hp envy m6(win10), stale zatazeny PC

[feruso222]

Zdravim,

s ntb mam taky problem ze sa tvari akoby stale pracoval (pri sipke sa stale kruti koliesko) znefunkcnuje klikanie a pod.


Dakujem

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-02-2017
Ran by Martin (administrator) on MARTINKO (23-02-2017 11:40:51)
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin (Available Profiles: Martin)
Platform: Windows 10 Home Version 1607 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Firebird Project) C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Validity Sensors, Inc.) C:\Windows\System32\valWBFPolicyService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
() C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(KROS a.s.) C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\GROOVE.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.109.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(AuthenTec Inc.) C:\Program Files (x86)\HP SimplePass\TouchControl.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [456704 2012-02-20] ()
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-07-21] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954352 2016-04-27] (Synaptics Incorporated)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-11-20] (Microsoft Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2786768 2016-11-29] (Malwarebytes)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491320 2012-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [580512 2012-07-31] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1342008 2011-08-26] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2009-12-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [948672 2009-12-11] (Adobe Systems Incorporated)
HKU\S-1-5-21-2340716164-3588415685-2437253797-1001\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [912480 2015-09-02] (Microsoft Corporation)
HKU\S-1-5-21-2340716164-3588415685-2437253797-1001\...\Run: [Vidalia] => C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe [5735369 2011-04-12] ()
HKU\S-1-5-21-2340716164-3588415685-2437253797-1001\...\Run: [BingSvc] => C:\Users\Martin\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-2340716164-3588415685-2437253797-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9363672 2017-02-08] (Piriform Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ALFA plus - rýchle spustenie.lnk [2016-10-20]
ShortcutTarget: ALFA plus - rýchle spustenie.lnk -> C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe (KROS a.s.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk [2012-11-24]
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe (Intel Corporation)
Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft SharePoint Workspace.lnk [2014-07-24]
ShortcutTarget: Microsoft SharePoint Workspace.lnk -> C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.137.1
Tcpip\..\Interfaces\{c68fb389-cf1e-4a65-82c7-bea7d35914fb}: [DhcpNameServer] 192.168.137.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPNTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
HKU\S-1-5-21-2340716164-3588415685-2437253797-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
SearchScopes: HKLM -> {1A91BF6E-8C70-4AE0-9FFE-A7CE35CF720D} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09] (Hewlett-Packard)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies)

FireFox:
========
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw.dll [2012-04-26] (Adobe Systems, Inc.)
FF Plugin-x32: @authentec.com/ffwloplugin -> C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll [2012-08-10] ( HP)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-20] (Google Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us
CHR StartupUrls: Default -> "hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP"
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC ... earchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__ ... earchTerms}
CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default [2017-02-23]
CHR Extension: (Prezentácie Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-02-18]
CHR Extension: (Dokumenty Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-06]
CHR Extension: (Disk Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (SocialReviver) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfipfkeoidmndggnnpobeenlamiclald [2016-07-31]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2017-02-23]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2017-02-23]
CHR Extension: (YouTube) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Highlight Opened) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpifghoofjemmgpcablimgihhjakaplg [2016-12-27]
CHR Extension: (Google Search) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
CHR Extension: (NEWS PAPER FOR HD) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpbbagialgdhlenklelcdmckoenfmene [2015-10-04]
CHR Extension: (Bing) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2017-02-23]
CHR Extension: (Website Logon) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fegekclkdhbnfdcmomlpegkkndgnmfmo [2013-11-05]
CHR Extension: (Tabuľky Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-02-18]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-21]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2017-02-22]
CHR Extension: (Gmail) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR Extension: (Chrome Media Router) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-18]
CHR HKU\S-1-5-21-2340716164-3588415685-2437253797-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fegekclkdhbnfdcmomlpegkkndgnmfmo] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2012-07-12]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 FirebirdServerKROS_20400; C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe [3764224 2011-10-11] (Firebird Project) [File not signed]
R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [1641320 2012-08-10] (HP)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [85504 2012-08-10] (Hewlett-Packard Company) [File not signed]
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-11-29] (Malwarebytes)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [321536 2012-07-21] (IDT, Inc.) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [253960 2016-04-27] (Synaptics Incorporated)
R3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401256 2012-07-16] (AuthenTec, Inc.)
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [35328 2013-10-30] (Validity Sensors, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [36096 2014-07-21] (Advanced Micro Devices, Inc.)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77408 2016-11-29] ()
R3 ikbevent; C:\WINDOWS\system32\DRIVERS\ikbevent.sys [20968 2012-07-24] ()
R3 imsevent; C:\WINDOWS\system32\DRIVERS\imsevent.sys [19944 2012-07-24] ()
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46016 2012-07-24] ()
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [176064 2017-02-18] (Malwarebytes)
S3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [102856 2017-02-18] (Malwarebytes)
S3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-02-18] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [250816 2017-02-22] (Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [91584 2017-02-18] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3343872 2016-07-16] (Intel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-25] (Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [52904 2016-04-27] (Synaptics Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [20288 2012-08-03] (Hewlett-Packard Development Company, L.P.)
S3 WPRO_41_2001; C:\WINDOWS\System32\drivers\WPRO_41_2001.sys [34752 2016-05-17] ()
S3 XHCIPort; C:\WINDOWS\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows (R) Win 7 DDK provider)
U3 aspnet_state; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-02-23 11:40 - 2017-02-23 11:42 - 00020330 _____ C:\Users\Martin\Desktop\FRST.txt
2017-02-23 11:39 - 2017-02-23 11:40 - 00000000 ____D C:\FRST
2017-02-23 11:39 - 2017-02-23 11:39 - 02423296 _____ (Farbar) C:\Users\Martin\Downloads\FRST64.exe
2017-02-23 11:39 - 2017-02-23 11:39 - 02423296 _____ (Farbar) C:\Users\Martin\Desktop\FRST64.exe
2017-02-23 11:37 - 2017-02-23 11:37 - 00000000 ____D C:\WINDOWS\LastGood
2017-02-22 16:31 - 2017-02-22 16:53 - 00000000 ____D C:\AdwCleaner
2017-02-22 16:13 - 2017-02-22 16:13 - 00000000 ____D C:\Program Files\Adware-Removal-Tool
2017-02-18 21:10 - 2017-02-22 16:13 - 00290304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\subinacl.exe
2017-02-18 21:10 - 2017-02-18 21:10 - 00752296 _____ C:\Users\Martin\Downloads\Adware Removal Tool by TSA.exe
2017-02-18 21:10 - 2017-02-18 21:10 - 00000000 ____D C:\Program Files (x86)\Adware Removal Tool by TSA
2017-02-18 20:27 - 2017-02-18 20:28 - 01663040 _____ (Malwarebytes) C:\Users\Martin\Downloads\JRT.exe
2017-02-18 18:24 - 2017-02-18 18:24 - 00176064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-02-18 18:24 - 2017-02-18 18:24 - 00102856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-02-18 18:24 - 2017-02-18 18:24 - 00091584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-02-18 18:24 - 2017-02-18 18:24 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-02-18 18:23 - 2017-02-22 16:55 - 00250816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-02-18 18:23 - 2017-02-18 18:23 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-02-18 18:23 - 2017-02-18 18:23 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Obsidium
2017-02-18 18:23 - 2017-02-18 18:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-02-18 18:23 - 2017-02-18 18:23 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-02-18 18:23 - 2017-02-18 18:23 - 00000000 ____D C:\Program Files\Malwarebytes
2017-02-18 18:23 - 2016-11-29 06:27 - 00077408 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-02-18 18:22 - 2017-02-18 18:22 - 00000000 ____D C:\Users\Martin\AppData\Roaming\WinRAR
2017-02-18 18:22 - 2016-12-09 18:32 - 00000000 ____D C:\Users\Martin\Desktop\Malwarebytes Premium 3.0.4.1269
2017-02-18 18:19 - 2017-02-18 18:19 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-02-18 18:19 - 2017-02-18 18:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-02-18 18:19 - 2017-02-18 18:19 - 00000000 ____D C:\Program Files (x86)\WinRAR
2017-02-18 18:18 - 2017-02-18 18:22 - 52411272 _____ C:\Users\Martin\Downloads\Malwarebytes Premium 3.0.4.1269.rar
2017-02-18 18:18 - 2017-02-18 18:18 - 02074328 _____ C:\Users\Martin\Downloads\wr540sk.exe
2017-02-18 18:11 - 2017-02-18 18:11 - 00002858 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-02-18 18:11 - 2017-02-18 18:11 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-02-18 18:10 - 2017-02-18 18:10 - 09261616 _____ (Piriform Ltd) C:\Users\Martin\Downloads\ccsetup527.exe
2017-01-25 22:12 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2017-01-25 22:12 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-02-23 11:37 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-02-23 11:33 - 2016-11-20 18:10 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-23 11:33 - 2013-11-03 14:40 - 00000000 ____D C:\Users\Martin\AppData\LocalLow\AuthenTec
2017-02-22 16:57 - 2014-02-25 13:26 - 00000000 ____D C:\ProgramData\firebird
2017-02-22 16:55 - 2014-12-21 19:10 - 00000000 __SHD C:\Users\Martin\IntelGraphicsProfiles
2017-02-22 16:54 - 2016-11-20 18:47 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-22 16:54 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-02-22 16:15 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-18 22:09 - 2016-08-07 15:08 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Vidalia
2017-02-18 22:00 - 2015-01-28 18:28 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Tor
2017-02-18 21:56 - 2016-11-20 18:20 - 00000000 ____D C:\Users\Martin
2017-02-18 21:55 - 2014-01-01 17:59 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Skype
2017-02-18 21:54 - 2016-11-22 08:40 - 00345480 _____ C:\WINDOWS\system32\perfh01B.dat
2017-02-18 21:54 - 2016-11-22 08:40 - 00103042 _____ C:\WINDOWS\system32\perfc01B.dat
2017-02-18 21:54 - 2016-05-26 18:24 - 01543158 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-18 18:34 - 2013-08-22 14:25 - 00000826 _____ C:\WINDOWS\system32\Drivers\etc\hosts.old
2017-02-18 18:13 - 2016-11-20 18:08 - 00000000 ___DC C:\WINDOWS\Panther
2017-02-18 18:12 - 2016-11-27 13:57 - 00000000 ____D C:\WINDOWS\Minidump
2017-02-18 18:11 - 2016-08-07 14:59 - 00000000 ____D C:\Program Files\CCleaner
2017-02-18 17:41 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-10 21:43 - 2013-11-05 19:55 - 00002284 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-10 21:43 - 2013-11-05 19:55 - 00002272 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-01-28 19:06 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp

==================== Files in the root of some directories =======

2015-10-04 11:39 - 2015-10-04 11:39 - 0000036 _____ () C:\Users\Martin\AppData\Local\housecall.guid.cache

Some files in TEMP:
====================
2015-08-14 13:29 - 2015-07-29 21:08 - 0681097 _____ (SQLite Development Team) C:\Users\Martin\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-12-01 13:46

==================== End of FRST.txt ============================

[Rudy]

Zdravím!
Ten obrázek nevypovídá nic o nadměrné zátěži. Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

[feruso222]

# AdwCleaner v6.043 - *Logfile created 23/02/2017 *at 12:51:49
# *Updated on 27/01/2017 by Malwarebytes
# *Database : 2017-02-23.2 [*Server]
# *Operating System : Windows 10 Home (X64)
# *Username : Martin - MARTINKO
# *Running from : C:\Users\Martin\Downloads\adwcleaner_6.043.exe
# *Mode: Clean
# *Support : https://www.malwarebytes.com/support



***** [ *Services ] *****



***** [ *Folders ] *****

[-] *Folder deleted: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd


***** [ *Files ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ *Shortcuts ] *****



***** [ *Scheduled Tasks ] *****



***** [ *Registry ] *****

[-] *Key deleted: HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
[#] *Key deleted on reboot: [x64] HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd


***** [ *Browsers ] *****

[-] [C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default] [extension] *Deleted: fcfenmboojpjinhpgggodefccipikbpd


*************************

:: *"Tracing" keys deleted
:: *Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [1135 *Bytes] - [22/02/2017 16:43:27]
C:\AdwCleaner\AdwCleaner[C2].txt - [941 *Bytes] - [22/02/2017 16:53:43]
C:\AdwCleaner\AdwCleaner[C3].txt - [1362 *Bytes] - [23/02/2017 12:51:49]
C:\AdwCleaner\AdwCleaner[S1].txt - [1046 *Bytes] - [22/02/2017 16:31:13]
C:\AdwCleaner\AdwCleaner[S2].txt - [865 *Bytes] - [22/02/2017 16:51:25]
C:\AdwCleaner\AdwCleaner[S3].txt - [1789 *Bytes] - [23/02/2017 12:51:19]

########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [1657 *Bytes] ##########

[Rudy]

Dejte nový log FRST.

[feruso222]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-02-2017
Ran by Martin (administrator) on MARTINKO (23-02-2017 13:48:41)
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin (Available Profiles: Martin)
Platform: Windows 10 Home Version 1607 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Firebird Project) C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe
(Validity Sensors, Inc.) C:\Windows\System32\valWBFPolicyService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
() C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(KROS a.s.) C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\GROOVE.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(AuthenTec Inc.) C:\Program Files (x86)\HP SimplePass\TouchControl.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [456704 2012-02-20] ()
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-07-21] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954352 2016-04-27] (Synaptics Incorporated)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-11-20] (Microsoft Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2786768 2016-11-29] (Malwarebytes)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491320 2012-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [580512 2012-07-31] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1342008 2011-08-26] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2009-12-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [948672 2009-12-11] (Adobe Systems Incorporated)
HKU\S-1-5-21-2340716164-3588415685-2437253797-1001\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [912480 2015-09-02] (Microsoft Corporation)
HKU\S-1-5-21-2340716164-3588415685-2437253797-1001\...\Run: [Vidalia] => C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe [5735369 2011-04-12] ()
HKU\S-1-5-21-2340716164-3588415685-2437253797-1001\...\Run: [BingSvc] => C:\Users\Martin\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-2340716164-3588415685-2437253797-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9363672 2017-02-08] (Piriform Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ALFA plus - rýchle spustenie.lnk [2016-10-20]
ShortcutTarget: ALFA plus - rýchle spustenie.lnk -> C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe (KROS a.s.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk [2012-11-24]
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe (Intel Corporation)
Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft SharePoint Workspace.lnk [2014-07-24]
ShortcutTarget: Microsoft SharePoint Workspace.lnk -> C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.137.1
Tcpip\..\Interfaces\{c68fb389-cf1e-4a65-82c7-bea7d35914fb}: [DhcpNameServer] 192.168.137.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPNTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
HKU\S-1-5-21-2340716164-3588415685-2437253797-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
SearchScopes: HKLM -> {1A91BF6E-8C70-4AE0-9FFE-A7CE35CF720D} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09] (Hewlett-Packard)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies)

FireFox:
========
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw.dll [2012-04-26] (Adobe Systems, Inc.)
FF Plugin-x32: @authentec.com/ffwloplugin -> C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll [2012-08-10] ( HP)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-20] (Google Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.seznam.cz/?clid=1
CHR StartupUrls: Default -> "hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP"
CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default [2017-02-23]
CHR Extension: (Prezentácie Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-02-18]
CHR Extension: (Dokumenty Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-06]
CHR Extension: (Disk Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (SocialReviver) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfipfkeoidmndggnnpobeenlamiclald [2016-07-31]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2017-02-23]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2017-02-23]
CHR Extension: (YouTube) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Highlight Opened) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpifghoofjemmgpcablimgihhjakaplg [2016-12-27]
CHR Extension: (Google Search) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
CHR Extension: (NEWS PAPER FOR HD) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpbbagialgdhlenklelcdmckoenfmene [2015-10-04]
CHR Extension: (Website Logon) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fegekclkdhbnfdcmomlpegkkndgnmfmo [2013-11-05]
CHR Extension: (Tabuľky Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-02-18]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-21]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2017-02-22]
CHR Extension: (Gmail) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR Extension: (Chrome Media Router) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-18]
CHR HKLM-x32\...\Chrome\Extension: [fegekclkdhbnfdcmomlpegkkndgnmfmo] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2012-07-12]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 FirebirdServerKROS_20400; C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe [3764224 2011-10-11] (Firebird Project) [File not signed]
R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [1641320 2012-08-10] (HP)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [85504 2012-08-10] (Hewlett-Packard Company) [File not signed]
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-11-29] (Malwarebytes)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [321536 2012-07-21] (IDT, Inc.) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [253960 2016-04-27] (Synaptics Incorporated)
R3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401256 2012-07-16] (AuthenTec, Inc.)
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [35328 2013-10-30] (Validity Sensors, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [36096 2014-07-21] (Advanced Micro Devices, Inc.)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77408 2016-11-29] ()
R3 ikbevent; C:\WINDOWS\system32\DRIVERS\ikbevent.sys [20968 2012-07-24] ()
R3 imsevent; C:\WINDOWS\system32\DRIVERS\imsevent.sys [19944 2012-07-24] ()
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46016 2012-07-24] ()
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [176064 2017-02-18] (Malwarebytes)
S3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [102856 2017-02-18] (Malwarebytes)
S3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-02-18] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [250816 2017-02-23] (Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [91584 2017-02-18] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3343872 2016-07-16] (Intel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-25] (Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [52904 2016-04-27] (Synaptics Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [20288 2012-08-03] (Hewlett-Packard Development Company, L.P.)
S3 WPRO_41_2001; C:\WINDOWS\System32\drivers\WPRO_41_2001.sys [34752 2016-05-17] ()
S3 XHCIPort; C:\WINDOWS\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows (R) Win 7 DDK provider)
U3 aspnet_state; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-02-23 13:48 - 2017-02-23 13:49 - 00019638 _____ C:\Users\Martin\Desktop\FRST.txt
2017-02-23 12:47 - 2017-02-23 12:47 - 04015056 _____ C:\Users\Martin\Downloads\adwcleaner_6.043.exe
2017-02-23 11:39 - 2017-02-23 13:48 - 00000000 ____D C:\FRST
2017-02-23 11:39 - 2017-02-23 11:39 - 02423296 _____ (Farbar) C:\Users\Martin\Downloads\FRST64.exe
2017-02-23 11:39 - 2017-02-23 11:39 - 02423296 _____ (Farbar) C:\Users\Martin\Desktop\FRST64.exe
2017-02-23 11:37 - 2017-02-23 11:37 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-02-22 16:31 - 2017-02-23 12:51 - 00000000 ____D C:\AdwCleaner
2017-02-22 16:13 - 2017-02-22 16:13 - 00000000 ____D C:\Program Files\Adware-Removal-Tool
2017-02-18 21:10 - 2017-02-22 16:13 - 00290304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\subinacl.exe
2017-02-18 21:10 - 2017-02-18 21:10 - 00752296 _____ C:\Users\Martin\Downloads\Adware Removal Tool by TSA.exe
2017-02-18 21:10 - 2017-02-18 21:10 - 00000000 ____D C:\Program Files (x86)\Adware Removal Tool by TSA
2017-02-18 20:27 - 2017-02-18 20:28 - 01663040 _____ (Malwarebytes) C:\Users\Martin\Downloads\JRT.exe
2017-02-18 18:24 - 2017-02-18 18:24 - 00176064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-02-18 18:24 - 2017-02-18 18:24 - 00102856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-02-18 18:24 - 2017-02-18 18:24 - 00091584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-02-18 18:24 - 2017-02-18 18:24 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-02-18 18:23 - 2017-02-23 12:53 - 00250816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-02-18 18:23 - 2017-02-18 18:23 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-02-18 18:23 - 2017-02-18 18:23 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Obsidium
2017-02-18 18:23 - 2017-02-18 18:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-02-18 18:23 - 2017-02-18 18:23 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-02-18 18:23 - 2017-02-18 18:23 - 00000000 ____D C:\Program Files\Malwarebytes
2017-02-18 18:23 - 2016-11-29 06:27 - 00077408 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-02-18 18:22 - 2017-02-18 18:22 - 00000000 ____D C:\Users\Martin\AppData\Roaming\WinRAR
2017-02-18 18:22 - 2016-12-09 18:32 - 00000000 ____D C:\Users\Martin\Desktop\Malwarebytes Premium 3.0.4.1269
2017-02-18 18:19 - 2017-02-18 18:19 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-02-18 18:19 - 2017-02-18 18:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-02-18 18:19 - 2017-02-18 18:19 - 00000000 ____D C:\Program Files (x86)\WinRAR
2017-02-18 18:18 - 2017-02-18 18:22 - 52411272 _____ C:\Users\Martin\Downloads\Malwarebytes Premium 3.0.4.1269.rar
2017-02-18 18:18 - 2017-02-18 18:18 - 02074328 _____ C:\Users\Martin\Downloads\wr540sk.exe
2017-02-18 18:11 - 2017-02-18 18:11 - 00002858 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-02-18 18:11 - 2017-02-18 18:11 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-02-18 18:10 - 2017-02-18 18:10 - 09261616 _____ (Piriform Ltd) C:\Users\Martin\Downloads\ccsetup527.exe
2017-01-25 22:12 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2017-01-25 22:12 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-02-23 13:47 - 2016-11-20 18:10 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-23 13:47 - 2013-11-03 14:40 - 00000000 ____D C:\Users\Martin\AppData\LocalLow\AuthenTec
2017-02-23 13:07 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-23 13:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-23 13:00 - 2014-02-25 13:26 - 00000000 ____D C:\ProgramData\firebird
2017-02-23 12:53 - 2014-12-21 19:10 - 00000000 __SHD C:\Users\Martin\IntelGraphicsProfiles
2017-02-23 12:52 - 2016-11-20 18:47 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-23 12:52 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-02-23 11:50 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-02-18 22:09 - 2016-08-07 15:08 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Vidalia
2017-02-18 22:00 - 2015-01-28 18:28 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Tor
2017-02-18 21:56 - 2016-11-20 18:20 - 00000000 ____D C:\Users\Martin
2017-02-18 21:55 - 2014-01-01 17:59 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Skype
2017-02-18 21:54 - 2016-11-22 08:40 - 00345480 _____ C:\WINDOWS\system32\perfh01B.dat
2017-02-18 21:54 - 2016-11-22 08:40 - 00103042 _____ C:\WINDOWS\system32\perfc01B.dat
2017-02-18 21:54 - 2016-05-26 18:24 - 01543158 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-18 18:34 - 2013-08-22 14:25 - 00000826 _____ C:\WINDOWS\system32\Drivers\etc\hosts.old
2017-02-18 18:13 - 2016-11-20 18:08 - 00000000 ___DC C:\WINDOWS\Panther
2017-02-18 18:12 - 2016-11-27 13:57 - 00000000 ____D C:\WINDOWS\Minidump
2017-02-18 18:11 - 2016-08-07 14:59 - 00000000 ____D C:\Program Files\CCleaner
2017-02-10 21:43 - 2013-11-05 19:55 - 00002284 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-10 21:43 - 2013-11-05 19:55 - 00002272 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-01-28 19:06 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp

==================== Files in the root of some directories =======

2015-10-04 11:39 - 2015-10-04 11:39 - 0000036 _____ () C:\Users\Martin\AppData\Local\housecall.guid.cache

Some files in TEMP:
====================
2015-08-14 13:29 - 2015-07-29 21:08 - 0681097 _____ (SQLite Development Team) C:\Users\Martin\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-12-01 13:46

==================== End of FRST.txt ============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM-x32\...\Run: [] => [X]
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPNTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
HKU\S-1-5-21-2340716164-3588415685-2437253797-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
U3 aspnet_state; no ImagePath
C:\WINDOWS\LastGood.Tmp
C:\Users\Martin\AppData\Local\Temp
Task: {112F9BAA-9FE2-49D2-A743-5D4467208AB0} - System32\Tasks\GoogleUpdateTaskMachineUA1d093133fbc5d3c => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {2ADE9C91-B795-4E18-82A5-69BEAED561AB} - System32\Tasks\GoogleUpdateTaskMachineUA1cf9499a6823592 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {32800104-1B7D-42DF-843C-872922B6FAA8} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {6B7B7A21-A1BA-4FE6-B093-05E0AA7EC564} - System32\Tasks\{00D64B3C-EB25-4416-AF0A-CEBA18E40AE1} => pcalua.exe -a C:\Users\Martin\Downloads\TurboFLOORPLANCZ.exe -d C:\Users\Martin\Downloads
Task: {756B2F2D-4D39-4FDA-8D02-080869AFF35E} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {82A69A2C-383E-4D62-AC18-E520348B11D5} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {8D4FD074-D3B0-48AB-938C-5A013CBB509B} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {A618EA38-A2C2-420C-A8E3-A0923C5FEBB5} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {A6D45B4E-04CC-4FCD-AAB5-F4446C6A17CF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {B15793CF-6271-4FEF-B775-1230D0A92515} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {B95168C1-B41D-4353-B3BC-0AA31C549FBC} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {B9893A3B-58D9-4BA3-BFC9-D81852EB236F} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {BF226F90-25B3-418E-A422-7EE8294BCD82} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {C0EF13BF-DE48-4976-A958-1A473A450636} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {C34E865D-A3A4-426D-B61E-71748BE606BE} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {D7DE8CA8-118A-46B4-BFDB-FB72D3A09BE0} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {E06A0CC4-EA11-4AA6-AA5B-8225E414F09C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {EE975E61-C9CC-498D-87FB-4B46C960B031} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[feruso222]

Fix result of Farbar Recovery Scan Tool (x64) Version: 23-02-2017
Ran by Martin (23-02-2017 18:01:07) Run:1
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin (Available Profiles: Martin)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [] => [X]
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPNTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
HKU\S-1-5-21-2340716164-3588415685-2437253797-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
U3 aspnet_state; no ImagePath
C:\WINDOWS\LastGood.Tmp
C:\Users\Martin\AppData\Local\Temp
Task: {112F9BAA-9FE2-49D2-A743-5D4467208AB0} - System32\Tasks\GoogleUpdateTaskMachineUA1d093133fbc5d3c => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {2ADE9C91-B795-4E18-82A5-69BEAED561AB} - System32\Tasks\GoogleUpdateTaskMachineUA1cf9499a6823592 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {32800104-1B7D-42DF-843C-872922B6FAA8} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {6B7B7A21-A1BA-4FE6-B093-05E0AA7EC564} - System32\Tasks\{00D64B3C-EB25-4416-AF0A-CEBA18E40AE1} => pcalua.exe -a C:\Users\Martin\Downloads\TurboFLOORPLANCZ.exe -d C:\Users\Martin\Downloads
Task: {756B2F2D-4D39-4FDA-8D02-080869AFF35E} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {82A69A2C-383E-4D62-AC18-E520348B11D5} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {8D4FD074-D3B0-48AB-938C-5A013CBB509B} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {A618EA38-A2C2-420C-A8E3-A0923C5FEBB5} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {A6D45B4E-04CC-4FCD-AAB5-F4446C6A17CF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {B15793CF-6271-4FEF-B775-1230D0A92515} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {B95168C1-B41D-4353-B3BC-0AA31C549FBC} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {B9893A3B-58D9-4BA3-BFC9-D81852EB236F} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {BF226F90-25B3-418E-A422-7EE8294BCD82} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {C0EF13BF-DE48-4976-A958-1A473A450636} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {C34E865D-A3A4-426D-B61E-71748BE606BE} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {D7DE8CA8-118A-46B4-BFDB-FB72D3A09BE0} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {E06A0CC4-EA11-4AA6-AA5B-8225E414F09C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {EE975E61-C9CC-498D-87FB-4B46C960B031} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION

EmptyTemp:
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKU\S-1-5-21-2340716164-3588415685-2437253797-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\System\CurrentControlSet\Services\aspnet_state => key removed successfully
aspnet_state => service removed successfully
C:\WINDOWS\LastGood.Tmp => moved successfully

"C:\Users\Martin\AppData\Local\Temp" folder move:

Could not move "C:\Users\Martin\AppData\Local\Temp" => Scheduled to move on reboot.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{112F9BAA-9FE2-49D2-A743-5D4467208AB0} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{112F9BAA-9FE2-49D2-A743-5D4467208AB0} => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d093133fbc5d3c => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA1d093133fbc5d3c => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2ADE9C91-B795-4E18-82A5-69BEAED561AB} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2ADE9C91-B795-4E18-82A5-69BEAED561AB} => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1cf9499a6823592 => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA1cf9499a6823592 => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{32800104-1B7D-42DF-843C-872922B6FAA8} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{32800104-1B7D-42DF-843C-872922B6FAA8} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6B7B7A21-A1BA-4FE6-B093-05E0AA7EC564} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B7B7A21-A1BA-4FE6-B093-05E0AA7EC564} => key removed successfully
C:\WINDOWS\System32\Tasks\{00D64B3C-EB25-4416-AF0A-CEBA18E40AE1} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{00D64B3C-EB25-4416-AF0A-CEBA18E40AE1} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{756B2F2D-4D39-4FDA-8D02-080869AFF35E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{756B2F2D-4D39-4FDA-8D02-080869AFF35E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{82A69A2C-383E-4D62-AC18-E520348B11D5} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{82A69A2C-383E-4D62-AC18-E520348B11D5} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8D4FD074-D3B0-48AB-938C-5A013CBB509B} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8D4FD074-D3B0-48AB-938C-5A013CBB509B} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A618EA38-A2C2-420C-A8E3-A0923C5FEBB5} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A618EA38-A2C2-420C-A8E3-A0923C5FEBB5} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A6D45B4E-04CC-4FCD-AAB5-F4446C6A17CF} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A6D45B4E-04CC-4FCD-AAB5-F4446C6A17CF} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B15793CF-6271-4FEF-B775-1230D0A92515} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B15793CF-6271-4FEF-B775-1230D0A92515} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B95168C1-B41D-4353-B3BC-0AA31C549FBC} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B95168C1-B41D-4353-B3BC-0AA31C549FBC} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B9893A3B-58D9-4BA3-BFC9-D81852EB236F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B9893A3B-58D9-4BA3-BFC9-D81852EB236F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BF226F90-25B3-418E-A422-7EE8294BCD82} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BF226F90-25B3-418E-A422-7EE8294BCD82} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C0EF13BF-DE48-4976-A958-1A473A450636} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C0EF13BF-DE48-4976-A958-1A473A450636} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C34E865D-A3A4-426D-B61E-71748BE606BE} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C34E865D-A3A4-426D-B61E-71748BE606BE} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D7DE8CA8-118A-46B4-BFDB-FB72D3A09BE0} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D7DE8CA8-118A-46B4-BFDB-FB72D3A09BE0} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E06A0CC4-EA11-4AA6-AA5B-8225E414F09C} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E06A0CC4-EA11-4AA6-AA5B-8225E414F09C} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EE975E61-C9CC-498D-87FB-4B46C960B031} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EE975E61-C9CC-498D-87FB-4B46C960B031} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 28716530 B
Java, Flash, Steam htmlcache => 523 B
Windows/system/drivers => 37712 B
Edge => 194721029 B
Chrome => 406730014 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 8530200 B
Martin => 9870071 B

RecycleBin => 0 B
EmptyTemp: => 618.6 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 23-02-2017 18:03:17)

C:\Users\Martin\AppData\Local\Temp => moved successfully

==== End of Fixlog 18:03:19 ====

[Rudy]

Smazáno. Nastala nějaká změna?

[feruso222]

ked mi zahlasilo ze skoncil fix (este pred restartom), nacitavanie pri myske prestalo-teda problem sa zdal byt vyrieseny.....po restarte to opat zacalo robit :/

[Rudy]

Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

[feruso222]

Malwarebytes
www.malwarebytes.com

-Podrobnosti denníka-
Dátum skenovania: 23.02.17
Čas skenovania: 19:14
Súbor denníka: exp.txt
Správca: Áno

-Údaje o softvéri-
Verzia: 3.0.6.1469
Verzia súčastí: 1.0.50
Aktualizovať verziu balíka: 1.0.1064
Licencia: Zadarmo

-Systémové informácie-
OS: Windows 10
Procesor: x64
Systém súborov: NTFS
Používateľ: Martinko\Martin

-Zhrnutie skenovania-
Typ skenovania: Vyhľadávanie hrozieb
Výsledok: Dokončené
Preskenované objekty: 406895
Uplynulý čas: 7 min, 45 s

-Možnosti skenovania-
Pamäť: Povolené
Spúšťanie: Povolené
Systém súborov: Povolené
Archívy: Povolené
Rootkity: Zakázané
Heuristika: Povolené
PUP: Povolené
PUM: Povolené

-Podrobnosti skenovania-
Proces: 0
(Nezistili sa nijaké škodlivé položky)

Modul: 0
(Nezistili sa nijaké škodlivé položky)

Kľúč databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)

Hodnota databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)

Údaje databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)

Prúd údajov: 0
(Nezistili sa nijaké škodlivé položky)

Priečinok: 0
(Nezistili sa nijaké škodlivé položky)

Súbor: 0
(Nezistili sa nijaké škodlivé položky)

Fyzický sektor: 0
(Nezistili sa nijaké škodlivé položky)


(end)

[Rudy]

Toto je OK, virový problém to není. Na zkoušku vypněte aut. aktualizace.

[feruso222]

windows update som cez msconfig vypol a nepomohlo :/

[Rudy]

Který proces zabírá nejvíce systémových prostředků?

[feruso222]