OK, omlouvám se, log zde:
Fix result of Farbar Recovery Scan Tool (x64) Version: 15.11.2018
Ran by admin (17-11-2018 17:38:39) Run:13
Running from E:\Download\AntiVir
Loaded Profiles: l & admin & MSSQL$SQL12 (Available Profiles: l & admin & MSSQL$SQL12 & WebDriverInstaller & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
File: C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
File: C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIMRE.EXE
File: c:\apcupsd\bin\apcupsd.exe
File: C:\Windows\SysWOW64\ASGT.exe
File: C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
File: C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
File: C:\Program Files (x86)\Cobian Backup 11\cbService.exe
File: C:\Program Files\Ferro Software\FtpUse\mounter.exe
File: C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
File: C:\WINDOWS\system32\IProsetMonitor.exe
File: C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
File: C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
File: C:\WINDOWS\system32\ampa.sys
File: C:\WINDOWS\SysWOW64\ampa.sys
File: C:\WINDOWS\system32\pla.dll
File: C:\Users\admin.TlapXX\AppData\Local\Vivaldi\Application\vivaldi.exe
ExportKey: HKEY_USERS\S-1-5-21-813562695-3325033892-3013063695-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vivaldi
ExportKey: HKEY_USERS\S-1-5-21-813562695-3325033892-3013063695-1006\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vivaldi
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony\Providers
HKLM-x32\...\Run: [UPS Assistant] => [X]
HKLM\...\RunOnce: [*EmptyTemp] => cmd /c rd /q/s C:\FRST\Temp
HKU\S-1-5-21-813562695-3325033892-3013063695-1006\...\Run: [UPS Assistant] => [X]
IFEO\apctray.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\uninstall.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
Startup: C:\Users\l\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2016-07-25]
ShellIconOverlayIdentifiers-x32-x32-x32-x32-x32: [OODIIcon] -> {14A94384-BBED-47ed-86C0-6BF63FD892D0} => -> No File
Task: {0FB150CF-A560-4D09-BAD8-47BB890A3000} - System32\Tasks\AdwCleaner_onReboot => E:\Download\AntiVir\adwcleaner_7.2.4.0.exe [2018-09-27] (Malwarebytes)
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========
Count : 14
Average :
Sum : 101488
Maximum :
Minimum :
Property : Length
========= End of Powershell: =========
========================= File: C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe ========================
C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
File is digitally signed
MD5: 26443C4332B966C44481D1DE8D1BCBB4
Creation and modification date: 2016-02-21 21:10 - 2013-01-28 15:58
Size: 000550272
Attributes: ----A
Company Name: ASUSTek Computer Inc.
Internal Name: AiChargerPlus
Original Name: AiChargerPlus.EXE
Product: AiChargerPlus Application
Description: AiChargerPlus Application
File Version: 2, 0, 0, 0
Product Version: 2, 0, 0, 0
Copyright: Copyright (C) 2011
VirusTotal:
https://www.virustotal.com/file/2407ee6 ... 536664600/
====== End of File: ======
========================= File: C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe ========================
C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
File is digitally signed
MD5: 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F
Creation and modification date: 2018-10-22 10:47 - 2018-10-22 10:47
Size: 000030192
Attributes: ----A
Company Name: Google
Internal Name: Google Desktop
Original Name:
Product: Google Desktop
Description: Google Desktop
File Version: 5.9.1005.12335
Product Version: 5.9.1005.12335
Copyright: Copyright (c) 2003-10 Google. All Rights Reserved.
VirusTotal:
https://www.virustotal.com/file/6d2b301 ... 542080212/
====== End of File: ======
========================= File: C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIMRE.EXE ========================
C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIMRE.EXE
File is digitally signed
MD5: 5451E20D9EFBDC89991C1B86A6306894
Creation and modification date: 2017-02-11 15:45 - 2014-03-20 09:01
Size: 000298560
Attributes: ----A
Company Name: SEIKO EPSON CORPORATION
Internal Name: E_WT80IC
Original Name: E_WT80IC.EXE
Product: EPSON Status Monitor 3
Description: EPSON Status Monitor 3
File Version: 9.01
Product Version: 9.01
Copyright: Copyright (C) SEIKO EPSON CORP. 2014
VirusTotal:
https://www.virustotal.com/file/e41cd89 ... 541862986/
====== End of File: ======
========================= File: c:\apcupsd\bin\apcupsd.exe ========================
c:\apcupsd\bin\apcupsd.exe
File not signed
MD5: C98FE9099FA0741C84E5CACF7B0C0722
Creation and modification date: 2016-05-31 18:52 - 2016-05-31 18:52
Size: 000266752
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal:
https://www.virustotal.com/file/97d8588 ... 490635582/
====== End of File: ======
========================= File: C:\Windows\SysWOW64\ASGT.exe ========================
C:\Windows\SysWOW64\ASGT.exe
File not signed
MD5: 3A4DB6DDE6326FAE8ED11760678277FF
Creation and modification date: 2015-08-18 22:31 - 2015-08-18 22:31
Size: 000048640
Attributes: ---AC
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: 0
====== End of File: ======
========================= File: C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe ========================
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
File not signed
MD5: 37F7DD839A711B5706B1264F4D8D4BDC
Creation and modification date: 2015-12-30 13:27 - 2014-07-23 02:59
Size: 001360016
Attributes: ---RA
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: 0
====== End of File: ======
========================= File: C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe ========================
C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
File not signed
MD5: 58BF7714A312698108A96D0DE2BB6825
Creation and modification date: 2017-02-10 23:15 - 2013-03-07 23:07
Size: 000067584
Attributes: ----A
Company Name: CobianSoft, Luis Cobian
Internal Name: cbVSCService11.exe
Original Name: cbVSCService11.exe
Product: Cobian Backup Gravity
Description: Cobian Backup Gravity VSC Requester
File Version: 11.0.0.0
Product Version: 11.0.0.0
Copyright: Copyright © CobianSoft, Luis Cobian 2000-2011
VirusTotal: 0
====== End of File: ======
========================= File: C:\Program Files (x86)\Cobian Backup 11\cbService.exe ========================
C:\Program Files (x86)\Cobian Backup 11\cbService.exe
File not signed
MD5: 7EA8AC41A2E8426EC7079C44DBA1D254
Creation and modification date: 2017-02-10 23:15 - 2013-03-07 23:27
Size: 001131008
Attributes: ----A
Company Name: Luis Cobian, CobianSoft
Internal Name: Cobian Backup 11 Gravity
Original Name: cbService.exe
Product: Cobian Backup 11 Gravity
Description: Cobian Backup 11 Gravity - Service
File Version: 11.2.0.200
Product Version: 11.2.0.0
Copyright: © 2000-2012 Luis Cobian
VirusTotal: 0
====== End of File: ======
========================= File: C:\Program Files\Ferro Software\FtpUse\mounter.exe ========================
C:\Program Files\Ferro Software\FtpUse\mounter.exe
File not signed
MD5: 309148E6A081596EE9C1EA98DA4C9E5A
Creation and modification date: 2017-12-17 19:12 - 2011-02-04 17:01
Size: 000025088
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: 0
====== End of File: ======
========================= File: C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe ========================
C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
File not signed
MD5: 9CEE2BBB060DC4B7062BE4461774A7A0
Creation and modification date: 2018-08-23 13:42 - 2018-08-23 13:42
Size: 000190784
Attributes: ----A
Company Name:
Internal Name: DCSHOST
Original Name: HuaweiHiSuiteService.EXE
Product: HuaweiHiSuiteService
Description: HuaweiHiSuiteService
File Version: 2, 0, 0, 42
Product Version: 2, 0, 0, 42
Copyright: Copyright (C) 2008
VirusTotal: 0
====== End of File: ======
========================= File: C:\WINDOWS\system32\IProsetMonitor.exe ========================
C:\WINDOWS\system32\IProsetMonitor.exe
File not signed
MD5: F46D397155BAAB70BFA9D2E0941D5374
Creation and modification date: 2017-11-10 16:05 - 2017-11-10 16:05
Size: 000506368
Attributes: ----A
Company Name: Intel Corporation
Internal Name: Intel® PROSet Monitoring Service
Original Name: IPROSetMonitor.exe
Product: Intel® PROSet Monitoring Service
Description: Intel® PROSet Monitoring Service
File Version: 22, 10, 3, 0
Product Version: 22, 10, 3, 0
Copyright: Copyright (C) 2015 Intel Corporation. All rights reserved.
VirusTotal: 0
====== End of File: ======
========================= File: C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe ========================
C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
File not signed
MD5: 8213094EA736A9C575AB0E22AD09B0BA
Creation and modification date: 2015-05-19 09:11 - 2015-05-19 09:11
Size: 000335872
Attributes: ----A
Company Name: Intel Corporation
Internal Name: isa.exe
Original Name: isa.exe
Product: Intel(R) Security Assist
Description: Intel(R) Security Assist
File Version: 1.0.0.532
Product Version: 1.0.0.532
Copyright: Copyright © 2014
VirusTotal: 0
====== End of File: ======
========================= File: C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe ========================
C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
File not signed
MD5: 1DFC3CCA51785254C5604238BB1A5467
Creation and modification date: 2015-05-19 09:11 - 2015-05-19 09:11
Size: 000007680
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: 0
====== End of File: ======
========================= File: C:\WINDOWS\system32\ampa.sys ========================
C:\WINDOWS\system32\ampa.sys
File not signed
MD5: 091F08BCEE2AEDDC89070370552DFD34
Creation and modification date: 2016-02-28 20:21 - 2013-12-18 11:33
Size: 000017008
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: 0
====== End of File: ======
========================= File: C:\WINDOWS\SysWOW64\ampa.sys ========================
C:\WINDOWS\SysWOW64\ampa.sys
File not signed
MD5: 091F08BCEE2AEDDC89070370552DFD34
Creation and modification date: 2016-02-28 20:21 - 2013-12-18 11:33
Size: 000017008
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: 0
====== End of File: ======
========================= File: C:\WINDOWS\system32\pla.dll ========================
C:\WINDOWS\system32\pla.dll
File is digitally signed
MD5: 8ADDEE39782CBEB49B4C3A8E9AA2DF56
Creation and modification date: 2018-09-15 08:29 - 2018-09-15 08:29
Size: 001473024
Attributes: ----A
Company Name: Microsoft Corporation
Internal Name: PLA.DLL
Original Name: PLA.DLL
Product: Microsoft® Windows® Operating System
Description: Performance Logs & Alerts
File Version: 10.0.17763.1 (WinBuild.160101.0800)
Product Version: 10.0.17763.1
Copyright: © Microsoft Corporation. All rights reserved.
VirusTotal: 0
====== End of File: ======
========================= File: C:\Users\admin.TlapXX\AppData\Local\Vivaldi\Application\vivaldi.exe ========================
C:\Users\admin.TlapXX\AppData\Local\Vivaldi\Application\vivaldi.exe
File is digitally signed
MD5: 2DFE9E750A4F8E0AAF52C6BC90F7B87D
Creation and modification date: 2017-07-15 18:47 - 2017-07-11 19:26
Size: 000921720
Attributes: ----A
Company Name: Vivaldi Technologies AS
Internal Name: chrome_exe
Original Name: vivaldi.exe
Product: Vivaldi
Description: Vivaldi
File Version: 1.10.867.48
Product Version: 1.10.867.48
Copyright: Copyright 2017 Vivaldi Technologies AS. All rights reserved.
VirusTotal: 0
====== End of File: ======
================== ExportKey: ===================
[HKEY_USERS\S-1-5-21-813562695-3325033892-3013063695-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vivaldi]
"DisplayName"="Vivaldi"
"UninstallString"=""C:\Users\l\AppData\Local\Vivaldi\Application\2.1.1337.47\Installer\setup.exe" --uninstall --vivaldi"
"InstallLocation"="C:\Users\l\AppData\Local\Vivaldi\Application"
"DisplayIcon"="C:\Users\l\AppData\Local\Vivaldi\Application\vivaldi.exe,0"
"NoModify"="1"
"NoRepair"="1"
"Publisher"="Vivaldi"
"Version"="2.1.1337.47"
"DisplayVersion"="2.1.1337.47"
"InstallDate"="20160409"
"VersionMajor"="1337"
"VersionMinor"="47"
=== End of ExportKey ===
================== ExportKey: ===================
[HKEY_USERS\S-1-5-21-813562695-3325033892-3013063695-1006\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vivaldi]
"DisplayName"="Vivaldi"
"UninstallString"=""C:\Users\admin.TlapXX\AppData\Local\Vivaldi\Application\1.10.867.48\Installer\setup.exe" --uninstall --vivaldi"
"InstallLocation"="C:\Users\admin.TlapXX\AppData\Local\Vivaldi\Application"
"DisplayIcon"="C:\Users\admin.TlapXX\AppData\Local\Vivaldi\Application\vivaldi.exe,0"
"NoModify"="1"
"NoRepair"="1"
"Publisher"="Vivaldi"
"Version"="1.10.867.48"
"DisplayVersion"="1.10.867.48"
"InstallDate"="20170715"
"VersionMajor"="867"
"VersionMinor"="48"
=== End of ExportKey ===
================== ExportKey: ===================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony\Providers]
"NextProviderID"="5"
"NumProviders"="4"
"ProviderFileName0"="unimdm.tsp"
"ProviderFileName1"="kmddsp.tsp"
"ProviderID0"="1"
"ProviderID1"="2"
"ProviderID2"="3"
"ProviderID3"="4"
"ProviderFilename3"="hidphone.tsp"
=== End of ExportKey ===
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\UPS Assistant" => removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\*EmptyTemp" => removed successfully
"HKU\S-1-5-21-813562695-3325033892-3013063695-1006\Software\Microsoft\Windows\CurrentVersion\Run\\UPS Assistant" => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\apctray.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\uninstall.exe => removed successfully
C:\Users\l\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk => moved successfully
ShellIconOverlayIdentifiers-x32-x32-x32-x32-x32: [OODIIcon] -> {14A94384-BBED-47ed-86C0-6BF63FD892D0} => -> No File => Error: No automatic fix found for this entry.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0FB150CF-A560-4D09-BAD8-47BB890A3000}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0FB150CF-A560-4D09-BAD8-47BB890A3000}" => removed successfully
C:\WINDOWS\System32\Tasks\AdwCleaner_onReboot => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdwCleaner_onReboot" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 2104856 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 8390 B
Edge => 0 B
Chrome => 0 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 2708 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
l => 43016470 B
admin.TlapXX => 10280593 B
MSSQL$SQL12 => 0 B
WebDriverInstaller => 0 B
DefaultAppPool => 0 B
RecycleBin => 0 B
EmptyTemp: => 62.9 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 17:39:04 ====
Stiahni AdwCleaner: 
inspirováno samozřejmě vším co jsem vykoumal zde i jinde, přijímám drtivou kritiku!