Zdravím, určite nejaká škodlivina tu bude, po vložení prázdneho USB disku sa na ňom vytvoria nejaké divné súbory (*.*exe) a druhý systém ich okamžite po načítaní disku hodí do karantény.
--- ADW CLEANEROM PREČISTENÉ ---
FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-10-2019 02
Ran by riaditel (administrator) on MPCMPC-5VORJJFJ (Hewlett-Packard HP ProBook 4330s) (14-10-2019 20:11:57)
Running from C:\Users\riaditel\Desktop
Loaded Profiles: riaditel (Available Profiles: riaditel & učitel)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Users\riaditel\AppData\Roaming\Macromedia\svchost.exe
() [File not signed] C:\Users\riaditel\AppData\Roaming\Macromedia\svchost.exe
(Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Atheros Communications Inc. -> Atheros) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(DigitalPersona, Inc. -> DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(eIT Co., Ltd. and Xiroku Inc.) [File not signed] C:\Program Files (x86)\Hitachi Software Engineering\FX-DuoDriver\LSDRVA.exe
(Google Inc -> Google Inc.) C:\Users\riaditel\AppData\Local\Google\Update\GoogleUpdate.exe
(Google Inc -> Google Inc.) C:\Users\riaditel\AppData\Local\Google\Update\GoogleUpdate.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Macrovision Europe Ltd.) [File not signed] C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) [File not signed] C:\Users\riaditel\AppData\Roaming\Macromedia\dllhost32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DeviceDisplayObjectProvider.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wscript.exe
(Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Motorola Inc -> Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
(Motorola Inc -> Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\obexsrv.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\assistant\browser_assistant.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\assistant\browser_assistant.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Systweak Software -> Systweak Software) C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-05-27] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
HKLM\...\Run: [MicrosoftSearchIndexer] => "wscript.exe //E:vbscript C:\Users\riaditel\AppData\Roaming\MicrosoftSearchIndexer"
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2833504 2017-08-26] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files (x86)\Opera\assistant\browser_assistant.exe [2766360 2019-10-09] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-550839865-1085242704-628959683-1004\...\Run: [Google Update] => C:\Users\riaditel\AppData\Local\Google\Update\1.3.35.302\GoogleUpdateCore.exe [1107752 2019-10-03] (Google Inc -> Google LLC)
HKU\S-1-5-21-550839865-1085242704-628959683-1004\...\Run: [MicrosoftSearchIndexer] => "wscript.exe //E:vbscript C:\Users\riaditel\AppData\Roaming\MicrosoftSearchIndexer"
HKU\S-1-5-21-550839865-1085242704-628959683-1004\...\Run: [Google Update 12.3] => C:\Users\riaditel\AppData\Roaming\Macromedia\svchost.exe [2219008 2018-06-26] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-550839865-1085242704-628959683-1004\...\RunOnce: [Application Restart #2] => C:\Users\riaditel\AppData\Local\Google\Chrome\Application\chrome.exe [1531376 2019-09-18] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
HKLM\Software\...\Winlogon\GPExtensions: [{8D90E7E9-6F48-4e24-85E0-596C8E6C4639}] -> C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPCmsGPOClient.dll [2011-08-24] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
HKLM\Software\...\Winlogon\GPExtensions: [{D75A25CD-0CCA-4C3C-A5E6-94039CC03B72}] -> C:\Windows\system32\DPLic.dll [2011-08-24] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\StarBoard Light Sensor Driver.lnk [2012-05-21]
ShortcutTarget: StarBoard Light Sensor Driver.lnk -> C:\Program Files (x86)\Hitachi Software Engineering\FX-DuoDriver\LSDRVA.exe (eIT Co., Ltd. and Xiroku Inc.) [File not signed]
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {2AA41659-FCD4-4CF5-8CE6-92693B8ACB7A} - System32\Tasks\ASO-OneClickCare => C:\Program Files (x86)\Advanced System Optimizer 3\ASO3.exe [3608464 2017-06-23] (Systweak Software -> Systweak Software)
Task: {33FA770B-F1E8-4236-8266-688D05355009} - System32\Tasks\MicrosoftSearchIndexer => wscript.exe //E:vbscript C:\Users\riaditel\AppData\Roaming\MicrosoftSearchIndexer
Task: {5465F91F-394F-4685-8944-571C128D6E6C} - System32\Tasks\ASO-AutoCheckUpdate7Days => C:\Program Files (x86)\Advanced System Optimizer 3\CheckUpdate.exe [3253648 2017-06-23] (Systweak Software -> Systweak Software)
Task: {55049452-B899-4ECE-AE4B-7D61F1B1C826} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-550839865-1085242704-628959683-1004UA => C:\Users\riaditel\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-07] (Google Inc -> Google Inc.)
Task: {5FE45A5D-6918-4EDC-ADA2-EA06F164023B} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_270_Plugin.exe [1457720 2019-10-12] (Adobe Inc. -> Adobe)
Task: {75E83BAC-E076-4FA0-A7EE-D2773C086314} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-550839865-1085242704-628959683-1004Core => C:\Users\riaditel\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-07] (Google Inc -> Google Inc.)
Task: {8E5C605B-F42D-4318-85B0-C0A2A6BB9806} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-10-12] (Adobe Inc. -> Adobe)
Task: {946EDBDD-0323-407B-A572-2791D4629232} - System32\Tasks\ASOService => C:\Program Files (x86)\Advanced System Optimizer 3\ASO3.exe [3608464 2017-06-23] (Systweak Software -> Systweak Software)
Task: {9CBAFF7A-29AB-4649-9944-B595EC52C9E9} - System32\Tasks\{34903FBF-0F00-460B-942B-F666EF91E286} => C:\Windows\system32\pcalua.exe -a "E:\01 Personal images\projekt 12k\drivers\Intel PROSet Extensions for Microsoft Windows 7 sp51589.exe" -d "E:\01 Personal images\projekt 12k\drivers"
Task: {AEDBEB2C-D98A-457A-A138-9FD8C9D30C6F} - System32\Tasks\Google Update 12.3 => C:\Users\riaditel\AppData\Roaming\Macromedia\svchost.exe [2219008 2018-06-26] () [File not signed] <==== ATTENTION
Task: {AEEEB0E7-08B8-4BFF-9984-4657F2A91A7B} - System32\Tasks\Opera scheduled assistant Autoupdate 1550340504 => C:\Program Files (x86)\Opera\launcher.exe [1348632 2019-10-04] (Opera Software AS -> Opera Software)
Task: {B284DD63-F455-4CDC-B94E-1DECCA480AF4} - System32\Tasks\Advanced System Optimizer => C:\Program Files (x86)\Advanced System Optimizer 3\ASO3.exe [3608464 2017-06-23] (Systweak Software -> Systweak Software) <==== ATTENTION
Task: {CC463D46-396E-438F-B39E-B489168BA456} - System32\Tasks\{F51E4ADE-DD88-4196-9957-C3692E8D89BC} => C:\Windows\system32\pcalua.exe -a "C:\Users\riaditel\Downloads\implugin (3).exe" -d C:\Users\riaditel\Downloads
Task: {E679D6EE-E35B-45B9-921D-8E0155B5C3C5} - System32\Tasks\Opera scheduled Autoupdate 1447931581 => C:\Program Files (x86)\Opera\launcher.exe [1348632 2019-10-04] (Opera Software AS -> Opera Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\ASO-AutoCheckUpdate7Days.job => C:\Program Files (x86)\Advanced System Optimizer 3\CheckUpdate.exe
Task: C:\Windows\Tasks\ASO-OneClickCare.job => C:\Program Files (x86)\Advanced System Optimizer 3\ASO3.exe
Task: C:\Windows\Tasks\ASOService.job => C:\Program Files (x86)\Advanced System Optimizer 3\ASO3.exe-checklastscanstatus C:\Program Files (x86)\Advanced System Optimizer 3\aso3.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{B2091D3B-B826-49A0-8592-02823FE08B01}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-550839865-1085242704-628959683-1004 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-550839865-1085242704-628959683-1004 -> {FEEB4A72-51B4-4CA9-8444-84423FF6E484} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-01-06] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
BHO-x32: Pomocník pri prihlasovaní v konte Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
FireFox:
========
FF ProfilePath: C:\Users\riaditel\AppData\Roaming\Mozilla\Firefox\Profiles\ofdca1dk.default-1481887113342 [2019-10-13]
FF Extension: (Seznam lištička) - C:\Users\riaditel\AppData\Roaming\Mozilla\Firefox\Profiles\ofdca1dk.default-1481887113342\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-05-11] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: (DigitalPersona Extension) - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2011-10-12] [Legacy] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_270.dll [2019-10-12] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_270.dll [2019-10-12] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-03-17] (VideoLAN) [File not signed]
FF Plugin HKU\S-1-5-21-550839865-1085242704-628959683-1004: @tools.google.com/Google Update;version=3 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-06-03] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-550839865-1085242704-628959683-1004: @tools.google.com/Google Update;version=9 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-06-03] (Google Inc -> Google LLC)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\riaditel\AppData\Local\Google\Chrome\User Data\Default [2019-10-13]
CHR Extension: (YouTube) - C:\Users\riaditel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-10]
CHR Extension: (Google Search) - C:\Users\riaditel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\riaditel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Gmail) - C:\Users\riaditel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-09-03]
CHR Extension: (Chrome Media Router) - C:\Users\riaditel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-10-13]
CHR Profile: C:\Users\riaditel\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-08-30]
CHR Profile: C:\Users\riaditel\AppData\Local\Google\Chrome\User Data\System Profile [2017-08-30]
StartMenuInternet: Google Chrome - C:\Users\riaditel\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft, Inc. -> ArcSoft Inc.)
R2 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [89600 2009-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation)
R2 ASO3DiskOptimizer; C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe [264080 2017-06-23] (Systweak Software -> Systweak Software)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-01-06] (Atheros Communications Inc. -> Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [53920 2011-01-06] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [486224 2011-08-24] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
S3 FLCDLOCK; C:\Windows\SysWOW64\flcdlock.exe [476728 2011-09-05] (Hewlett-Packard Company -> Hewlett-Packard Company)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2011-12-16] (Macrovision Europe Ltd.) [File not signed]
R3 FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [1028096 2011-12-16] (Macrovision Europe Ltd.) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [1698360 2011-07-06] (Hewlett-Packard Company -> Hewlett-Packard Company)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [301568 2011-05-27] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
S2 PdiService; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Accelerometer; C:\Windows\System32\DRIVERS\Accelerometer.sys [43840 2012-09-24] (Hewlett-Packard Company -> Hewlett-Packard Company)
S3 ATHDFU; C:\Windows\System32\Drivers\AthDfu.sys [51872 2011-01-06] (Atheros Communications Inc. -> Windows (R) Win 7 DDK provider)
S3 athr; C:\Windows\System32\DRIVERS\athrx.sys [2753536 2011-06-21] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
S3 BTMCOM; C:\Windows\System32\Drivers\btmcom.sys [52736 2010-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Motorola, Inc.)
S3 BTMHID; C:\Windows\system32\drivers\btmhid.sys [34176 2010-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Motorola, Inc.)
S3 BTMUSB; C:\Windows\System32\Drivers\btmusb.sys [486144 2011-02-08] (Microsoft Windows Hardware Compatibility Publisher -> Motorola Solutions, Inc.)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [64312 2011-08-22] (Hewlett-Packard Company -> Hewlett-Packard Company)
R0 hpdskflt; C:\Windows\System32\drivers\hpdskflt.sys [31040 2012-09-24] (Hewlett-Packard Company -> Hewlett-Packard Company)
R3 HpqKbFiltr; C:\Windows\System32\DRIVERS\HpqKbFiltr.sys [25912 2011-07-06] (Hewlett-Packard Company -> Hewlett-Packard Company)
S3 LSDRVA; C:\Windows\System32\Drivers\lsdrva.sys [46360 2009-12-08] (eIT Co., Ltd. -> eIT Co., Ltd. and Xiroku Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [180264 2016-02-04] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [91648 2011-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [208896 2011-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
S3 RTLE8023x64; C:\Windows\System32\DRIVERS\Rtenic64.sys [328808 2010-10-28] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation )
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [3709656 2015-01-06] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation )
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [2596448 2015-10-26] (Sonix Technology CO., LTD -> Sonix Tech. Co., Ltd.)
R3 StarBoardMT; C:\Windows\System32\DRIVERS\StarBoardMT.sys [27816 2010-06-29] (Hitachi Software Engineering Co., Ltd. -> Hitachi Software Engineering Co., Ltd.)
R3 STHDA; C:\Windows\System32\DRIVERS\stwrt64.sys [528384 2011-05-27] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-10-14 20:11 - 2019-10-14 20:15 - 000022372 _____ C:\Users\riaditel\Desktop\FRST.txt
2019-10-13 16:06 - 2019-10-13 19:16 - 000001664 _____ C:\Windows\system32\ASOROSet.bin
2019-10-13 16:05 - 2019-10-13 16:05 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2019-10-13 16:05 - 2015-10-26 11:32 - 002596448 _____ (Sonix Tech. Co., Ltd.) C:\Windows\system32\Drivers\snp2uvc.sys
2019-10-13 16:05 - 2015-10-26 11:32 - 000411240 _____ (Sonix Technology Co., Ltd.) C:\Windows\SysWOW64\rsnp2uvc.dll
2019-10-13 16:05 - 2015-10-26 11:32 - 000409696 _____ (Sonix Technology Co., Ltd.) C:\Windows\system32\rsnp2uvc.dll
2019-10-13 16:05 - 2015-10-26 11:32 - 000387688 _____ (Sonix Technology Co., Ltd.) C:\Windows\system32\vsnp2uvc.dll
2019-10-13 16:05 - 2015-10-26 11:32 - 000319072 _____ (Sonix Technology Co., Ltd.) C:\Windows\SysWOW64\vsnp2uvc.dll
2019-10-13 16:05 - 2015-10-26 11:32 - 000255072 _____ (Sonix Technology Co., Ltd.) C:\Windows\system32\SETC945.tmp
2019-10-13 16:05 - 2015-10-26 11:32 - 000035432 _____ () C:\Windows\snuvcdsm.exe
2019-10-13 15:58 - 2014-09-29 11:16 - 000454416 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
2019-10-13 10:27 - 2019-10-13 19:12 - 000000000 ____D C:\ProgramData\Intel
2019-10-13 10:27 - 2012-05-15 07:13 - 000144896 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll
2019-10-13 10:27 - 2012-05-15 07:13 - 000020992 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2019-10-13 10:27 - 2012-05-15 06:20 - 000104448 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelOpenCL32.dll
2019-10-13 10:27 - 2012-05-15 06:20 - 000017920 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2019-10-13 10:24 - 2015-06-04 22:21 - 005906536 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
2019-10-13 10:24 - 2015-06-04 22:21 - 000513640 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2019-10-13 10:24 - 2015-06-04 22:21 - 000444008 _____ (Intel Corporation) C:\Windows\system32\SETE03F.tmp
2019-10-13 10:24 - 2015-06-04 22:21 - 000401512 _____ (Intel Corporation) C:\Windows\system32\SETDA72.tmp
2019-10-13 10:24 - 2015-06-04 22:21 - 000280680 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2019-10-13 10:24 - 2015-06-04 22:21 - 000256616 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2019-10-13 10:24 - 2015-06-04 22:21 - 000187496 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2019-10-13 10:24 - 2015-06-04 22:21 - 000173672 _____ (Intel Corporation) C:\Windows\system32\SETDA23.tmp
2019-10-13 10:24 - 2015-06-04 22:20 - 000116224 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v4229.dll
2019-10-13 10:24 - 2015-05-26 21:02 - 005375448 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2019-10-13 10:24 - 2015-05-26 21:00 - 012694808 _____ (Intel Corporation) C:\Windows\system32\igdumd64.dll
2019-10-13 10:24 - 2015-05-26 21:00 - 011245520 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10umd32.dll
2019-10-13 10:24 - 2015-05-26 21:00 - 011117808 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumd32.dll
2019-10-13 10:24 - 2015-05-26 21:00 - 001049576 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2019-10-13 10:24 - 2015-05-26 21:00 - 000940360 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2019-10-13 10:24 - 2015-05-26 21:00 - 000530968 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2019-10-13 10:24 - 2015-05-26 21:00 - 000525800 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2019-10-13 10:24 - 2015-05-26 21:00 - 000220432 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2019-10-13 10:24 - 2015-05-26 21:00 - 000184352 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2019-10-13 10:24 - 2015-05-26 21:00 - 000031984 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2019-10-13 10:24 - 2015-05-26 21:00 - 000017082 _____ C:\Windows\system32\iglhxs64.vp
2019-10-13 10:24 - 2015-05-26 20:53 - 000101376 _____ C:\Windows\system32\igdde64.dll
2019-10-13 10:24 - 2015-05-26 20:53 - 000081408 _____ C:\Windows\SysWOW64\igdde32.dll
2019-10-13 10:24 - 2015-05-26 20:52 - 010811392 _____ (Intel Corporation) C:\Windows\SysWOW64\ig4icd32.dll
2019-10-13 10:24 - 2015-05-26 20:52 - 000442880 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2019-10-13 10:24 - 2015-05-26 20:52 - 000440320 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000439808 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000439808 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000438784 _____ (Intel Corporation) C:\Windows\system32\SETEB55.tmp
2019-10-13 10:24 - 2015-05-26 20:52 - 000438784 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000438784 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000438784 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000438784 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000438784 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000438784 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000438272 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000438272 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000438272 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000437760 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000437760 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000437760 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000437760 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000437760 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000437248 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000437248 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000435712 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000435712 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000432128 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000431104 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000429056 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000428544 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000410112 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2019-10-13 10:24 - 2015-05-26 20:52 - 000384512 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2019-10-13 10:24 - 2015-05-26 20:52 - 000330752 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2019-10-13 10:24 - 2015-05-26 20:52 - 000286208 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000223664 _____ C:\Windows\system32\Gfxres.th-TH.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000210106 _____ C:\Windows\system32\Gfxres.el-GR.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000194245 _____ C:\Windows\system32\Gfxres.ru-RU.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000175104 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2019-10-13 10:24 - 2015-05-26 20:52 - 000166170 _____ C:\Windows\system32\Gfxres.ar-SA.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000163421 _____ C:\Windows\system32\Gfxres.ja-JP.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000159008 _____ C:\Windows\system32\Gfxres.he-IL.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000149682 _____ C:\Windows\system32\Gfxres.it-IT.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000148042 _____ C:\Windows\system32\Gfxres.ko-KR.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000147393 _____ C:\Windows\system32\Gfxres.de-DE.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000147288 _____ C:\Windows\system32\Gfxres.es-ES.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000146004 _____ C:\Windows\system32\Gfxres.ro-RO.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000145491 _____ C:\Windows\system32\Gfxres.fr-FR.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000144645 _____ C:\Windows\system32\Gfxres.tr-TR.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000144260 _____ C:\Windows\system32\Gfxres.pt-BR.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000144020 _____ C:\Windows\system32\Gfxres.nl-NL.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000143932 _____ C:\Windows\system32\Gfxres.hu-HU.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000142882 _____ C:\Windows\system32\Gfxres.sv-SE.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000142877 _____ C:\Windows\system32\Gfxres.pt-PT.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000142717 _____ C:\Windows\system32\Gfxres.pl-PL.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000142336 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2019-10-13 10:24 - 2015-05-26 20:52 - 000142289 _____ C:\Windows\system32\Gfxres.cs-CZ.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000142008 _____ C:\Windows\system32\Gfxres.fi-FI.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000141838 _____ C:\Windows\system32\Gfxres.sk-SK.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000141049 _____ C:\Windows\system32\Gfxres.hr-HR.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000137889 _____ C:\Windows\system32\Gfxres.sl-SI.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000137784 _____ C:\Windows\system32\Gfxres.nb-NO.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000137141 _____ C:\Windows\system32\Gfxres.da-DK.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000132623 _____ C:\Windows\system32\Gfxres.en-US.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000126976 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2019-10-13 10:24 - 2015-05-26 20:52 - 000126300 _____ C:\Windows\system32\Gfxres.zh-TW.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000124650 _____ C:\Windows\system32\Gfxres.zh-CN.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000025088 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2019-10-13 10:24 - 2015-05-26 20:52 - 000009728 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2019-10-13 10:24 - 2015-05-26 20:52 - 000000268 _____ C:\Windows\system32\GfxUI.exe.config
2019-10-13 10:24 - 2015-05-26 20:51 - 013028864 _____ (Intel Corporation) C:\Windows\system32\ig4icd64.dll
2019-10-13 10:24 - 2015-05-26 20:50 - 003511296 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2019-10-13 10:24 - 2015-05-26 20:50 - 003121152 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2019-10-13 10:24 - 2015-05-26 20:50 - 000963452 _____ C:\Windows\SysWOW64\igcodeckrng600.bin
2019-10-13 10:24 - 2015-05-26 20:50 - 000963452 _____ C:\Windows\system32\igcodeckrng600.bin
2019-10-13 10:24 - 2015-05-26 20:50 - 000575488 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll
2019-10-13 10:24 - 2015-05-26 20:50 - 000542720 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll
2019-10-13 10:24 - 2015-05-26 20:50 - 000272928 _____ C:\Windows\SysWOW64\igvpkrng600.bin
2019-10-13 10:24 - 2015-05-26 20:50 - 000272928 _____ C:\Windows\system32\igvpkrng600.bin
2019-10-13 10:24 - 2015-05-26 20:50 - 000059425 _____ C:\Windows\system32\iglhxo64.vp
2019-10-13 10:24 - 2015-05-26 20:50 - 000059398 _____ C:\Windows\system32\iglhxg64.vp
2019-10-13 10:24 - 2015-05-26 20:50 - 000059230 _____ C:\Windows\system32\iglhxc64.vp
2019-10-13 10:24 - 2015-05-26 20:50 - 000059104 _____ C:\Windows\system32\iglhxc64_dev.vp
2019-10-13 10:24 - 2015-05-26 20:50 - 000058796 _____ C:\Windows\system32\iglhxg64_dev.vp
2019-10-13 10:24 - 2015-05-26 20:50 - 000058109 _____ C:\Windows\system32\iglhxo64_dev.vp
2019-10-13 10:24 - 2012-10-02 09:34 - 000016896 _____ (Intel(R) Corporation) C:\Windows\system32\IntcDAuC.dll
2019-10-13 10:23 - 2019-10-13 16:06 - 000000000 ____D C:\temp
2019-10-13 09:40 - 2019-10-13 09:40 - 000000000 ____D C:\Users\riaditel\AppData\Roaming\Systweak
2019-10-13 09:39 - 2019-10-13 19:18 - 000000466 _____ C:\Windows\Tasks\ASO-AutoCheckUpdate7Days.job
2019-10-13 09:39 - 2019-10-13 19:18 - 000000436 _____ C:\Windows\Tasks\ASO-OneClickCare.job
2019-10-13 09:39 - 2019-10-13 09:39 - 000003342 _____ C:\Windows\system32\Tasks\ASO-AutoCheckUpdate7Days
2019-10-13 09:39 - 2019-10-13 09:39 - 000003312 _____ C:\Windows\system32\Tasks\ASO-OneClickCare
2019-10-13 09:38 - 2019-10-14 20:09 - 000003158 _____ C:\Windows\system32\Tasks\Advanced System Optimizer
2019-10-13 09:38 - 2019-10-13 15:58 - 000000464 _____ C:\Windows\Tasks\ASOService.job
2019-10-13 09:38 - 2019-10-13 09:41 - 000000000 ____D C:\Program Files (x86)\Advanced System Optimizer 3
2019-10-13 09:38 - 2019-10-13 09:38 - 000002990 _____ C:\Windows\system32\Tasks\ASOService
2019-10-13 09:38 - 2019-10-13 09:38 - 000001500 _____ C:\Users\Public\Desktop\Smart PC Care.lnk
2019-10-13 09:38 - 2019-10-13 09:38 - 000001500 _____ C:\ProgramData\Desktop\Smart PC Care.lnk
2019-10-13 09:38 - 2019-10-13 09:38 - 000001468 _____ C:\Users\Public\Desktop\Advanced System Optimizer.lnk
2019-10-13 09:38 - 2019-10-13 09:38 - 000001468 _____ C:\ProgramData\Desktop\Advanced System Optimizer.lnk
2019-10-13 09:38 - 2019-10-13 09:38 - 000000000 ____D C:\ProgramData\Systweak
2019-10-13 09:38 - 2019-10-13 09:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3
2019-10-13 09:38 - 2017-06-23 15:43 - 000019344 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot64.exe
2019-10-13 09:38 - 2015-03-17 11:02 - 000016896 _____ C:\Windows\system32\sasnative64.exe
2019-10-13 09:10 - 2019-10-13 09:10 - 000000000 ____D C:\Windows\system32\appmgmt
2019-10-12 22:19 - 2019-10-13 09:06 - 000000000 ____D C:\Users\riaditel\AppData\Roaming\CrystalIdea Software
2019-10-12 22:19 - 2019-10-13 09:06 - 000000000 ____D C:\Program Files\Uninstall Tool
2019-10-12 22:18 - 2019-10-12 22:18 - 000000000 ____D C:\Users\riaditel\AppData\Roaming\WinRAR
2019-10-12 22:18 - 2016-10-15 23:59 - 004003240 _____ (CrystalIdea Software ) C:\Users\riaditel\Desktop\uninstalltool_setup.exe
2019-10-12 22:15 - 2019-10-12 22:15 - 000000690 _____ C:\Users\riaditel\Desktop\SCHOOOL.lnk
2019-10-12 22:15 - 2019-10-12 22:15 - 000000681 _____ C:\Users\riaditel\Desktop\SCHOOL.lnk
2019-10-12 22:13 - 2019-10-12 22:13 - 000000000 ____D C:\Users\riaditel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-10-12 22:13 - 2019-10-12 22:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-10-12 22:12 - 2019-10-12 22:13 - 000000000 ____D C:\Program Files\WinRAR
2019-10-12 22:09 - 2019-10-14 20:14 - 000000000 ____D C:\FRST
2019-10-12 21:02 - 2019-10-12 22:09 - 001616384 _____ (Farbar) C:\Users\riaditel\Desktop\FRST64.exe
2019-10-03 20:44 - 2019-10-12 21:05 - 000004064 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1550340504
2019-10-03 20:44 - 2019-10-03 20:44 - 001663040 _____ (Malwarebytes) C:\Users\riaditel\Desktop\JRT.exe
2019-10-03 20:40 - 2019-10-03 20:53 - 000000798 _____ C:\runcheck.txt
2019-10-03 20:39 - 2019-10-03 20:39 - 000000000 ____D C:\zoek_backup
2019-10-03 20:37 - 2019-10-03 20:38 - 002038755 _____ C:\Users\riaditel\Desktop\zoek.exe
2019-10-03 20:13 - 2019-10-03 20:17 - 000000000 ____D C:\AdwCleaner
2019-10-03 20:12 - 2019-10-03 20:12 - 007636680 _____ (Malwarebytes) C:\Users\riaditel\Desktop\adwcleaner_7.4.1.exe
2019-10-03 19:53 - 2019-10-03 19:54 - 000000000 ____D C:\Program Files (x86)\GUMBE6E.tmp
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-10-14 20:15 - 2009-07-14 06:45 - 000009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-10-14 20:15 - 2009-07-14 06:45 - 000009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-10-14 20:09 - 2012-06-15 22:40 - 000000000 ____D C:\Users\riaditel\AppData\Local\CrashDumps
2019-10-14 20:09 - 2011-10-12 16:28 - 000015456 _____ C:\Windows\system32\results.xml
2019-10-14 20:07 - 2012-05-18 10:22 - 000000000 ____D C:\Users\riaditel
2019-10-13 19:25 - 2009-07-14 07:13 - 000786174 _____ C:\Windows\system32\PerfStringBackup.INI
2019-10-13 19:25 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-10-13 19:18 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-10-13 19:16 - 2009-07-14 04:34 - 090963968 _____ C:\Windows\system32\config\SOFTWARE.bak
2019-10-13 19:16 - 2009-07-14 04:34 - 019660800 _____ C:\Windows\system32\config\SYSTEM.bak
2019-10-13 19:16 - 2009-07-14 04:34 - 000262144 _____ C:\Windows\system32\config\SECURITY.bak
2019-10-13 19:12 - 2011-10-12 17:52 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2019-10-13 19:12 - 2009-07-14 04:34 - 000262144 _____ C:\Windows\system32\config\SAM.bak
2019-10-13 16:06 - 2013-05-07 11:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ziacik v3.1
2019-10-13 16:00 - 2011-10-12 17:39 - 000000000 ____D C:\Program Files\Hewlett-Packard
2019-10-13 10:28 - 2011-10-12 16:30 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2019-10-13 10:27 - 2011-10-12 16:26 - 000000000 ____D C:\Program Files (x86)\Intel
2019-10-13 10:24 - 2011-10-12 16:26 - 000000000 ____D C:\Intel
2019-10-13 09:56 - 2011-10-13 02:13 - 000000000 ____D C:\Windows\Panther
2019-10-13 09:15 - 2012-06-18 01:17 - 000770484 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-10-13 09:13 - 2015-06-01 13:44 - 000000000 ____D C:\Windows\system32\MRT
2019-10-13 09:10 - 2011-10-13 06:35 - 000000000 ____D C:\ProgramData\Adobe
2019-10-13 09:08 - 2011-10-12 21:16 - 127230528 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-10-12 22:54 - 2011-10-12 20:30 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-10-12 21:14 - 2018-03-14 15:15 - 000004482 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2019-10-12 21:14 - 2012-06-14 23:31 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-10-12 21:14 - 2012-06-14 23:31 - 000004312 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2019-10-12 21:14 - 2011-10-12 20:30 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-10-12 21:14 - 2011-10-12 20:30 - 000000000 ____D C:\Windows\system32\Macromed
2019-10-12 21:08 - 2015-11-19 13:13 - 000003872 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1447931581
2019-10-12 21:08 - 2015-11-19 13:11 - 000000000 ____D C:\Program Files (x86)\Opera
2019-10-04 01:10 - 2012-05-18 21:29 - 000002392 _____ C:\Users\riaditel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-10-03 20:02 - 2012-05-18 21:27 - 000003552 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-550839865-1085242704-628959683-1004UA
2019-10-03 20:02 - 2012-05-18 21:27 - 000003280 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-550839865-1085242704-628959683-1004Core
2019-10-03 19:54 - 2015-06-01 09:15 - 000000000 ____D C:\Program Files (x86)\Google
==================== Files in the root of some directories ================
2012-05-23 07:22 - 2010-09-20 15:55 - 001550311 ____R () C:\Program Files (x86)\MANUAL.pdf
2012-05-23 07:22 - 2010-09-16 15:10 - 004629424 ____R (SILCOM Multimedia) C:\Program Files (x86)\Vš_vidiek.exe
2012-05-23 07:22 - 2010-09-03 10:14 - 002202336 ____R () C:\Program Files (x86)\Vš_vidiek.swf
2016-03-15 15:27 - 2016-03-15 15:27 - 000000427 _____ () C:\Program Files (x86)\Common Files\eInstruction.ini
2017-06-13 19:20 - 2017-03-19 14:39 - 000095604 ___SH () C:\Users\riaditel\AppData\Roaming\MicrosoftSearchIndexer
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2019-09-04 07:57
==================== End of FRST.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Spomalenie, virus. FRST log
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Spomalenie, virus. FRST log
- Přílohy
-
- Addition.zip
- (10.33 KiB) Staženo 73 x
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomalenie, virus. FRST log
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Spomalenie, virus. FRST log
# -------------------------------
# Malwarebytes AdwCleaner 7.4.1.0
# -------------------------------
# Build: 09-05-2019
# Database: 2019-10-14.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-14-2019
# Duration: 00:00:07
# OS: Windows 7 Professional
# Cleaned: 41
# Failed: 0
***** [ Services ] *****
Deleted ASO3DiskOptimizer
***** [ Folders ] *****
Deleted C:\Program Files (x86)\advanced system optimizer 3
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\advanced system optimizer 3
Deleted C:\ProgramData\Systweak
Deleted C:\Users\riaditel\AppData\Roaming\Systweak
***** [ Files ] *****
Deleted C:\Users\Public\Desktop\Advanced System Optimizer.lnk
Deleted C:\Users\Public\Desktop\Smart PC Care.lnk
Deleted C:\Users\riaditel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Advanced System Optimizer.lnk
Deleted C:\Windows\System32\roboot64.exe
Deleted C:\Windows\System32\sasnative64.exe
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted C:\Windows\System32\Tasks\ADVANCED SYSTEM OPTIMIZER
Deleted C:\Windows\System32\Tasks\ASO-AUTOCHECKUPDATE7DAYS
Deleted C:\Windows\System32\Tasks\ASO-ONECLICKCARE
Deleted C:\Windows\System32\Tasks\ASOSERVICE
Deleted C:\Windows\Tasks\ASO-AUTOCHECKUPDATE7DAYS.JOB
Deleted C:\Windows\Tasks\ASO-ONECLICKCARE.JOB
Deleted C:\Windows\Tasks\ASOSERVICE.JOB
***** [ Registry ] *****
Deleted HKCU\Software\systweak
Deleted HKLM\SOFTWARE\Classes\AppID\SecureShell.dll
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2AA41659-FCD4-4CF5-8CE6-92693B8ACB7A}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5465F91F-394F-4685-8944-571C128D6E6C}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{946EDBDD-0323-407B-A572-2791D4629232}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2AA41659-FCD4-4CF5-8CE6-92693B8ACB7A}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5465F91F-394F-4685-8944-571C128D6E6C}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{946EDBDD-0323-407B-A572-2791D4629232}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B284DD63-F455-4CDC-B94E-1DECCA480AF4}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASO-AutoCheckUpdate7Days
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASO-OneClickCare
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASOService
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Advanced System Optimizer
Deleted HKLM\Software\Classes\ASO3_JUMP_LIST
Deleted HKLM\Software\Classes\Interface\{C99650F6-688D-4BAB-86E4-BC045EF0FFBF}
Deleted HKLM\Software\Classes\TypeLib\{2A03A149-3CD3-429D-B4A4-28D9D2974874}
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\SecureShell.dll
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{B0F3F4F9-CB76-9A52-9442-B481A5FF49D3}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{D23C3BA7-6DC3-4DDF-9BDF-12599E852A40}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{C99650F6-688D-4BAB-86E4-BC045EF0FFBF}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{2A03A149-3CD3-429D-B4A4-28D9D2974874}
Deleted HKLM\Software\Wow6432Node\systweak
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
Deleted Softonic EN
Deleted Softonic EN
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner_Debug.log - [60691 octets] - [03/10/2019 20:13:19]
AdwCleaner[S00].txt - [2741 octets] - [03/10/2019 20:16:13]
AdwCleaner[C00].txt - [2687 octets] - [03/10/2019 20:18:19]
AdwCleaner[S01].txt - [1573 octets] - [12/10/2019 21:16:00]
AdwCleaner[C01].txt - [1723 octets] - [12/10/2019 21:16:19]
AdwCleaner[S02].txt - [5543 octets] - [14/10/2019 20:57:56]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########
# Malwarebytes AdwCleaner 7.4.1.0
# -------------------------------
# Build: 09-05-2019
# Database: 2019-10-14.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-14-2019
# Duration: 00:00:07
# OS: Windows 7 Professional
# Cleaned: 41
# Failed: 0
***** [ Services ] *****
Deleted ASO3DiskOptimizer
***** [ Folders ] *****
Deleted C:\Program Files (x86)\advanced system optimizer 3
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\advanced system optimizer 3
Deleted C:\ProgramData\Systweak
Deleted C:\Users\riaditel\AppData\Roaming\Systweak
***** [ Files ] *****
Deleted C:\Users\Public\Desktop\Advanced System Optimizer.lnk
Deleted C:\Users\Public\Desktop\Smart PC Care.lnk
Deleted C:\Users\riaditel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Advanced System Optimizer.lnk
Deleted C:\Windows\System32\roboot64.exe
Deleted C:\Windows\System32\sasnative64.exe
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted C:\Windows\System32\Tasks\ADVANCED SYSTEM OPTIMIZER
Deleted C:\Windows\System32\Tasks\ASO-AUTOCHECKUPDATE7DAYS
Deleted C:\Windows\System32\Tasks\ASO-ONECLICKCARE
Deleted C:\Windows\System32\Tasks\ASOSERVICE
Deleted C:\Windows\Tasks\ASO-AUTOCHECKUPDATE7DAYS.JOB
Deleted C:\Windows\Tasks\ASO-ONECLICKCARE.JOB
Deleted C:\Windows\Tasks\ASOSERVICE.JOB
***** [ Registry ] *****
Deleted HKCU\Software\systweak
Deleted HKLM\SOFTWARE\Classes\AppID\SecureShell.dll
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2AA41659-FCD4-4CF5-8CE6-92693B8ACB7A}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5465F91F-394F-4685-8944-571C128D6E6C}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{946EDBDD-0323-407B-A572-2791D4629232}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2AA41659-FCD4-4CF5-8CE6-92693B8ACB7A}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5465F91F-394F-4685-8944-571C128D6E6C}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{946EDBDD-0323-407B-A572-2791D4629232}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B284DD63-F455-4CDC-B94E-1DECCA480AF4}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASO-AutoCheckUpdate7Days
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASO-OneClickCare
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASOService
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Advanced System Optimizer
Deleted HKLM\Software\Classes\ASO3_JUMP_LIST
Deleted HKLM\Software\Classes\Interface\{C99650F6-688D-4BAB-86E4-BC045EF0FFBF}
Deleted HKLM\Software\Classes\TypeLib\{2A03A149-3CD3-429D-B4A4-28D9D2974874}
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\SecureShell.dll
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{B0F3F4F9-CB76-9A52-9442-B481A5FF49D3}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{D23C3BA7-6DC3-4DDF-9BDF-12599E852A40}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{C99650F6-688D-4BAB-86E4-BC045EF0FFBF}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{2A03A149-3CD3-429D-B4A4-28D9D2974874}
Deleted HKLM\Software\Wow6432Node\systweak
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
Deleted Softonic EN
Deleted Softonic EN
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner_Debug.log - [60691 octets] - [03/10/2019 20:13:19]
AdwCleaner[S00].txt - [2741 octets] - [03/10/2019 20:16:13]
AdwCleaner[C00].txt - [2687 octets] - [03/10/2019 20:18:19]
AdwCleaner[S01].txt - [1573 octets] - [12/10/2019 21:16:00]
AdwCleaner[C01].txt - [1723 octets] - [12/10/2019 21:16:19]
AdwCleaner[S02].txt - [5543 octets] - [14/10/2019 20:57:56]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomalenie, virus. FRST log
Jj, viry tam byly. Nyní dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Spomalenie, virus. FRST log
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-10-2019 02
Ran by riaditel (administrator) on MPCMPC-5VORJJFJ (Hewlett-Packard HP ProBook 4330s) (14-10-2019 22:06:46)
Running from C:\Users\riaditel\Desktop
Loaded Profiles: riaditel (Available Profiles: riaditel & učitel)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Users\riaditel\AppData\Roaming\Macromedia\svchost.exe
() [File not signed] C:\Users\riaditel\AppData\Roaming\Macromedia\svchost.exe
(Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Atheros Communications Inc. -> Atheros) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(DigitalPersona, Inc. -> DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(eIT Co., Ltd. and Xiroku Inc.) [File not signed] C:\Program Files (x86)\Hitachi Software Engineering\FX-DuoDriver\LSDRVA.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Macrovision Europe Ltd.) [File not signed] C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) [File not signed] C:\Users\riaditel\AppData\Roaming\Macromedia\dllhost32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wscript.exe
(Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Motorola Inc -> Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
(Motorola Inc -> Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\obexsrv.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\assistant\browser_assistant.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\assistant\browser_assistant.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-05-27] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
HKLM\...\Run: [MicrosoftSearchIndexer] => "wscript.exe //E:vbscript C:\Users\riaditel\AppData\Roaming\MicrosoftSearchIndexer"
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2833504 2017-08-26] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files (x86)\Opera\assistant\browser_assistant.exe [2766360 2019-10-09] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-550839865-1085242704-628959683-1004\...\Run: [Google Update] => C:\Users\riaditel\AppData\Local\Google\Update\1.3.35.302\GoogleUpdateCore.exe [1107752 2019-10-03] (Google Inc -> Google LLC)
HKU\S-1-5-21-550839865-1085242704-628959683-1004\...\Run: [MicrosoftSearchIndexer] => "wscript.exe //E:vbscript C:\Users\riaditel\AppData\Roaming\MicrosoftSearchIndexer"
HKU\S-1-5-21-550839865-1085242704-628959683-1004\...\Run: [Google Update 12.3] => C:\Users\riaditel\AppData\Roaming\Macromedia\svchost.exe [2219008 2018-06-26] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-550839865-1085242704-628959683-1004\...\RunOnce: [Application Restart #2] => C:\Users\riaditel\AppData\Local\Google\Chrome\Application\chrome.exe [1531376 2019-09-18] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
HKLM\Software\...\Winlogon\GPExtensions: [{8D90E7E9-6F48-4e24-85E0-596C8E6C4639}] -> C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPCmsGPOClient.dll [2011-08-24] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
HKLM\Software\...\Winlogon\GPExtensions: [{D75A25CD-0CCA-4C3C-A5E6-94039CC03B72}] -> C:\Windows\system32\DPLic.dll [2011-08-24] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\StarBoard Light Sensor Driver.lnk [2012-05-21]
ShortcutTarget: StarBoard Light Sensor Driver.lnk -> C:\Program Files (x86)\Hitachi Software Engineering\FX-DuoDriver\LSDRVA.exe (eIT Co., Ltd. and Xiroku Inc.) [File not signed]
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {33FA770B-F1E8-4236-8266-688D05355009} - System32\Tasks\MicrosoftSearchIndexer => wscript.exe //E:vbscript C:\Users\riaditel\AppData\Roaming\MicrosoftSearchIndexer
Task: {55049452-B899-4ECE-AE4B-7D61F1B1C826} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-550839865-1085242704-628959683-1004UA => C:\Users\riaditel\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-07] (Google Inc -> Google Inc.)
Task: {5FE45A5D-6918-4EDC-ADA2-EA06F164023B} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_270_Plugin.exe [1457720 2019-10-12] (Adobe Inc. -> Adobe)
Task: {75E83BAC-E076-4FA0-A7EE-D2773C086314} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-550839865-1085242704-628959683-1004Core => C:\Users\riaditel\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-07] (Google Inc -> Google Inc.)
Task: {8E5C605B-F42D-4318-85B0-C0A2A6BB9806} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-10-12] (Adobe Inc. -> Adobe)
Task: {9CBAFF7A-29AB-4649-9944-B595EC52C9E9} - System32\Tasks\{34903FBF-0F00-460B-942B-F666EF91E286} => C:\Windows\system32\pcalua.exe -a "E:\01 Personal images\projekt 12k\drivers\Intel PROSet Extensions for Microsoft Windows 7 sp51589.exe" -d "E:\01 Personal images\projekt 12k\drivers"
Task: {AEDBEB2C-D98A-457A-A138-9FD8C9D30C6F} - System32\Tasks\Google Update 12.3 => C:\Users\riaditel\AppData\Roaming\Macromedia\svchost.exe [2219008 2018-06-26] () [File not signed] <==== ATTENTION
Task: {AEEEB0E7-08B8-4BFF-9984-4657F2A91A7B} - System32\Tasks\Opera scheduled assistant Autoupdate 1550340504 => C:\Program Files (x86)\Opera\launcher.exe [1348632 2019-10-04] (Opera Software AS -> Opera Software)
Task: {CC463D46-396E-438F-B39E-B489168BA456} - System32\Tasks\{F51E4ADE-DD88-4196-9957-C3692E8D89BC} => C:\Windows\system32\pcalua.exe -a "C:\Users\riaditel\Downloads\implugin (3).exe" -d C:\Users\riaditel\Downloads
Task: {E679D6EE-E35B-45B9-921D-8E0155B5C3C5} - System32\Tasks\Opera scheduled Autoupdate 1447931581 => C:\Program Files (x86)\Opera\launcher.exe [1348632 2019-10-04] (Opera Software AS -> Opera Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{B2091D3B-B826-49A0-8592-02823FE08B01}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-550839865-1085242704-628959683-1004 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-550839865-1085242704-628959683-1004 -> {FEEB4A72-51B4-4CA9-8444-84423FF6E484} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-01-06] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
BHO-x32: Pomocník pri prihlasovaní v konte Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
FireFox:
========
FF ProfilePath: C:\Users\riaditel\AppData\Roaming\Mozilla\Firefox\Profiles\ofdca1dk.default-1481887113342 [2019-10-13]
FF Extension: (Seznam lištička) - C:\Users\riaditel\AppData\Roaming\Mozilla\Firefox\Profiles\ofdca1dk.default-1481887113342\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-05-11] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: (DigitalPersona Extension) - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2011-10-12] [Legacy] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_270.dll [2019-10-12] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_270.dll [2019-10-12] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-03-17] (VideoLAN) [File not signed]
FF Plugin HKU\S-1-5-21-550839865-1085242704-628959683-1004: @tools.google.com/Google Update;version=3 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-06-03] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-550839865-1085242704-628959683-1004: @tools.google.com/Google Update;version=9 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-06-03] (Google Inc -> Google LLC)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\riaditel\AppData\Local\Google\Chrome\User Data\Default [2019-10-14]
CHR Extension: (YouTube) - C:\Users\riaditel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-10]
CHR Extension: (Google Search) - C:\Users\riaditel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\riaditel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Gmail) - C:\Users\riaditel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-09-03]
CHR Extension: (Chrome Media Router) - C:\Users\riaditel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-10-13]
CHR Profile: C:\Users\riaditel\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-08-30]
CHR Profile: C:\Users\riaditel\AppData\Local\Google\Chrome\User Data\System Profile [2017-08-30]
StartMenuInternet: Google Chrome - C:\Users\riaditel\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft, Inc. -> ArcSoft Inc.)
R2 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [89600 2009-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-01-06] (Atheros Communications Inc. -> Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [53920 2011-01-06] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [486224 2011-08-24] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
S3 FLCDLOCK; C:\Windows\SysWOW64\flcdlock.exe [476728 2011-09-05] (Hewlett-Packard Company -> Hewlett-Packard Company)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2011-12-16] (Macrovision Europe Ltd.) [File not signed]
R3 FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [1028096 2011-12-16] (Macrovision Europe Ltd.) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [1698360 2011-07-06] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [301568 2011-05-27] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
S2 PdiService; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Accelerometer; C:\Windows\System32\DRIVERS\Accelerometer.sys [43840 2012-09-24] (Hewlett-Packard Company -> Hewlett-Packard Company)
S3 ATHDFU; C:\Windows\System32\Drivers\AthDfu.sys [51872 2011-01-06] (Atheros Communications Inc. -> Windows (R) Win 7 DDK provider)
S3 athr; C:\Windows\System32\DRIVERS\athrx.sys [2753536 2011-06-21] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
S3 BTMCOM; C:\Windows\System32\Drivers\btmcom.sys [52736 2010-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Motorola, Inc.)
S3 BTMHID; C:\Windows\system32\drivers\btmhid.sys [34176 2010-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Motorola, Inc.)
S3 BTMUSB; C:\Windows\System32\Drivers\btmusb.sys [486144 2011-02-08] (Microsoft Windows Hardware Compatibility Publisher -> Motorola Solutions, Inc.)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [64312 2011-08-22] (Hewlett-Packard Company -> Hewlett-Packard Company)
R0 hpdskflt; C:\Windows\System32\drivers\hpdskflt.sys [31040 2012-09-24] (Hewlett-Packard Company -> Hewlett-Packard Company)
R3 HpqKbFiltr; C:\Windows\System32\DRIVERS\HpqKbFiltr.sys [25912 2011-07-06] (Hewlett-Packard Company -> Hewlett-Packard Company)
S3 LSDRVA; C:\Windows\System32\Drivers\lsdrva.sys [46360 2009-12-08] (eIT Co., Ltd. -> eIT Co., Ltd. and Xiroku Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [180264 2016-02-04] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [91648 2011-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [208896 2011-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
S3 RTLE8023x64; C:\Windows\System32\DRIVERS\Rtenic64.sys [328808 2010-10-28] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation )
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [3709656 2015-01-06] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation )
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [2596448 2015-10-26] (Sonix Technology CO., LTD -> Sonix Tech. Co., Ltd.)
R3 StarBoardMT; C:\Windows\System32\DRIVERS\StarBoardMT.sys [27816 2010-06-29] (Hitachi Software Engineering Co., Ltd. -> Hitachi Software Engineering Co., Ltd.)
R3 STHDA; C:\Windows\System32\DRIVERS\stwrt64.sys [528384 2011-05-27] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-10-14 20:32 - 2019-10-14 20:32 - 000010576 _____ C:\Users\riaditel\Desktop\Addition.zip
2019-10-14 20:11 - 2019-10-14 22:07 - 000020213 _____ C:\Users\riaditel\Desktop\FRST.txt
2019-10-13 16:06 - 2019-10-13 19:16 - 000001664 _____ C:\Windows\system32\ASOROSet.bin
2019-10-13 16:05 - 2019-10-13 16:05 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2019-10-13 16:05 - 2015-10-26 11:32 - 002596448 _____ (Sonix Tech. Co., Ltd.) C:\Windows\system32\Drivers\snp2uvc.sys
2019-10-13 16:05 - 2015-10-26 11:32 - 000411240 _____ (Sonix Technology Co., Ltd.) C:\Windows\SysWOW64\rsnp2uvc.dll
2019-10-13 16:05 - 2015-10-26 11:32 - 000409696 _____ (Sonix Technology Co., Ltd.) C:\Windows\system32\rsnp2uvc.dll
2019-10-13 16:05 - 2015-10-26 11:32 - 000387688 _____ (Sonix Technology Co., Ltd.) C:\Windows\system32\vsnp2uvc.dll
2019-10-13 16:05 - 2015-10-26 11:32 - 000319072 _____ (Sonix Technology Co., Ltd.) C:\Windows\SysWOW64\vsnp2uvc.dll
2019-10-13 16:05 - 2015-10-26 11:32 - 000255072 _____ (Sonix Technology Co., Ltd.) C:\Windows\system32\SETC945.tmp
2019-10-13 16:05 - 2015-10-26 11:32 - 000035432 _____ () C:\Windows\snuvcdsm.exe
2019-10-13 15:58 - 2014-09-29 11:16 - 000454416 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
2019-10-13 10:27 - 2019-10-13 19:12 - 000000000 ____D C:\ProgramData\Intel
2019-10-13 10:27 - 2012-05-15 07:13 - 000144896 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll
2019-10-13 10:27 - 2012-05-15 07:13 - 000020992 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2019-10-13 10:27 - 2012-05-15 06:20 - 000104448 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelOpenCL32.dll
2019-10-13 10:27 - 2012-05-15 06:20 - 000017920 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2019-10-13 10:24 - 2015-06-04 22:21 - 005906536 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
2019-10-13 10:24 - 2015-06-04 22:21 - 000513640 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2019-10-13 10:24 - 2015-06-04 22:21 - 000444008 _____ (Intel Corporation) C:\Windows\system32\SETE03F.tmp
2019-10-13 10:24 - 2015-06-04 22:21 - 000401512 _____ (Intel Corporation) C:\Windows\system32\SETDA72.tmp
2019-10-13 10:24 - 2015-06-04 22:21 - 000280680 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2019-10-13 10:24 - 2015-06-04 22:21 - 000256616 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2019-10-13 10:24 - 2015-06-04 22:21 - 000187496 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2019-10-13 10:24 - 2015-06-04 22:21 - 000173672 _____ (Intel Corporation) C:\Windows\system32\SETDA23.tmp
2019-10-13 10:24 - 2015-06-04 22:20 - 000116224 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v4229.dll
2019-10-13 10:24 - 2015-05-26 21:02 - 005375448 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2019-10-13 10:24 - 2015-05-26 21:00 - 012694808 _____ (Intel Corporation) C:\Windows\system32\igdumd64.dll
2019-10-13 10:24 - 2015-05-26 21:00 - 011245520 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10umd32.dll
2019-10-13 10:24 - 2015-05-26 21:00 - 011117808 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumd32.dll
2019-10-13 10:24 - 2015-05-26 21:00 - 001049576 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2019-10-13 10:24 - 2015-05-26 21:00 - 000940360 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2019-10-13 10:24 - 2015-05-26 21:00 - 000530968 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2019-10-13 10:24 - 2015-05-26 21:00 - 000525800 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2019-10-13 10:24 - 2015-05-26 21:00 - 000220432 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2019-10-13 10:24 - 2015-05-26 21:00 - 000184352 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2019-10-13 10:24 - 2015-05-26 21:00 - 000031984 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2019-10-13 10:24 - 2015-05-26 21:00 - 000017082 _____ C:\Windows\system32\iglhxs64.vp
2019-10-13 10:24 - 2015-05-26 20:53 - 000101376 _____ C:\Windows\system32\igdde64.dll
2019-10-13 10:24 - 2015-05-26 20:53 - 000081408 _____ C:\Windows\SysWOW64\igdde32.dll
2019-10-13 10:24 - 2015-05-26 20:52 - 010811392 _____ (Intel Corporation) C:\Windows\SysWOW64\ig4icd32.dll
2019-10-13 10:24 - 2015-05-26 20:52 - 000442880 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2019-10-13 10:24 - 2015-05-26 20:52 - 000440320 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000439808 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000439808 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000438784 _____ (Intel Corporation) C:\Windows\system32\SETEB55.tmp
2019-10-13 10:24 - 2015-05-26 20:52 - 000438784 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000438784 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000438784 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000438784 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000438784 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000438784 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000438272 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000438272 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000438272 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000437760 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000437760 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000437760 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000437760 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000437760 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000437248 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000437248 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000435712 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000435712 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000432128 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000431104 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000429056 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000428544 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000410112 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2019-10-13 10:24 - 2015-05-26 20:52 - 000384512 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2019-10-13 10:24 - 2015-05-26 20:52 - 000330752 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2019-10-13 10:24 - 2015-05-26 20:52 - 000286208 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000223664 _____ C:\Windows\system32\Gfxres.th-TH.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000210106 _____ C:\Windows\system32\Gfxres.el-GR.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000194245 _____ C:\Windows\system32\Gfxres.ru-RU.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000175104 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2019-10-13 10:24 - 2015-05-26 20:52 - 000166170 _____ C:\Windows\system32\Gfxres.ar-SA.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000163421 _____ C:\Windows\system32\Gfxres.ja-JP.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000159008 _____ C:\Windows\system32\Gfxres.he-IL.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000149682 _____ C:\Windows\system32\Gfxres.it-IT.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000148042 _____ C:\Windows\system32\Gfxres.ko-KR.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000147393 _____ C:\Windows\system32\Gfxres.de-DE.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000147288 _____ C:\Windows\system32\Gfxres.es-ES.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000146004 _____ C:\Windows\system32\Gfxres.ro-RO.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000145491 _____ C:\Windows\system32\Gfxres.fr-FR.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000144645 _____ C:\Windows\system32\Gfxres.tr-TR.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000144260 _____ C:\Windows\system32\Gfxres.pt-BR.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000144020 _____ C:\Windows\system32\Gfxres.nl-NL.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000143932 _____ C:\Windows\system32\Gfxres.hu-HU.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000142882 _____ C:\Windows\system32\Gfxres.sv-SE.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000142877 _____ C:\Windows\system32\Gfxres.pt-PT.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000142717 _____ C:\Windows\system32\Gfxres.pl-PL.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000142336 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2019-10-13 10:24 - 2015-05-26 20:52 - 000142289 _____ C:\Windows\system32\Gfxres.cs-CZ.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000142008 _____ C:\Windows\system32\Gfxres.fi-FI.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000141838 _____ C:\Windows\system32\Gfxres.sk-SK.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000141049 _____ C:\Windows\system32\Gfxres.hr-HR.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000137889 _____ C:\Windows\system32\Gfxres.sl-SI.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000137784 _____ C:\Windows\system32\Gfxres.nb-NO.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000137141 _____ C:\Windows\system32\Gfxres.da-DK.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000132623 _____ C:\Windows\system32\Gfxres.en-US.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000126976 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2019-10-13 10:24 - 2015-05-26 20:52 - 000126300 _____ C:\Windows\system32\Gfxres.zh-TW.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000124650 _____ C:\Windows\system32\Gfxres.zh-CN.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000025088 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2019-10-13 10:24 - 2015-05-26 20:52 - 000009728 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2019-10-13 10:24 - 2015-05-26 20:52 - 000000268 _____ C:\Windows\system32\GfxUI.exe.config
2019-10-13 10:24 - 2015-05-26 20:51 - 013028864 _____ (Intel Corporation) C:\Windows\system32\ig4icd64.dll
2019-10-13 10:24 - 2015-05-26 20:50 - 003511296 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2019-10-13 10:24 - 2015-05-26 20:50 - 003121152 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2019-10-13 10:24 - 2015-05-26 20:50 - 000963452 _____ C:\Windows\SysWOW64\igcodeckrng600.bin
2019-10-13 10:24 - 2015-05-26 20:50 - 000963452 _____ C:\Windows\system32\igcodeckrng600.bin
2019-10-13 10:24 - 2015-05-26 20:50 - 000575488 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll
2019-10-13 10:24 - 2015-05-26 20:50 - 000542720 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll
2019-10-13 10:24 - 2015-05-26 20:50 - 000272928 _____ C:\Windows\SysWOW64\igvpkrng600.bin
2019-10-13 10:24 - 2015-05-26 20:50 - 000272928 _____ C:\Windows\system32\igvpkrng600.bin
2019-10-13 10:24 - 2015-05-26 20:50 - 000059425 _____ C:\Windows\system32\iglhxo64.vp
2019-10-13 10:24 - 2015-05-26 20:50 - 000059398 _____ C:\Windows\system32\iglhxg64.vp
2019-10-13 10:24 - 2015-05-26 20:50 - 000059230 _____ C:\Windows\system32\iglhxc64.vp
2019-10-13 10:24 - 2015-05-26 20:50 - 000059104 _____ C:\Windows\system32\iglhxc64_dev.vp
2019-10-13 10:24 - 2015-05-26 20:50 - 000058796 _____ C:\Windows\system32\iglhxg64_dev.vp
2019-10-13 10:24 - 2015-05-26 20:50 - 000058109 _____ C:\Windows\system32\iglhxo64_dev.vp
2019-10-13 10:24 - 2012-10-02 09:34 - 000016896 _____ (Intel(R) Corporation) C:\Windows\system32\IntcDAuC.dll
2019-10-13 10:23 - 2019-10-13 16:06 - 000000000 ____D C:\temp
2019-10-13 09:10 - 2019-10-13 09:10 - 000000000 ____D C:\Windows\system32\appmgmt
2019-10-12 22:19 - 2019-10-13 09:06 - 000000000 ____D C:\Users\riaditel\AppData\Roaming\CrystalIdea Software
2019-10-12 22:19 - 2019-10-13 09:06 - 000000000 ____D C:\Program Files\Uninstall Tool
2019-10-12 22:18 - 2019-10-12 22:18 - 000000000 ____D C:\Users\riaditel\AppData\Roaming\WinRAR
2019-10-12 22:18 - 2016-10-15 23:59 - 004003240 _____ (CrystalIdea Software ) C:\Users\riaditel\Desktop\uninstalltool_setup.exe
2019-10-12 22:15 - 2019-10-12 22:15 - 000000690 _____ C:\Users\riaditel\Desktop\SCHOOOL.lnk
2019-10-12 22:15 - 2019-10-12 22:15 - 000000681 _____ C:\Users\riaditel\Desktop\SCHOOL.lnk
2019-10-12 22:13 - 2019-10-12 22:13 - 000000000 ____D C:\Users\riaditel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-10-12 22:13 - 2019-10-12 22:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-10-12 22:12 - 2019-10-12 22:13 - 000000000 ____D C:\Program Files\WinRAR
2019-10-12 22:09 - 2019-10-14 22:07 - 000000000 ____D C:\FRST
2019-10-12 21:02 - 2019-10-12 22:09 - 001616384 _____ (Farbar) C:\Users\riaditel\Desktop\FRST64.exe
2019-10-03 20:44 - 2019-10-12 21:05 - 000004064 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1550340504
2019-10-03 20:44 - 2019-10-03 20:44 - 001663040 _____ (Malwarebytes) C:\Users\riaditel\Desktop\JRT.exe
2019-10-03 20:40 - 2019-10-03 20:53 - 000000798 _____ C:\runcheck.txt
2019-10-03 20:39 - 2019-10-03 20:39 - 000000000 ____D C:\zoek_backup
2019-10-03 20:37 - 2019-10-03 20:38 - 002038755 _____ C:\Users\riaditel\Desktop\zoek.exe
2019-10-03 20:13 - 2019-10-03 20:17 - 000000000 ____D C:\AdwCleaner
2019-10-03 20:12 - 2019-10-03 20:12 - 007636680 _____ (Malwarebytes) C:\Users\riaditel\Desktop\adwcleaner_7.4.1.exe
2019-10-03 19:53 - 2019-10-03 19:54 - 000000000 ____D C:\Program Files (x86)\GUMBE6E.tmp
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-10-14 21:15 - 2009-07-14 06:45 - 000009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-10-14 21:15 - 2009-07-14 06:45 - 000009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-10-14 21:12 - 2009-07-14 07:13 - 000786174 _____ C:\Windows\system32\PerfStringBackup.INI
2019-10-14 21:12 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-10-14 21:10 - 2012-06-15 22:40 - 000000000 ____D C:\Users\riaditel\AppData\Local\CrashDumps
2019-10-14 21:07 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-10-14 20:09 - 2011-10-12 16:28 - 000015456 _____ C:\Windows\system32\results.xml
2019-10-14 20:07 - 2012-05-18 10:22 - 000000000 ____D C:\Users\riaditel
2019-10-13 19:16 - 2009-07-14 04:34 - 090963968 _____ C:\Windows\system32\config\SOFTWARE.bak
2019-10-13 19:16 - 2009-07-14 04:34 - 019660800 _____ C:\Windows\system32\config\SYSTEM.bak
2019-10-13 19:16 - 2009-07-14 04:34 - 000262144 _____ C:\Windows\system32\config\SECURITY.bak
2019-10-13 19:12 - 2011-10-12 17:52 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2019-10-13 19:12 - 2009-07-14 04:34 - 000262144 _____ C:\Windows\system32\config\SAM.bak
2019-10-13 16:06 - 2013-05-07 11:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ziacik v3.1
2019-10-13 16:00 - 2011-10-12 17:39 - 000000000 ____D C:\Program Files\Hewlett-Packard
2019-10-13 10:28 - 2011-10-12 16:30 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2019-10-13 10:27 - 2011-10-12 16:26 - 000000000 ____D C:\Program Files (x86)\Intel
2019-10-13 10:24 - 2011-10-12 16:26 - 000000000 ____D C:\Intel
2019-10-13 09:56 - 2011-10-13 02:13 - 000000000 ____D C:\Windows\Panther
2019-10-13 09:15 - 2012-06-18 01:17 - 000770484 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-10-13 09:13 - 2015-06-01 13:44 - 000000000 ____D C:\Windows\system32\MRT
2019-10-13 09:10 - 2011-10-13 06:35 - 000000000 ____D C:\ProgramData\Adobe
2019-10-13 09:08 - 2011-10-12 21:16 - 127230528 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-10-12 22:54 - 2011-10-12 20:30 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-10-12 21:14 - 2018-03-14 15:15 - 000004482 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2019-10-12 21:14 - 2012-06-14 23:31 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-10-12 21:14 - 2012-06-14 23:31 - 000004312 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2019-10-12 21:14 - 2011-10-12 20:30 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-10-12 21:14 - 2011-10-12 20:30 - 000000000 ____D C:\Windows\system32\Macromed
2019-10-12 21:08 - 2015-11-19 13:13 - 000003872 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1447931581
2019-10-12 21:08 - 2015-11-19 13:11 - 000000000 ____D C:\Program Files (x86)\Opera
2019-10-04 01:10 - 2012-05-18 21:29 - 000002392 _____ C:\Users\riaditel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-10-03 20:02 - 2012-05-18 21:27 - 000003552 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-550839865-1085242704-628959683-1004UA
2019-10-03 20:02 - 2012-05-18 21:27 - 000003280 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-550839865-1085242704-628959683-1004Core
2019-10-03 19:54 - 2015-06-01 09:15 - 000000000 ____D C:\Program Files (x86)\Google
==================== Files in the root of some directories ================
2012-05-23 07:22 - 2010-09-20 15:55 - 001550311 ____R () C:\Program Files (x86)\MANUAL.pdf
2012-05-23 07:22 - 2010-09-16 15:10 - 004629424 ____R (SILCOM Multimedia) C:\Program Files (x86)\Vš_vidiek.exe
2012-05-23 07:22 - 2010-09-03 10:14 - 002202336 ____R () C:\Program Files (x86)\Vš_vidiek.swf
2016-03-15 15:27 - 2016-03-15 15:27 - 000000427 _____ () C:\Program Files (x86)\Common Files\eInstruction.ini
2017-06-13 19:20 - 2017-03-19 14:39 - 000095604 ___SH () C:\Users\riaditel\AppData\Roaming\MicrosoftSearchIndexer
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2019-10-14 21:45
==================== End of FRST.txt ============================
Ran by riaditel (administrator) on MPCMPC-5VORJJFJ (Hewlett-Packard HP ProBook 4330s) (14-10-2019 22:06:46)
Running from C:\Users\riaditel\Desktop
Loaded Profiles: riaditel (Available Profiles: riaditel & učitel)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Users\riaditel\AppData\Roaming\Macromedia\svchost.exe
() [File not signed] C:\Users\riaditel\AppData\Roaming\Macromedia\svchost.exe
(Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Atheros Communications Inc. -> Atheros) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(DigitalPersona, Inc. -> DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(eIT Co., Ltd. and Xiroku Inc.) [File not signed] C:\Program Files (x86)\Hitachi Software Engineering\FX-DuoDriver\LSDRVA.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Macrovision Europe Ltd.) [File not signed] C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) [File not signed] C:\Users\riaditel\AppData\Roaming\Macromedia\dllhost32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wscript.exe
(Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Motorola Inc -> Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
(Motorola Inc -> Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\obexsrv.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\assistant\browser_assistant.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\assistant\browser_assistant.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-05-27] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
HKLM\...\Run: [MicrosoftSearchIndexer] => "wscript.exe //E:vbscript C:\Users\riaditel\AppData\Roaming\MicrosoftSearchIndexer"
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2833504 2017-08-26] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files (x86)\Opera\assistant\browser_assistant.exe [2766360 2019-10-09] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-550839865-1085242704-628959683-1004\...\Run: [Google Update] => C:\Users\riaditel\AppData\Local\Google\Update\1.3.35.302\GoogleUpdateCore.exe [1107752 2019-10-03] (Google Inc -> Google LLC)
HKU\S-1-5-21-550839865-1085242704-628959683-1004\...\Run: [MicrosoftSearchIndexer] => "wscript.exe //E:vbscript C:\Users\riaditel\AppData\Roaming\MicrosoftSearchIndexer"
HKU\S-1-5-21-550839865-1085242704-628959683-1004\...\Run: [Google Update 12.3] => C:\Users\riaditel\AppData\Roaming\Macromedia\svchost.exe [2219008 2018-06-26] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-550839865-1085242704-628959683-1004\...\RunOnce: [Application Restart #2] => C:\Users\riaditel\AppData\Local\Google\Chrome\Application\chrome.exe [1531376 2019-09-18] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
HKLM\Software\...\Winlogon\GPExtensions: [{8D90E7E9-6F48-4e24-85E0-596C8E6C4639}] -> C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPCmsGPOClient.dll [2011-08-24] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
HKLM\Software\...\Winlogon\GPExtensions: [{D75A25CD-0CCA-4C3C-A5E6-94039CC03B72}] -> C:\Windows\system32\DPLic.dll [2011-08-24] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\StarBoard Light Sensor Driver.lnk [2012-05-21]
ShortcutTarget: StarBoard Light Sensor Driver.lnk -> C:\Program Files (x86)\Hitachi Software Engineering\FX-DuoDriver\LSDRVA.exe (eIT Co., Ltd. and Xiroku Inc.) [File not signed]
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {33FA770B-F1E8-4236-8266-688D05355009} - System32\Tasks\MicrosoftSearchIndexer => wscript.exe //E:vbscript C:\Users\riaditel\AppData\Roaming\MicrosoftSearchIndexer
Task: {55049452-B899-4ECE-AE4B-7D61F1B1C826} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-550839865-1085242704-628959683-1004UA => C:\Users\riaditel\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-07] (Google Inc -> Google Inc.)
Task: {5FE45A5D-6918-4EDC-ADA2-EA06F164023B} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_270_Plugin.exe [1457720 2019-10-12] (Adobe Inc. -> Adobe)
Task: {75E83BAC-E076-4FA0-A7EE-D2773C086314} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-550839865-1085242704-628959683-1004Core => C:\Users\riaditel\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-07] (Google Inc -> Google Inc.)
Task: {8E5C605B-F42D-4318-85B0-C0A2A6BB9806} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-10-12] (Adobe Inc. -> Adobe)
Task: {9CBAFF7A-29AB-4649-9944-B595EC52C9E9} - System32\Tasks\{34903FBF-0F00-460B-942B-F666EF91E286} => C:\Windows\system32\pcalua.exe -a "E:\01 Personal images\projekt 12k\drivers\Intel PROSet Extensions for Microsoft Windows 7 sp51589.exe" -d "E:\01 Personal images\projekt 12k\drivers"
Task: {AEDBEB2C-D98A-457A-A138-9FD8C9D30C6F} - System32\Tasks\Google Update 12.3 => C:\Users\riaditel\AppData\Roaming\Macromedia\svchost.exe [2219008 2018-06-26] () [File not signed] <==== ATTENTION
Task: {AEEEB0E7-08B8-4BFF-9984-4657F2A91A7B} - System32\Tasks\Opera scheduled assistant Autoupdate 1550340504 => C:\Program Files (x86)\Opera\launcher.exe [1348632 2019-10-04] (Opera Software AS -> Opera Software)
Task: {CC463D46-396E-438F-B39E-B489168BA456} - System32\Tasks\{F51E4ADE-DD88-4196-9957-C3692E8D89BC} => C:\Windows\system32\pcalua.exe -a "C:\Users\riaditel\Downloads\implugin (3).exe" -d C:\Users\riaditel\Downloads
Task: {E679D6EE-E35B-45B9-921D-8E0155B5C3C5} - System32\Tasks\Opera scheduled Autoupdate 1447931581 => C:\Program Files (x86)\Opera\launcher.exe [1348632 2019-10-04] (Opera Software AS -> Opera Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{B2091D3B-B826-49A0-8592-02823FE08B01}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-550839865-1085242704-628959683-1004 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-550839865-1085242704-628959683-1004 -> {FEEB4A72-51B4-4CA9-8444-84423FF6E484} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-01-06] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
BHO-x32: Pomocník pri prihlasovaní v konte Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
FireFox:
========
FF ProfilePath: C:\Users\riaditel\AppData\Roaming\Mozilla\Firefox\Profiles\ofdca1dk.default-1481887113342 [2019-10-13]
FF Extension: (Seznam lištička) - C:\Users\riaditel\AppData\Roaming\Mozilla\Firefox\Profiles\ofdca1dk.default-1481887113342\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-05-11] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: (DigitalPersona Extension) - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2011-10-12] [Legacy] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_270.dll [2019-10-12] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_270.dll [2019-10-12] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-03-17] (VideoLAN) [File not signed]
FF Plugin HKU\S-1-5-21-550839865-1085242704-628959683-1004: @tools.google.com/Google Update;version=3 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-06-03] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-550839865-1085242704-628959683-1004: @tools.google.com/Google Update;version=9 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-06-03] (Google Inc -> Google LLC)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\riaditel\AppData\Local\Google\Chrome\User Data\Default [2019-10-14]
CHR Extension: (YouTube) - C:\Users\riaditel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-10]
CHR Extension: (Google Search) - C:\Users\riaditel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\riaditel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Gmail) - C:\Users\riaditel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-09-03]
CHR Extension: (Chrome Media Router) - C:\Users\riaditel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-10-13]
CHR Profile: C:\Users\riaditel\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-08-30]
CHR Profile: C:\Users\riaditel\AppData\Local\Google\Chrome\User Data\System Profile [2017-08-30]
StartMenuInternet: Google Chrome - C:\Users\riaditel\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft, Inc. -> ArcSoft Inc.)
R2 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [89600 2009-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-01-06] (Atheros Communications Inc. -> Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [53920 2011-01-06] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [486224 2011-08-24] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
S3 FLCDLOCK; C:\Windows\SysWOW64\flcdlock.exe [476728 2011-09-05] (Hewlett-Packard Company -> Hewlett-Packard Company)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2011-12-16] (Macrovision Europe Ltd.) [File not signed]
R3 FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [1028096 2011-12-16] (Macrovision Europe Ltd.) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [1698360 2011-07-06] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [301568 2011-05-27] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
S2 PdiService; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Accelerometer; C:\Windows\System32\DRIVERS\Accelerometer.sys [43840 2012-09-24] (Hewlett-Packard Company -> Hewlett-Packard Company)
S3 ATHDFU; C:\Windows\System32\Drivers\AthDfu.sys [51872 2011-01-06] (Atheros Communications Inc. -> Windows (R) Win 7 DDK provider)
S3 athr; C:\Windows\System32\DRIVERS\athrx.sys [2753536 2011-06-21] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
S3 BTMCOM; C:\Windows\System32\Drivers\btmcom.sys [52736 2010-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Motorola, Inc.)
S3 BTMHID; C:\Windows\system32\drivers\btmhid.sys [34176 2010-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Motorola, Inc.)
S3 BTMUSB; C:\Windows\System32\Drivers\btmusb.sys [486144 2011-02-08] (Microsoft Windows Hardware Compatibility Publisher -> Motorola Solutions, Inc.)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [64312 2011-08-22] (Hewlett-Packard Company -> Hewlett-Packard Company)
R0 hpdskflt; C:\Windows\System32\drivers\hpdskflt.sys [31040 2012-09-24] (Hewlett-Packard Company -> Hewlett-Packard Company)
R3 HpqKbFiltr; C:\Windows\System32\DRIVERS\HpqKbFiltr.sys [25912 2011-07-06] (Hewlett-Packard Company -> Hewlett-Packard Company)
S3 LSDRVA; C:\Windows\System32\Drivers\lsdrva.sys [46360 2009-12-08] (eIT Co., Ltd. -> eIT Co., Ltd. and Xiroku Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [180264 2016-02-04] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [91648 2011-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [208896 2011-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
S3 RTLE8023x64; C:\Windows\System32\DRIVERS\Rtenic64.sys [328808 2010-10-28] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation )
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [3709656 2015-01-06] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation )
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [2596448 2015-10-26] (Sonix Technology CO., LTD -> Sonix Tech. Co., Ltd.)
R3 StarBoardMT; C:\Windows\System32\DRIVERS\StarBoardMT.sys [27816 2010-06-29] (Hitachi Software Engineering Co., Ltd. -> Hitachi Software Engineering Co., Ltd.)
R3 STHDA; C:\Windows\System32\DRIVERS\stwrt64.sys [528384 2011-05-27] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-10-14 20:32 - 2019-10-14 20:32 - 000010576 _____ C:\Users\riaditel\Desktop\Addition.zip
2019-10-14 20:11 - 2019-10-14 22:07 - 000020213 _____ C:\Users\riaditel\Desktop\FRST.txt
2019-10-13 16:06 - 2019-10-13 19:16 - 000001664 _____ C:\Windows\system32\ASOROSet.bin
2019-10-13 16:05 - 2019-10-13 16:05 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2019-10-13 16:05 - 2015-10-26 11:32 - 002596448 _____ (Sonix Tech. Co., Ltd.) C:\Windows\system32\Drivers\snp2uvc.sys
2019-10-13 16:05 - 2015-10-26 11:32 - 000411240 _____ (Sonix Technology Co., Ltd.) C:\Windows\SysWOW64\rsnp2uvc.dll
2019-10-13 16:05 - 2015-10-26 11:32 - 000409696 _____ (Sonix Technology Co., Ltd.) C:\Windows\system32\rsnp2uvc.dll
2019-10-13 16:05 - 2015-10-26 11:32 - 000387688 _____ (Sonix Technology Co., Ltd.) C:\Windows\system32\vsnp2uvc.dll
2019-10-13 16:05 - 2015-10-26 11:32 - 000319072 _____ (Sonix Technology Co., Ltd.) C:\Windows\SysWOW64\vsnp2uvc.dll
2019-10-13 16:05 - 2015-10-26 11:32 - 000255072 _____ (Sonix Technology Co., Ltd.) C:\Windows\system32\SETC945.tmp
2019-10-13 16:05 - 2015-10-26 11:32 - 000035432 _____ () C:\Windows\snuvcdsm.exe
2019-10-13 15:58 - 2014-09-29 11:16 - 000454416 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
2019-10-13 10:27 - 2019-10-13 19:12 - 000000000 ____D C:\ProgramData\Intel
2019-10-13 10:27 - 2012-05-15 07:13 - 000144896 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll
2019-10-13 10:27 - 2012-05-15 07:13 - 000020992 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2019-10-13 10:27 - 2012-05-15 06:20 - 000104448 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelOpenCL32.dll
2019-10-13 10:27 - 2012-05-15 06:20 - 000017920 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2019-10-13 10:24 - 2015-06-04 22:21 - 005906536 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
2019-10-13 10:24 - 2015-06-04 22:21 - 000513640 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2019-10-13 10:24 - 2015-06-04 22:21 - 000444008 _____ (Intel Corporation) C:\Windows\system32\SETE03F.tmp
2019-10-13 10:24 - 2015-06-04 22:21 - 000401512 _____ (Intel Corporation) C:\Windows\system32\SETDA72.tmp
2019-10-13 10:24 - 2015-06-04 22:21 - 000280680 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2019-10-13 10:24 - 2015-06-04 22:21 - 000256616 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2019-10-13 10:24 - 2015-06-04 22:21 - 000187496 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2019-10-13 10:24 - 2015-06-04 22:21 - 000173672 _____ (Intel Corporation) C:\Windows\system32\SETDA23.tmp
2019-10-13 10:24 - 2015-06-04 22:20 - 000116224 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v4229.dll
2019-10-13 10:24 - 2015-05-26 21:02 - 005375448 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2019-10-13 10:24 - 2015-05-26 21:00 - 012694808 _____ (Intel Corporation) C:\Windows\system32\igdumd64.dll
2019-10-13 10:24 - 2015-05-26 21:00 - 011245520 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10umd32.dll
2019-10-13 10:24 - 2015-05-26 21:00 - 011117808 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumd32.dll
2019-10-13 10:24 - 2015-05-26 21:00 - 001049576 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2019-10-13 10:24 - 2015-05-26 21:00 - 000940360 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2019-10-13 10:24 - 2015-05-26 21:00 - 000530968 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2019-10-13 10:24 - 2015-05-26 21:00 - 000525800 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2019-10-13 10:24 - 2015-05-26 21:00 - 000220432 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2019-10-13 10:24 - 2015-05-26 21:00 - 000184352 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2019-10-13 10:24 - 2015-05-26 21:00 - 000031984 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2019-10-13 10:24 - 2015-05-26 21:00 - 000017082 _____ C:\Windows\system32\iglhxs64.vp
2019-10-13 10:24 - 2015-05-26 20:53 - 000101376 _____ C:\Windows\system32\igdde64.dll
2019-10-13 10:24 - 2015-05-26 20:53 - 000081408 _____ C:\Windows\SysWOW64\igdde32.dll
2019-10-13 10:24 - 2015-05-26 20:52 - 010811392 _____ (Intel Corporation) C:\Windows\SysWOW64\ig4icd32.dll
2019-10-13 10:24 - 2015-05-26 20:52 - 000442880 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2019-10-13 10:24 - 2015-05-26 20:52 - 000440320 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000439808 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000439808 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000438784 _____ (Intel Corporation) C:\Windows\system32\SETEB55.tmp
2019-10-13 10:24 - 2015-05-26 20:52 - 000438784 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000438784 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000438784 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000438784 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000438784 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000438784 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000438272 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000438272 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000438272 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000437760 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000437760 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000437760 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000437760 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000437760 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000437248 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000437248 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000435712 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000435712 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000432128 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000431104 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000429056 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000428544 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000410112 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2019-10-13 10:24 - 2015-05-26 20:52 - 000384512 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2019-10-13 10:24 - 2015-05-26 20:52 - 000330752 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2019-10-13 10:24 - 2015-05-26 20:52 - 000286208 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000223664 _____ C:\Windows\system32\Gfxres.th-TH.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000210106 _____ C:\Windows\system32\Gfxres.el-GR.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000194245 _____ C:\Windows\system32\Gfxres.ru-RU.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000175104 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2019-10-13 10:24 - 2015-05-26 20:52 - 000166170 _____ C:\Windows\system32\Gfxres.ar-SA.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000163421 _____ C:\Windows\system32\Gfxres.ja-JP.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000159008 _____ C:\Windows\system32\Gfxres.he-IL.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000149682 _____ C:\Windows\system32\Gfxres.it-IT.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000148042 _____ C:\Windows\system32\Gfxres.ko-KR.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000147393 _____ C:\Windows\system32\Gfxres.de-DE.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000147288 _____ C:\Windows\system32\Gfxres.es-ES.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000146004 _____ C:\Windows\system32\Gfxres.ro-RO.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000145491 _____ C:\Windows\system32\Gfxres.fr-FR.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000144645 _____ C:\Windows\system32\Gfxres.tr-TR.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000144260 _____ C:\Windows\system32\Gfxres.pt-BR.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000144020 _____ C:\Windows\system32\Gfxres.nl-NL.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000143932 _____ C:\Windows\system32\Gfxres.hu-HU.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000142882 _____ C:\Windows\system32\Gfxres.sv-SE.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000142877 _____ C:\Windows\system32\Gfxres.pt-PT.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000142717 _____ C:\Windows\system32\Gfxres.pl-PL.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000142336 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2019-10-13 10:24 - 2015-05-26 20:52 - 000142289 _____ C:\Windows\system32\Gfxres.cs-CZ.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000142008 _____ C:\Windows\system32\Gfxres.fi-FI.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000141838 _____ C:\Windows\system32\Gfxres.sk-SK.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000141049 _____ C:\Windows\system32\Gfxres.hr-HR.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000137889 _____ C:\Windows\system32\Gfxres.sl-SI.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000137784 _____ C:\Windows\system32\Gfxres.nb-NO.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000137141 _____ C:\Windows\system32\Gfxres.da-DK.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000132623 _____ C:\Windows\system32\Gfxres.en-US.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000126976 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2019-10-13 10:24 - 2015-05-26 20:52 - 000126300 _____ C:\Windows\system32\Gfxres.zh-TW.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000124650 _____ C:\Windows\system32\Gfxres.zh-CN.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000025088 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2019-10-13 10:24 - 2015-05-26 20:52 - 000009728 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2019-10-13 10:24 - 2015-05-26 20:52 - 000000268 _____ C:\Windows\system32\GfxUI.exe.config
2019-10-13 10:24 - 2015-05-26 20:51 - 013028864 _____ (Intel Corporation) C:\Windows\system32\ig4icd64.dll
2019-10-13 10:24 - 2015-05-26 20:50 - 003511296 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2019-10-13 10:24 - 2015-05-26 20:50 - 003121152 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2019-10-13 10:24 - 2015-05-26 20:50 - 000963452 _____ C:\Windows\SysWOW64\igcodeckrng600.bin
2019-10-13 10:24 - 2015-05-26 20:50 - 000963452 _____ C:\Windows\system32\igcodeckrng600.bin
2019-10-13 10:24 - 2015-05-26 20:50 - 000575488 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll
2019-10-13 10:24 - 2015-05-26 20:50 - 000542720 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll
2019-10-13 10:24 - 2015-05-26 20:50 - 000272928 _____ C:\Windows\SysWOW64\igvpkrng600.bin
2019-10-13 10:24 - 2015-05-26 20:50 - 000272928 _____ C:\Windows\system32\igvpkrng600.bin
2019-10-13 10:24 - 2015-05-26 20:50 - 000059425 _____ C:\Windows\system32\iglhxo64.vp
2019-10-13 10:24 - 2015-05-26 20:50 - 000059398 _____ C:\Windows\system32\iglhxg64.vp
2019-10-13 10:24 - 2015-05-26 20:50 - 000059230 _____ C:\Windows\system32\iglhxc64.vp
2019-10-13 10:24 - 2015-05-26 20:50 - 000059104 _____ C:\Windows\system32\iglhxc64_dev.vp
2019-10-13 10:24 - 2015-05-26 20:50 - 000058796 _____ C:\Windows\system32\iglhxg64_dev.vp
2019-10-13 10:24 - 2015-05-26 20:50 - 000058109 _____ C:\Windows\system32\iglhxo64_dev.vp
2019-10-13 10:24 - 2012-10-02 09:34 - 000016896 _____ (Intel(R) Corporation) C:\Windows\system32\IntcDAuC.dll
2019-10-13 10:23 - 2019-10-13 16:06 - 000000000 ____D C:\temp
2019-10-13 09:10 - 2019-10-13 09:10 - 000000000 ____D C:\Windows\system32\appmgmt
2019-10-12 22:19 - 2019-10-13 09:06 - 000000000 ____D C:\Users\riaditel\AppData\Roaming\CrystalIdea Software
2019-10-12 22:19 - 2019-10-13 09:06 - 000000000 ____D C:\Program Files\Uninstall Tool
2019-10-12 22:18 - 2019-10-12 22:18 - 000000000 ____D C:\Users\riaditel\AppData\Roaming\WinRAR
2019-10-12 22:18 - 2016-10-15 23:59 - 004003240 _____ (CrystalIdea Software ) C:\Users\riaditel\Desktop\uninstalltool_setup.exe
2019-10-12 22:15 - 2019-10-12 22:15 - 000000690 _____ C:\Users\riaditel\Desktop\SCHOOOL.lnk
2019-10-12 22:15 - 2019-10-12 22:15 - 000000681 _____ C:\Users\riaditel\Desktop\SCHOOL.lnk
2019-10-12 22:13 - 2019-10-12 22:13 - 000000000 ____D C:\Users\riaditel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-10-12 22:13 - 2019-10-12 22:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-10-12 22:12 - 2019-10-12 22:13 - 000000000 ____D C:\Program Files\WinRAR
2019-10-12 22:09 - 2019-10-14 22:07 - 000000000 ____D C:\FRST
2019-10-12 21:02 - 2019-10-12 22:09 - 001616384 _____ (Farbar) C:\Users\riaditel\Desktop\FRST64.exe
2019-10-03 20:44 - 2019-10-12 21:05 - 000004064 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1550340504
2019-10-03 20:44 - 2019-10-03 20:44 - 001663040 _____ (Malwarebytes) C:\Users\riaditel\Desktop\JRT.exe
2019-10-03 20:40 - 2019-10-03 20:53 - 000000798 _____ C:\runcheck.txt
2019-10-03 20:39 - 2019-10-03 20:39 - 000000000 ____D C:\zoek_backup
2019-10-03 20:37 - 2019-10-03 20:38 - 002038755 _____ C:\Users\riaditel\Desktop\zoek.exe
2019-10-03 20:13 - 2019-10-03 20:17 - 000000000 ____D C:\AdwCleaner
2019-10-03 20:12 - 2019-10-03 20:12 - 007636680 _____ (Malwarebytes) C:\Users\riaditel\Desktop\adwcleaner_7.4.1.exe
2019-10-03 19:53 - 2019-10-03 19:54 - 000000000 ____D C:\Program Files (x86)\GUMBE6E.tmp
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-10-14 21:15 - 2009-07-14 06:45 - 000009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-10-14 21:15 - 2009-07-14 06:45 - 000009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-10-14 21:12 - 2009-07-14 07:13 - 000786174 _____ C:\Windows\system32\PerfStringBackup.INI
2019-10-14 21:12 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-10-14 21:10 - 2012-06-15 22:40 - 000000000 ____D C:\Users\riaditel\AppData\Local\CrashDumps
2019-10-14 21:07 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-10-14 20:09 - 2011-10-12 16:28 - 000015456 _____ C:\Windows\system32\results.xml
2019-10-14 20:07 - 2012-05-18 10:22 - 000000000 ____D C:\Users\riaditel
2019-10-13 19:16 - 2009-07-14 04:34 - 090963968 _____ C:\Windows\system32\config\SOFTWARE.bak
2019-10-13 19:16 - 2009-07-14 04:34 - 019660800 _____ C:\Windows\system32\config\SYSTEM.bak
2019-10-13 19:16 - 2009-07-14 04:34 - 000262144 _____ C:\Windows\system32\config\SECURITY.bak
2019-10-13 19:12 - 2011-10-12 17:52 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2019-10-13 19:12 - 2009-07-14 04:34 - 000262144 _____ C:\Windows\system32\config\SAM.bak
2019-10-13 16:06 - 2013-05-07 11:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ziacik v3.1
2019-10-13 16:00 - 2011-10-12 17:39 - 000000000 ____D C:\Program Files\Hewlett-Packard
2019-10-13 10:28 - 2011-10-12 16:30 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2019-10-13 10:27 - 2011-10-12 16:26 - 000000000 ____D C:\Program Files (x86)\Intel
2019-10-13 10:24 - 2011-10-12 16:26 - 000000000 ____D C:\Intel
2019-10-13 09:56 - 2011-10-13 02:13 - 000000000 ____D C:\Windows\Panther
2019-10-13 09:15 - 2012-06-18 01:17 - 000770484 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-10-13 09:13 - 2015-06-01 13:44 - 000000000 ____D C:\Windows\system32\MRT
2019-10-13 09:10 - 2011-10-13 06:35 - 000000000 ____D C:\ProgramData\Adobe
2019-10-13 09:08 - 2011-10-12 21:16 - 127230528 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-10-12 22:54 - 2011-10-12 20:30 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-10-12 21:14 - 2018-03-14 15:15 - 000004482 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2019-10-12 21:14 - 2012-06-14 23:31 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-10-12 21:14 - 2012-06-14 23:31 - 000004312 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2019-10-12 21:14 - 2011-10-12 20:30 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-10-12 21:14 - 2011-10-12 20:30 - 000000000 ____D C:\Windows\system32\Macromed
2019-10-12 21:08 - 2015-11-19 13:13 - 000003872 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1447931581
2019-10-12 21:08 - 2015-11-19 13:11 - 000000000 ____D C:\Program Files (x86)\Opera
2019-10-04 01:10 - 2012-05-18 21:29 - 000002392 _____ C:\Users\riaditel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-10-03 20:02 - 2012-05-18 21:27 - 000003552 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-550839865-1085242704-628959683-1004UA
2019-10-03 20:02 - 2012-05-18 21:27 - 000003280 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-550839865-1085242704-628959683-1004Core
2019-10-03 19:54 - 2015-06-01 09:15 - 000000000 ____D C:\Program Files (x86)\Google
==================== Files in the root of some directories ================
2012-05-23 07:22 - 2010-09-20 15:55 - 001550311 ____R () C:\Program Files (x86)\MANUAL.pdf
2012-05-23 07:22 - 2010-09-16 15:10 - 004629424 ____R (SILCOM Multimedia) C:\Program Files (x86)\Vš_vidiek.exe
2012-05-23 07:22 - 2010-09-03 10:14 - 002202336 ____R () C:\Program Files (x86)\Vš_vidiek.swf
2016-03-15 15:27 - 2016-03-15 15:27 - 000000427 _____ () C:\Program Files (x86)\Common Files\eInstruction.ini
2017-06-13 19:20 - 2017-03-19 14:39 - 000095604 ___SH () C:\Users\riaditel\AppData\Roaming\MicrosoftSearchIndexer
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2019-10-14 21:45
==================== End of FRST.txt ============================
- Přílohy
-
- Addition.zip
- (10.39 KiB) Staženo 74 x
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomalenie, virus. FRST log
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKU\S-1-5-21-550839865-1085242704-628959683-1004\...\Run: [Google Update 12.3] => C:\Users\riaditel\AppData\Roaming\Macromedia\svchost.exe [2219008 2018-06-26] () [File not signed] <==== ATTENTION
Task: {9CBAFF7A-29AB-4649-9944-B595EC52C9E9} - System32\Tasks\{34903FBF-0F00-460B-942B-F666EF91E286} => C:\Windows\system32\pcalua.exe -a "E:\01 Personal images\projekt 12k\drivers\Intel PROSet Extensions for Microsoft Windows 7 sp51589.exe" -d "E:\01 Personal images\projekt 12k\drivers"
Task: {AEDBEB2C-D98A-457A-A138-9FD8C9D30C6F} - System32\Tasks\Google Update 12.3 => C:\Users\riaditel\AppData\Roaming\Macromedia\svchost.exe [2219008 2018-06-26] () [File not signed] <==== ATTENTION
Task: {CC463D46-396E-438F-B39E-B489168BA456} - System32\Tasks\{F51E4ADE-DD88-4196-9957-C3692E8D89BC} => C:\Windows\system32\pcalua.exe -a "C:\Users\riaditel\Downloads\implugin (3).exe" -d C:\Users\riaditel\Downloads
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Windows\system32\SETE03F.tmp
C:\Windows\system32\SETDA72.tmp
C:\Windows\system32\SETDA23.tmp
C:\Program Files (x86)\GUMBE6E.tmp
C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-550839865-1085242704-628959683-1004UA
C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-550839865-1085242704-628959683-1004Core
HKU\S-1-5-21-550839865-1085242704-628959683-1004\...\ChromeHTML: -> C:\Users\riaditel\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File
ContextMenuHandlers1: [SecureExt] -> {D23C3BA7-6DC3-4DDF-9BDF-12599E852A40} => -> No File
ContextMenuHandlers2: [SecureExt] -> {D23C3BA7-6DC3-4DDF-9BDF-12599E852A40} => -> No File
ContextMenuHandlers6: [SecureExt] -> {D23C3BA7-6DC3-4DDF-9BDF-12599E852A40} => -> No File
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Spomalenie, virus. FRST log
Fix result of Farbar Recovery Scan Tool (x64) Version: 12-10-2019 02
Ran by riaditel (15-10-2019 15:53:43) Run:1
Running from C:\Users\riaditel\Desktop
Loaded Profiles: riaditel (Available Profiles: riaditel & učitel)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-550839865-1085242704-628959683-1004\...\Run: [Google Update 12.3] => C:\Users\riaditel\AppData\Roaming\Macromedia\svchost.exe [2219008 2018-06-26] () [File not signed] <==== ATTENTION
Task: {9CBAFF7A-29AB-4649-9944-B595EC52C9E9} - System32\Tasks\{34903FBF-0F00-460B-942B-F666EF91E286} => C:\Windows\system32\pcalua.exe -a "E:\01 Personal images\projekt 12k\drivers\Intel PROSet Extensions for Microsoft Windows 7 sp51589.exe" -d "E:\01 Personal images\projekt 12k\drivers"
Task: {AEDBEB2C-D98A-457A-A138-9FD8C9D30C6F} - System32\Tasks\Google Update 12.3 => C:\Users\riaditel\AppData\Roaming\Macromedia\svchost.exe [2219008 2018-06-26] () [File not signed] <==== ATTENTION
Task: {CC463D46-396E-438F-B39E-B489168BA456} - System32\Tasks\{F51E4ADE-DD88-4196-9957-C3692E8D89BC} => C:\Windows\system32\pcalua.exe -a "C:\Users\riaditel\Downloads\implugin (3).exe" -d C:\Users\riaditel\Downloads
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Windows\system32\SETE03F.tmp
C:\Windows\system32\SETDA72.tmp
C:\Windows\system32\SETDA23.tmp
C:\Program Files (x86)\GUMBE6E.tmp
C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-550839865-1085242704-628959683-1004UA
C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-550839865-1085242704-628959683-1004Core
HKU\S-1-5-21-550839865-1085242704-628959683-1004\...\ChromeHTML: -> C:\Users\riaditel\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File
ContextMenuHandlers1: [SecureExt] -> {D23C3BA7-6DC3-4DDF-9BDF-12599E852A40} => -> No File
ContextMenuHandlers2: [SecureExt] -> {D23C3BA7-6DC3-4DDF-9BDF-12599E852A40} => -> No File
ContextMenuHandlers6: [SecureExt] -> {D23C3BA7-6DC3-4DDF-9BDF-12599E852A40} => -> No File
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
EmptyTemp:
End
*****************
Processes closed successfully.
"HKU\S-1-5-21-550839865-1085242704-628959683-1004\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update 12.3" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9CBAFF7A-29AB-4649-9944-B595EC52C9E9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9CBAFF7A-29AB-4649-9944-B595EC52C9E9}" => removed successfully
C:\Windows\System32\Tasks\{34903FBF-0F00-460B-942B-F666EF91E286} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{34903FBF-0F00-460B-942B-F666EF91E286}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AEDBEB2C-D98A-457A-A138-9FD8C9D30C6F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AEDBEB2C-D98A-457A-A138-9FD8C9D30C6F}" => removed successfully
C:\Windows\System32\Tasks\Google Update 12.3 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Google Update 12.3" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CC463D46-396E-438F-B39E-B489168BA456}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CC463D46-396E-438F-B39E-B489168BA456}" => removed successfully
C:\Windows\System32\Tasks\{F51E4ADE-DD88-4196-9957-C3692E8D89BC} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F51E4ADE-DD88-4196-9957-C3692E8D89BC}" => removed successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
C:\Windows\system32\SETE03F.tmp => moved successfully
C:\Windows\system32\SETDA72.tmp => moved successfully
C:\Windows\system32\SETDA23.tmp => moved successfully
C:\Program Files (x86)\GUMBE6E.tmp => moved successfully
C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-550839865-1085242704-628959683-1004UA => moved successfully
C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-550839865-1085242704-628959683-1004Core => moved successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\ChromeHTML => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E} => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SecureExt => removed successfully
HKLM\Software\Classes\CLSID\{D23C3BA7-6DC3-4DDF-9BDF-12599E852A40} => not found
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\SecureExt => removed successfully
HKLM\Software\Classes\CLSID\{D23C3BA7-6DC3-4DDF-9BDF-12599E852A40} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\SecureExt => removed successfully
HKLM\Software\Classes\CLSID\{D23C3BA7-6DC3-4DDF-9BDF-12599E852A40} => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\SPPSVC-In-TCP" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\SPPSVC-In-TCP-NoScope" => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 62068225 B
Java, Flash, Steam htmlcache => 171254 B
Windows/system/drivers => 1407729 B
Edge => 0 B
Chrome => 159372202 B
Firefox => 379069766 B
Opera => 13018560 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 73300 B
Public => 73300 B
ProgramData => 73300 B
systemprofile => 101872102 B
systemprofile32 => 101942390 B
LocalService => 101942390 B
NetworkService => 101961698 B
riaditel => 103125516 B
učitel => 103397660 B
RecycleBin => 8713807466 B
EmptyTemp: => 9.3 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 15:54:35 ====
Ran by riaditel (15-10-2019 15:53:43) Run:1
Running from C:\Users\riaditel\Desktop
Loaded Profiles: riaditel (Available Profiles: riaditel & učitel)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-550839865-1085242704-628959683-1004\...\Run: [Google Update 12.3] => C:\Users\riaditel\AppData\Roaming\Macromedia\svchost.exe [2219008 2018-06-26] () [File not signed] <==== ATTENTION
Task: {9CBAFF7A-29AB-4649-9944-B595EC52C9E9} - System32\Tasks\{34903FBF-0F00-460B-942B-F666EF91E286} => C:\Windows\system32\pcalua.exe -a "E:\01 Personal images\projekt 12k\drivers\Intel PROSet Extensions for Microsoft Windows 7 sp51589.exe" -d "E:\01 Personal images\projekt 12k\drivers"
Task: {AEDBEB2C-D98A-457A-A138-9FD8C9D30C6F} - System32\Tasks\Google Update 12.3 => C:\Users\riaditel\AppData\Roaming\Macromedia\svchost.exe [2219008 2018-06-26] () [File not signed] <==== ATTENTION
Task: {CC463D46-396E-438F-B39E-B489168BA456} - System32\Tasks\{F51E4ADE-DD88-4196-9957-C3692E8D89BC} => C:\Windows\system32\pcalua.exe -a "C:\Users\riaditel\Downloads\implugin (3).exe" -d C:\Users\riaditel\Downloads
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Windows\system32\SETE03F.tmp
C:\Windows\system32\SETDA72.tmp
C:\Windows\system32\SETDA23.tmp
C:\Program Files (x86)\GUMBE6E.tmp
C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-550839865-1085242704-628959683-1004UA
C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-550839865-1085242704-628959683-1004Core
HKU\S-1-5-21-550839865-1085242704-628959683-1004\...\ChromeHTML: -> C:\Users\riaditel\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File
ContextMenuHandlers1: [SecureExt] -> {D23C3BA7-6DC3-4DDF-9BDF-12599E852A40} => -> No File
ContextMenuHandlers2: [SecureExt] -> {D23C3BA7-6DC3-4DDF-9BDF-12599E852A40} => -> No File
ContextMenuHandlers6: [SecureExt] -> {D23C3BA7-6DC3-4DDF-9BDF-12599E852A40} => -> No File
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
EmptyTemp:
End
*****************
Processes closed successfully.
"HKU\S-1-5-21-550839865-1085242704-628959683-1004\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update 12.3" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9CBAFF7A-29AB-4649-9944-B595EC52C9E9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9CBAFF7A-29AB-4649-9944-B595EC52C9E9}" => removed successfully
C:\Windows\System32\Tasks\{34903FBF-0F00-460B-942B-F666EF91E286} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{34903FBF-0F00-460B-942B-F666EF91E286}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AEDBEB2C-D98A-457A-A138-9FD8C9D30C6F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AEDBEB2C-D98A-457A-A138-9FD8C9D30C6F}" => removed successfully
C:\Windows\System32\Tasks\Google Update 12.3 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Google Update 12.3" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CC463D46-396E-438F-B39E-B489168BA456}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CC463D46-396E-438F-B39E-B489168BA456}" => removed successfully
C:\Windows\System32\Tasks\{F51E4ADE-DD88-4196-9957-C3692E8D89BC} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F51E4ADE-DD88-4196-9957-C3692E8D89BC}" => removed successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
C:\Windows\system32\SETE03F.tmp => moved successfully
C:\Windows\system32\SETDA72.tmp => moved successfully
C:\Windows\system32\SETDA23.tmp => moved successfully
C:\Program Files (x86)\GUMBE6E.tmp => moved successfully
C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-550839865-1085242704-628959683-1004UA => moved successfully
C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-550839865-1085242704-628959683-1004Core => moved successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\ChromeHTML => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E} => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SecureExt => removed successfully
HKLM\Software\Classes\CLSID\{D23C3BA7-6DC3-4DDF-9BDF-12599E852A40} => not found
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\SecureExt => removed successfully
HKLM\Software\Classes\CLSID\{D23C3BA7-6DC3-4DDF-9BDF-12599E852A40} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\SecureExt => removed successfully
HKLM\Software\Classes\CLSID\{D23C3BA7-6DC3-4DDF-9BDF-12599E852A40} => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\SPPSVC-In-TCP" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\SPPSVC-In-TCP-NoScope" => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 62068225 B
Java, Flash, Steam htmlcache => 171254 B
Windows/system/drivers => 1407729 B
Edge => 0 B
Chrome => 159372202 B
Firefox => 379069766 B
Opera => 13018560 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 73300 B
Public => 73300 B
ProgramData => 73300 B
systemprofile => 101872102 B
systemprofile32 => 101942390 B
LocalService => 101942390 B
NetworkService => 101961698 B
riaditel => 103125516 B
učitel => 103397660 B
RecycleBin => 8713807466 B
EmptyTemp: => 9.3 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 15:54:35 ====
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomalenie, virus. FRST log
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Spomalenie, virus. FRST log
Ďakujem, je to už fajn 
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomalenie, virus. FRST log
Nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?