____ (IDT, Inc.) C:\WINDOWS\system32\st646454.dll
2017-01-22 12:29 - 2017-01-22 12:29 - 00000000 ____D C:\Users\hp\Desktop\cryptobox
2017-01-22 12:24 - 2017-01-22 12:25 - 00000000 ____D C:\Users\hp\Desktop\ALIDVRS2
2017-01-19 19:03 - 2017-01-19 19:03 - 00000000 ____D C:\Users\hp\AppData\Local\TeamSpeak 3
2017-01-19 19:03 - 2017-01-19 19:03 - 00000000 ____D C:\Users\hp\.TeamSpeak 3
2017-01-19 19:03 - 2017-01-19 19:03 - 00000000 ____D C:\Users\hp\.QtWebEngineProcess
2017-01-18 20:41 - 2017-01-18 20:41 - 00000162 ____H C:\Users\hp\Desktop\~$rievodný list.odt
2017-01-18 18:56 - 2017-01-18 18:56 - 842967864 _____ C:\WINDOWS\MEMORY.DMP
2017-01-18 18:56 - 2017-01-18 18:56 - 00416676 _____ C:\WINDOWS\Minidump\011817-8859-01.dmp
2017-01-18 18:56 - 2017-01-18 18:56 - 00000000 ____D C:\WINDOWS\Minidump
2017-01-17 21:28 - 2017-01-17 21:28 - 00132316 _____ C:\Users\hp\Desktop\Curriculum Vitae_en.pdf
2017-01-17 21:08 - 2017-01-18 17:06 - 00000206 _____ C:\WINDOWS\Tasks\AutoKMS.job
2017-01-17 21:08 - 2017-01-17 21:08 - 00614400 _____ C:\WINDOWS\AutoKMS.exe
2017-01-17 21:08 - 2017-01-17 21:08 - 00002468 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2017-01-17 21:08 - 2017-01-17 21:08 - 00000135 _____ C:\WINDOWS\AutoKMS.ini
2017-01-17 21:06 - 2017-01-17 21:06 - 00000000 ____D C:\WINDOWS\PCHEALTH
2017-01-17 21:06 - 2017-01-17 21:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2017-01-17 21:06 - 2017-01-17 21:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2017-01-17 21:06 - 2017-01-17 21:06 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2017-01-17 21:06 - 2017-01-17 21:06 - 00000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2017-01-17 21:06 - 2017-01-17 21:06 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2017-01-17 21:05 - 2017-01-17 21:05 - 00000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2017-01-17 21:04 - 2017-01-17 21:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2017-01-17 21:03 - 2017-01-17 21:06 - 00000000 ____D C:\WINDOWS\SHELLNEW
2017-01-17 21:03 - 2017-01-17 21:06 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-01-17 21:03 - 2017-01-17 21:03 - 00000000 __RHD C:\MSOCache
2017-01-17 21:03 - 2017-01-17 21:03 - 00000000 ____D C:\Users\hp\AppData\Local\Microsoft Help
2017-01-17 21:03 - 2017-01-17 21:03 - 00000000 ____D C:\Program Files\Microsoft Office
2017-01-17 21:03 - 2017-01-17 21:03 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2017-01-14 17:53 - 2017-01-14 17:53 - 00000000 ____D C:\Program Files (x86)\Novatel Wireless
2017-01-14 17:53 - 2012-11-13 12:19 - 00008192 _____ (Novatel Wireless) C:\WINDOWS\HP_Installer_Dll.dll
2017-01-14 17:53 - 2012-11-13 12:18 - 00334848 _____ (Novatel Wireless Inc.) C:\WINDOWS\system32\Drivers\NWHPMBNet.sys
2017-01-14 17:53 - 2012-11-13 12:18 - 00227712 _____ (Novatel Wireless Inc.) C:\WINDOWS\system32\Drivers\nwhpser2.sys
2017-01-14 17:53 - 2012-11-13 12:18 - 00227712 _____ (Novatel Wireless Inc.) C:\WINDOWS\system32\Drivers\nwhpser.sys
2017-01-14 17:53 - 2012-11-13 12:18 - 00227712 _____ (Novatel Wireless Inc.) C:\WINDOWS\system32\Drivers\nwhpmdm.sys
2017-01-14 17:53 - 2012-11-13 12:18 - 00166472 _____ (MCCI Corporation) C:\WINDOWS\system32\Drivers\nwhpbus.sys
2017-01-14 17:53 - 2012-11-13 12:18 - 00024576 _____ (Novatel Wireless Inc.) C:\WINDOWS\system32\Drivers\nwhpssndis.sys
2017-01-14 17:53 - 2012-11-13 12:18 - 00016456 _____ (MCCI Corporation) C:\WINDOWS\system32\Drivers\nwhpwhnt.sys
2017-01-14 17:53 - 2012-11-13 12:18 - 00016456 _____ (MCCI Corporation) C:\WINDOWS\system32\Drivers\nwhpwh.sys
2017-01-14 10:00 - 2017-01-14 10:00 - 00000144 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-01-13 22:11 - 2017-01-13 22:11 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Vodafone
2017-01-13 22:11 - 2017-01-13 22:11 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Sierra Wireless
2017-01-13 20:20 - 2017-01-13 20:21 - 00000000 ____D C:\ProgramData\Vodafone
2017-01-13 20:20 - 2017-01-13 20:20 - 00002273 _____ C:\Users\Public\Desktop\Vodafone Mobile Broadband.lnk
2017-01-13 20:20 - 2017-01-13 20:20 - 00000000 ____D C:\Users\hp\AppData\Roaming\Vodafone
2017-01-13 20:20 - 2017-01-13 20:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vodafone
2017-01-13 20:20 - 2017-01-13 20:20 - 00000000 ____D C:\Program Files (x86)\Vodafone
2017-01-13 20:19 - 2017-01-13 20:19 - 00000000 ____D C:\Users\hp\AppData\Roaming\Sierra Wireless
2017-01-13 20:19 - 2017-01-13 20:19 - 00000000 ____D C:\Users\hp\AppData\Roaming\NETGEAR
2017-01-13 20:04 - 2017-01-13 20:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2017-01-13 19:45 - 2017-01-13 19:45 - 00000000 ____D C:\Users\Administrator\AppData\Local\AllAccess_AppStart
2017-01-13 18:14 - 2017-01-13 22:16 - 00000000 ____D C:\Program Files (x86)\Sierra Wireless Inc
2017-01-13 18:14 - 2017-01-13 21:52 - 00000000 ____D C:\Users\hp\AppData\Local\AllAccess
2017-01-13 18:14 - 2017-01-13 18:14 - 00000000 ____D C:\ProgramData\Sierra Wireless
2017-01-13 18:14 - 2017-01-13 18:14 - 00000000 ____D C:\Program Files (x86)\AT&T
2017-01-13 18:00 - 2017-01-13 09:59 - 00014624 _____ ( ) C:\WINDOWS\system32\Interop.hputilsLib.dll
2017-01-13 17:51 - 2017-01-13 17:51 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\WirelessManager
2017-01-13 17:12 - 2017-01-13 17:22 - 00000000 ____D C:\Users\hp\AppData\Local\Novatel Wireless
2017-01-13 17:10 - 2017-01-13 17:11 - 00000000 ____D C:\Users\hp\AppData\Roaming\WirelessManager
2017-01-13 17:09 - 2017-01-13 17:09 - 00000000 ____D C:\Dell
2017-01-13 16:36 - 2017-01-13 16:36 - 00000000 ____D C:\Users\Administrator\AppData\Local\CEF
2017-01-13 16:23 - 2017-01-13 16:23 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Skype
2017-01-13 16:23 - 2017-01-13 16:23 - 00000000 ____D C:\Users\Administrator\AppData\Local\Telespree
2017-01-13 16:12 - 2017-01-13 16:12 - 00002391 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-01-13 16:12 - 2017-01-13 16:12 - 00000000 ___RD C:\Users\Administrator\OneDrive
2017-01-13 16:12 - 2017-01-13 16:12 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\AVAST Software
2017-01-13 16:11 - 2017-01-13 22:11 - 00000000 __SHD C:\Users\Administrator\IntelGraphicsProfiles
2017-01-13 16:11 - 2017-01-13 19:51 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\hpqLog
2017-01-13 16:11 - 2017-01-13 16:43 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Hewlett-Packard
2017-01-13 16:11 - 2017-01-13 16:36 - 00000000 ____D C:\Users\Administrator\AppData\Local\ConnectedDevicesPlatform
2017-01-13 16:11 - 2017-01-13 16:24 - 00000000 ____D C:\Users\Administrator
2017-01-13 16:11 - 2017-01-13 16:23 - 00000000 ____D C:\Users\Administrator\AppData\Local\Packages
2017-01-13 16:11 - 2017-01-13 16:11 - 00000020 ___SH C:\Users\Administrator\ntuser.ini
2017-01-13 16:11 - 2017-01-13 16:11 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2017-01-13 16:11 - 2017-01-13 16:11 - 00000000 ____D C:\Users\Administrator\AppData\Local\TileDataLayer
2017-01-13 16:11 - 2017-01-13 16:11 - 00000000 ____D C:\Users\Administrator\AppData\Local\Publishers
2017-01-13 16:09 - 2017-01-13 16:09 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_nwhplocation_01_09_00.Wdf
2017-01-13 16:08 - 2012-11-13 12:18 - 01721576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wdfcoinstaller01009.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-02-12 21:49 - 2016-11-17 10:53 - 00000000 ____D C:\Users\hp\AppData\Roaming\Skype
2017-02-12 21:46 - 2016-12-27 16:39 - 00000000 ____D C:\AdwCleaner
2017-02-12 21:32 - 2016-11-17 10:44 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-12 20:13 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-02-12 20:08 - 2016-11-17 12:46 - 01135064 _____ C:\WINDOWS\system32\perfh01B.dat
2017-02-12 20:08 - 2016-11-17 12:46 - 00335964 _____ C:\WINDOWS\system32\perfc01B.dat
2017-02-12 20:08 - 2016-11-17 10:52 - 03050398 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-12 20:02 - 2016-12-26 22:21 - 00000000 ____D C:\ProgramData\Synaptics
2017-02-12 20:02 - 2016-11-17 11:28 - 00000000 __SHD C:\Users\hp\IntelGraphicsProfiles
2017-02-12 20:02 - 2016-11-17 10:47 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-12 11:15 - 2016-11-17 10:46 - 00000000 ____D C:\Users\hp
2017-02-12 11:14 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-02-11 17:37 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-10 16:16 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-10 16:12 - 2016-11-17 11:28 - 00337080 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys
2017-02-09 22:35 - 2016-07-16 07:04 - 00262144 _____ C:\WINDOWS\system32\config\BBI
2017-02-09 22:31 - 2016-11-17 11:50 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2017-02-09 22:27 - 2016-11-17 11:01 - 00000000 ____D C:\Program Files (x86)\Intel
2017-02-09 22:26 - 2016-11-05 19:44 - 00000000 ____D C:\Intel
2017-02-09 22:11 - 2016-11-17 11:24 - 00000000 ____D C:\Users\hp\AppData\Roaming\vlc
2017-02-09 22:01 - 2016-12-26 22:44 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-08 22:06 - 2016-11-17 10:51 - 00000000 ____D C:\Users\hp\AppData\Local\VirtualStore
2017-02-08 22:00 - 2016-11-17 11:31 - 00004036 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1479378688
2017-02-08 22:00 - 2016-11-17 11:31 - 00001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-02-08 19:42 - 2016-11-17 11:31 - 00032088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2017-02-08 19:42 - 2016-11-17 11:28 - 00991496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-02-08 19:42 - 2016-11-17 11:28 - 00547904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-02-08 19:42 - 2016-11-17 11:28 - 00162528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-02-08 19:42 - 2016-11-17 11:28 - 00126088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-02-08 19:42 - 2016-11-17 11:28 - 00100640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-02-08 19:42 - 2016-11-17 11:28 - 00074680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-02-08 19:42 - 2016-11-17 11:28 - 00038296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-02-06 16:51 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-02-04 19:52 - 2016-12-27 12:15 - 00000018 _____ C:\WINDOWS\hbcikrnl.ini
2017-02-04 19:52 - 2016-12-26 22:41 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-02-02 22:09 - 2016-11-17 17:08 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-02-02 22:09 - 2016-11-17 17:08 - 00000000 ____D C:\ProgramData\Skype
2017-02-02 16:58 - 2016-11-17 10:59 - 00002470 _____ C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-01 19:57 - 2016-12-28 20:50 - 00000000 ____D C:\Users\hp\AppData\Local\ElevatedDiagnostics
2017-01-29 11:42 - 2017-01-12 19:00 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2017-01-28 16:11 - 2017-01-08 12:10 - 00000290 __RSH C:\ProgramData\ntuser.pol
2017-01-28 15:15 - 2017-01-08 12:08 - 00000000 ____D C:\Users\hp\Downloads\WinXP SP3
2017-01-26 17:17 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-22 20:06 - 2017-01-08 09:59 - 00000000 ____D C:\Program Files (x86)\FastShare
2017-01-22 12:47 - 2016-12-27 11:59 - 00000000 ____D C:\swsetup
2017-01-20 22:07 - 2017-01-06 18:22 - 00000000 ____D C:\Users\hp\Desktop\Lesson 2
2017-01-18 20:51 - 2017-01-12 20:33 - 00633940 _____ C:\Users\hp\Desktop\Curriculum Vitae - Makarsky_sk.pdf
2017-01-18 17:06 - 2016-11-17 10:44 - 00356176 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-01-17 21:06 - 2016-12-26 23:11 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-01-17 21:05 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-01-17 21:03 - 2016-07-16 12:47 - 00000167 _____ C:\WINDOWS\win.ini
2017-01-14 17:52 - 2016-11-17 10:51 - 00000000 ____D C:\Users\hp\AppData\Local\Packages
2017-01-14 13:27 - 2016-12-28 20:56 - 00000436 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2017-01-14 10:02 - 2016-12-26 22:37 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2017-01-13 20:20 - 2016-12-26 23:25 - 00000000 ____D C:\Users\hp\AppData\Local\Downloaded Installations
2017-01-13 20:04 - 2016-12-26 22:37 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2017-01-13 19:34 - 2016-12-26 22:57 - 00000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard
2017-01-13 19:34 - 2016-11-17 10:58 - 00000000 ____D C:\Program Files (x86)\HP
2017-01-13 17:35 - 2016-12-26 21:42 - 00003264 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-01-13 17:35 - 2016-11-17 10:52 - 00002362 _____ C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-01-13 17:35 - 2016-11-17 10:52 - 00000000 ___RD C:\Users\hp\OneDrive
2017-01-13 16:28 - 2016-12-26 22:37 - 00000000 ____D C:\Users\hp\AppData\Roaming\hpqLog
2017-01-13 16:11 - 2016-11-17 10:51 - 00000000 __RHD C:\Users\Public\AccountPictures

==================== Files in the root of some directories =======


Some files in TEMP:
====================
2017-01-19 19:02 - 2017-01-19 19:02 - 14773216 _____ (Microsoft Corporation) C:\Users\hp\AppData\Local\Temp\vcredist_x64.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\WINDOWS\AutoKMS.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForhp.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\hp\Desktop" je 7813 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]


==================== End Of Log ==============================

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

[marsell2607]

# AdwCleaner v6.043 - *Logfile created 12/02/2017 *at 22:33:47
# *Updated on 27/01/2017 by Malwarebytes
# *Database : 2017-02-12.1 [*Local]
# *Operating System : Windows 10 Home (X64)
# *Username : hp - HP-PC
# *Running from : C:\Users\hp\Desktop\adwcleaner_6.043 (1).exe
# *Mode: Clean
# *Support : https://www.malwarebytes.com/support



***** [ *Services ] *****



***** [ *Folders ] *****



***** [ *Files ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ *Shortcuts ] *****



***** [ *Scheduled Tasks ] *****



***** [ *Registry ] *****



***** [ *Browsers ] *****



*************************

:: *"Tracing" keys deleted
:: *Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1891 *Bytes] - [27/12/2016 16:41:33]
C:\AdwCleaner\AdwCleaner[C2].txt - [833 *Bytes] - [12/02/2017 22:33:47]
C:\AdwCleaner\AdwCleaner[S0].txt - [1898 *Bytes] - [27/12/2016 16:41:09]
C:\AdwCleaner\AdwCleaner[S1].txt - [1312 *Bytes] - [08/02/2017 12:55:42]
C:\AdwCleaner\AdwCleaner[S2].txt - [1388 *Bytes] - [12/02/2017 21:46:24]
C:\AdwCleaner\AdwCleaner[S3].txt - [1461 *Bytes] - [12/02/2017 22:33:38]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1202 *Bytes] ##########

[Rudy]

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM-x32\...\Run: [] => [X]
GroupPolicy: Restriction <======= ATTENTION
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll => No File
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll => No File
C:\WINDOWS\LastGood.Tmp
C:\WINDOWS\Tasks\AutoKMS.job
C:\WINDOWS\AutoKMS.exe
C:\WINDOWS\System32\Tasks\AutoKMS
C:\WINDOWS\AutoKMS.ini
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
C:\Users\hp\AppData\Local\Temp
Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\WINDOWS\AutoKMS.exe

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Z logu:

Velikost slozky "C:\Users\hp\Desktop" je 7813 MB.

To je příliš mnoho a může to způsobovat zpomalení startu systému. Vytvořte v C:\Users\hp novou složku, do níž přesuňte všechna data z plochy (kromě zástupců). Na plochu si pak dejte zástupce té složky pro snazší přístup.

[marsell2607]

Dobrý deň,
desktop má teraz 32mb.

Fix result of Farbar Recovery Scan Tool (x64) Version: 12-02-2017
Ran by hp (13-02-2017 21:26:43) Run:1
Running from C:\Users\hp\Desktop
Loaded Profiles: hp (Available Profiles: hp & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [] => [X]
GroupPolicy: Restriction <======= ATTENTION
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll => No File
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll => No File
C:\WINDOWS\LastGood.Tmp
C:\WINDOWS\Tasks\AutoKMS.job
C:\WINDOWS\AutoKMS.exe
C:\WINDOWS\System32\Tasks\AutoKMS
C:\WINDOWS\AutoKMS.ini
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
C:\Users\hp\AppData\Local\Temp
Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\WINDOWS\AutoKMS.exe

EmptyTemp:
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} => key removed successfully
HKCR\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} => key removed successfully
HKCR\Wow6432Node\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} => key not found.
C:\WINDOWS\LastGood.Tmp => moved successfully
C:\WINDOWS\Tasks\AutoKMS.job => moved successfully
C:\WINDOWS\AutoKMS.exe => moved successfully
C:\WINDOWS\System32\Tasks\AutoKMS => moved successfully
C:\WINDOWS\AutoKMS.ini => moved successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat => moved successfully

"C:\Users\hp\AppData\Local\Temp" folder move:

Could not move "C:\Users\hp\AppData\Local\Temp" => Scheduled to move on reboot.

C:\WINDOWS\Tasks\AutoKMS.job => not found.

=========== EmptyTemp: ==========

BITS transfer queue => 3328355 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 41480378 B
Java, Flash, Steam htmlcache => 714 B
Windows/system/drivers => 50313215 B
Edge => 2095350 B
Chrome => 459464438 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 40828 B
NetworkService => 2630 B
hp => 1128986191 B
Administrator => 60103784 B

RecycleBin => 0 B
EmptyTemp: => 1.6 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 13-02-2017 21:28:15)

C:\Users\hp\AppData\Local\Temp => moved successfully

==== End of Fixlog 21:28:15 ====

[Rudy]

Smazáno. Nastala nějaká změna?

[marsell2607]

Dobrý deň,
práve som zapol pc, štart je o niečo rýchlejší ale opäť pri štarte chrome, mi vyhodilo varray.online a nejaké video ako rýchlo zarobiť peniaze, podtým varray.online sa niekedy spustí aj alieexpres v ruskom jazyku. Pozeral som doplnky v prehliadači, no nič zaujímavé.

[Rudy]

OK. Udělejte ještě tyto skeny:

1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

[marsell2607]

LOG z Zoek:

Zoek.exe v5.0.0.1 Updated 27-09-2015
Tool run by hp on ut 14.02.2017 at 22:44:15,85.
Microsoft Windows 10 Home 10.0.14393 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\hp\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

14.2.2017 22:45:36 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\COMMON~1\InstallShield deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\Administrator\AppData\Local\AllAccess_AppStart deleted successfully
C:\Users\hp\AppData\Local\NetworkTiles deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\NetworkTiles deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\SamsungPrinterLiveUpdateInstaller deleted
C:\PROGRA~2\HP Port Replicator Software Installer deleted
C:\PROGRA~3\Package Cache deleted
C:\windows\SysNative\GroupPolicy\User deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [29.12.2016 15:27]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [29.12.2016 15:27]

==== Chromium Look ======================

Photo Zoom for Facebook - hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi
Project Viewer 365-Free - hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmpghmkgkalhonankenfklpmdgnilapp
Checker Plus for Gmail™ - hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj
Chrome Media Router - hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
Chrome Remote Desktop - hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pphgllhclmbkkpegmmgfkghmajkamhdb

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IESR02"

==== Reset Google Chrome ======================

C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Web Data will be reset at reboot
C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal will be reset at reboot

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\hp\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\hp\AppData\Local\Microsoft\Windows\INetCache\IE\AC5R7UT1 will be deleted at reboot
C:\Users\hp\AppData\Local\Microsoft\Windows\INetCache\IE\IPI1Q3E8 will be deleted at reboot
C:\Users\hp\AppData\Local\Microsoft\Windows\INetCache\IE\SK3DLXE4 will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Cache will be emptied at reboot

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=36 folders=32 61092922 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\hp\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Web Data" not found
"C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal" not found
"C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0" deleted
"C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1" deleted
"C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2" deleted
"C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3" deleted
"C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Cache\index" deleted
"C:\Users\hp\AppData\Local\Microsoft\Windows\INetCache\IE\AC5R7UT1" not found
"C:\Users\hp\AppData\Local\Microsoft\Windows\INetCache\IE\IPI1Q3E8" not found
"C:\Users\hp\AppData\Local\Microsoft\Windows\INetCache\IE\SK3DLXE4" not found

==== EOF on ut 14.02.2017 at 23:40:56,18 ======================



LOG z JRT:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 10 Home x64
Ran by hp (Administrator) on ut 14.02.2017 at 23:46:09,93
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0




Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ut 14.02.2017 at 23:48:57,65
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[Rudy]

Změnilo se něco nyní?

[marsell2607]

Dobrý deň,
vyzerá to byť v poriadku, preinštaloval som aj Chrome, v prípade, že sa neozvem do zajtra večera, tak to považujem za vyriešený problém. Ďakujem Vám za pomoc, klobúk dole .

[Rudy]

Nemáte zač!