VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Spomalenie, virus. FRST log

https://forum.viry.cz:443/viewtopic.php?t=156431

Stránka 1 z 1

Spomalenie, virus. FRST log

Napsal: 14 říj 2019 19:36
od kroenen2
Zdravím, určite nejaká škodlivina tu bude, po vložení prázdneho USB disku sa na ňom vytvoria nejaké divné súbory (*.*exe) a druhý systém ich okamžite po načítaní disku hodí do karantény.

--- ADW CLEANEROM PREČISTENÉ ---

FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-10-2019 02
Ran by riaditel (administrator) on MPCMPC-5VORJJFJ (Hewlett-Packard HP ProBook 4330s) (14-10-2019 20:11:57)
Running from C:\Users\riaditel\Desktop
Loaded Profiles: riaditel (Available Profiles: riaditel & učitel)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Users\riaditel\AppData\Roaming\Macromedia\svchost.exe
() [File not signed] C:\Users\riaditel\AppData\Roaming\Macromedia\svchost.exe
(Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Atheros Communications Inc. -> Atheros) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(DigitalPersona, Inc. -> DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(eIT Co., Ltd. and Xiroku Inc.) [File not signed] C:\Program Files (x86)\Hitachi Software Engineering\FX-DuoDriver\LSDRVA.exe
(Google Inc -> Google Inc.) C:\Users\riaditel\AppData\Local\Google\Update\GoogleUpdate.exe
(Google Inc -> Google Inc.) C:\Users\riaditel\AppData\Local\Google\Update\GoogleUpdate.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Macrovision Europe Ltd.) [File not signed] C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) [File not signed] C:\Users\riaditel\AppData\Roaming\Macromedia\dllhost32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DeviceDisplayObjectProvider.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wscript.exe
(Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Motorola Inc -> Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
(Motorola Inc -> Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\obexsrv.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\assistant\browser_assistant.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\assistant\browser_assistant.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Systweak Software -> Systweak Software) C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-05-27] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
HKLM\...\Run: [MicrosoftSearchIndexer] => "wscript.exe //E:vbscript C:\Users\riaditel\AppData\Roaming\MicrosoftSearchIndexer"
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2833504 2017-08-26] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files (x86)\Opera\assistant\browser_assistant.exe [2766360 2019-10-09] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-550839865-1085242704-628959683-1004\...\Run: [Google Update] => C:\Users\riaditel\AppData\Local\Google\Update\1.3.35.302\GoogleUpdateCore.exe [1107752 2019-10-03] (Google Inc -> Google LLC)
HKU\S-1-5-21-550839865-1085242704-628959683-1004\...\Run: [MicrosoftSearchIndexer] => "wscript.exe //E:vbscript C:\Users\riaditel\AppData\Roaming\MicrosoftSearchIndexer"
HKU\S-1-5-21-550839865-1085242704-628959683-1004\...\Run: [Google Update 12.3] => C:\Users\riaditel\AppData\Roaming\Macromedia\svchost.exe [2219008 2018-06-26] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-550839865-1085242704-628959683-1004\...\RunOnce: [Application Restart #2] => C:\Users\riaditel\AppData\Local\Google\Chrome\Application\chrome.exe [1531376 2019-09-18] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
HKLM\Software\...\Winlogon\GPExtensions: [{8D90E7E9-6F48-4e24-85E0-596C8E6C4639}] -> C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPCmsGPOClient.dll [2011-08-24] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
HKLM\Software\...\Winlogon\GPExtensions: [{D75A25CD-0CCA-4C3C-A5E6-94039CC03B72}] -> C:\Windows\system32\DPLic.dll [2011-08-24] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\StarBoard Light Sensor Driver.lnk [2012-05-21]
ShortcutTarget: StarBoard Light Sensor Driver.lnk -> C:\Program Files (x86)\Hitachi Software Engineering\FX-DuoDriver\LSDRVA.exe (eIT Co., Ltd. and Xiroku Inc.) [File not signed]

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2AA41659-FCD4-4CF5-8CE6-92693B8ACB7A} - System32\Tasks\ASO-OneClickCare => C:\Program Files (x86)\Advanced System Optimizer 3\ASO3.exe [3608464 2017-06-23] (Systweak Software -> Systweak Software)
Task: {33FA770B-F1E8-4236-8266-688D05355009} - System32\Tasks\MicrosoftSearchIndexer => wscript.exe //E:vbscript C:\Users\riaditel\AppData\Roaming\MicrosoftSearchIndexer
Task: {5465F91F-394F-4685-8944-571C128D6E6C} - System32\Tasks\ASO-AutoCheckUpdate7Days => C:\Program Files (x86)\Advanced System Optimizer 3\CheckUpdate.exe [3253648 2017-06-23] (Systweak Software -> Systweak Software)
Task: {55049452-B899-4ECE-AE4B-7D61F1B1C826} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-550839865-1085242704-628959683-1004UA => C:\Users\riaditel\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-07] (Google Inc -> Google Inc.)
Task: {5FE45A5D-6918-4EDC-ADA2-EA06F164023B} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_270_Plugin.exe [1457720 2019-10-12] (Adobe Inc. -> Adobe)
Task: {75E83BAC-E076-4FA0-A7EE-D2773C086314} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-550839865-1085242704-628959683-1004Core => C:\Users\riaditel\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-07] (Google Inc -> Google Inc.)
Task: {8E5C605B-F42D-4318-85B0-C0A2A6BB9806} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-10-12] (Adobe Inc. -> Adobe)
Task: {946EDBDD-0323-407B-A572-2791D4629232} - System32\Tasks\ASOService => C:\Program Files (x86)\Advanced System Optimizer 3\ASO3.exe [3608464 2017-06-23] (Systweak Software -> Systweak Software)
Task: {9CBAFF7A-29AB-4649-9944-B595EC52C9E9} - System32\Tasks\{34903FBF-0F00-460B-942B-F666EF91E286} => C:\Windows\system32\pcalua.exe -a "E:\01 Personal images\projekt 12k\drivers\Intel PROSet Extensions for Microsoft Windows 7 sp51589.exe" -d "E:\01 Personal images\projekt 12k\drivers"
Task: {AEDBEB2C-D98A-457A-A138-9FD8C9D30C6F} - System32\Tasks\Google Update 12.3 => C:\Users\riaditel\AppData\Roaming\Macromedia\svchost.exe [2219008 2018-06-26] () [File not signed] <==== ATTENTION
Task: {AEEEB0E7-08B8-4BFF-9984-4657F2A91A7B} - System32\Tasks\Opera scheduled assistant Autoupdate 1550340504 => C:\Program Files (x86)\Opera\launcher.exe [1348632 2019-10-04] (Opera Software AS -> Opera Software)
Task: {B284DD63-F455-4CDC-B94E-1DECCA480AF4} - System32\Tasks\Advanced System Optimizer => C:\Program Files (x86)\Advanced System Optimizer 3\ASO3.exe [3608464 2017-06-23] (Systweak Software -> Systweak Software) <==== ATTENTION
Task: {CC463D46-396E-438F-B39E-B489168BA456} - System32\Tasks\{F51E4ADE-DD88-4196-9957-C3692E8D89BC} => C:\Windows\system32\pcalua.exe -a "C:\Users\riaditel\Downloads\implugin (3).exe" -d C:\Users\riaditel\Downloads
Task: {E679D6EE-E35B-45B9-921D-8E0155B5C3C5} - System32\Tasks\Opera scheduled Autoupdate 1447931581 => C:\Program Files (x86)\Opera\launcher.exe [1348632 2019-10-04] (Opera Software AS -> Opera Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\ASO-AutoCheckUpdate7Days.job => C:\Program Files (x86)\Advanced System Optimizer 3\CheckUpdate.exe
Task: C:\Windows\Tasks\ASO-OneClickCare.job => C:\Program Files (x86)\Advanced System Optimizer 3\ASO3.exe
Task: C:\Windows\Tasks\ASOService.job => C:\Program Files (x86)\Advanced System Optimizer 3\ASO3.exe-checklastscanstatus C:\Program Files (x86)\Advanced System Optimizer 3\aso3.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{B2091D3B-B826-49A0-8592-02823FE08B01}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-550839865-1085242704-628959683-1004 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-550839865-1085242704-628959683-1004 -> {FEEB4A72-51B4-4CA9-8444-84423FF6E484} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-01-06] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
BHO-x32: Pomocník pri prihlasovaní v konte Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

FireFox:
========
FF ProfilePath: C:\Users\riaditel\AppData\Roaming\Mozilla\Firefox\Profiles\ofdca1dk.default-1481887113342 [2019-10-13]
FF Extension: (Seznam lištička) - C:\Users\riaditel\AppData\Roaming\Mozilla\Firefox\Profiles\ofdca1dk.default-1481887113342\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-05-11] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: (DigitalPersona Extension) - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2011-10-12] [Legacy] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_270.dll [2019-10-12] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_270.dll [2019-10-12] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-03-17] (VideoLAN) [File not signed]
FF Plugin HKU\S-1-5-21-550839865-1085242704-628959683-1004: @tools.google.com/Google Update;version=3 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-06-03] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-550839865-1085242704-628959683-1004: @tools.google.com/Google Update;version=9 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-06-03] (Google Inc -> Google LLC)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\riaditel\AppData\Local\Google\Chrome\User Data\Default [2019-10-13]
CHR Extension: (YouTube) - C:\Users\riaditel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-10]
CHR Extension: (Google Search) - C:\Users\riaditel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\riaditel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Gmail) - C:\Users\riaditel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-09-03]
CHR Extension: (Chrome Media Router) - C:\Users\riaditel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-10-13]
CHR Profile: C:\Users\riaditel\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-08-30]
CHR Profile: C:\Users\riaditel\AppData\Local\Google\Chrome\User Data\System Profile [2017-08-30]
StartMenuInternet: Google Chrome - C:\Users\riaditel\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft, Inc. -> ArcSoft Inc.)
R2 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [89600 2009-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation)
R2 ASO3DiskOptimizer; C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe [264080 2017-06-23] (Systweak Software -> Systweak Software)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-01-06] (Atheros Communications Inc. -> Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [53920 2011-01-06] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [486224 2011-08-24] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
S3 FLCDLOCK; C:\Windows\SysWOW64\flcdlock.exe [476728 2011-09-05] (Hewlett-Packard Company -> Hewlett-Packard Company)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2011-12-16] (Macrovision Europe Ltd.) [File not signed]
R3 FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [1028096 2011-12-16] (Macrovision Europe Ltd.) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [1698360 2011-07-06] (Hewlett-Packard Company -> Hewlett-Packard Company)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [301568 2011-05-27] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
S2 PdiService; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Accelerometer; C:\Windows\System32\DRIVERS\Accelerometer.sys [43840 2012-09-24] (Hewlett-Packard Company -> Hewlett-Packard Company)
S3 ATHDFU; C:\Windows\System32\Drivers\AthDfu.sys [51872 2011-01-06] (Atheros Communications Inc. -> Windows (R) Win 7 DDK provider)
S3 athr; C:\Windows\System32\DRIVERS\athrx.sys [2753536 2011-06-21] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
S3 BTMCOM; C:\Windows\System32\Drivers\btmcom.sys [52736 2010-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Motorola, Inc.)
S3 BTMHID; C:\Windows\system32\drivers\btmhid.sys [34176 2010-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Motorola, Inc.)
S3 BTMUSB; C:\Windows\System32\Drivers\btmusb.sys [486144 2011-02-08] (Microsoft Windows Hardware Compatibility Publisher -> Motorola Solutions, Inc.)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [64312 2011-08-22] (Hewlett-Packard Company -> Hewlett-Packard Company)
R0 hpdskflt; C:\Windows\System32\drivers\hpdskflt.sys [31040 2012-09-24] (Hewlett-Packard Company -> Hewlett-Packard Company)
R3 HpqKbFiltr; C:\Windows\System32\DRIVERS\HpqKbFiltr.sys [25912 2011-07-06] (Hewlett-Packard Company -> Hewlett-Packard Company)
S3 LSDRVA; C:\Windows\System32\Drivers\lsdrva.sys [46360 2009-12-08] (eIT Co., Ltd. -> eIT Co., Ltd. and Xiroku Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [180264 2016-02-04] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [91648 2011-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [208896 2011-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
S3 RTLE8023x64; C:\Windows\System32\DRIVERS\Rtenic64.sys [328808 2010-10-28] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation )
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [3709656 2015-01-06] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation )
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [2596448 2015-10-26] (Sonix Technology CO., LTD -> Sonix Tech. Co., Ltd.)
R3 StarBoardMT; C:\Windows\System32\DRIVERS\StarBoardMT.sys [27816 2010-06-29] (Hitachi Software Engineering Co., Ltd. -> Hitachi Software Engineering Co., Ltd.)
R3 STHDA; C:\Windows\System32\DRIVERS\stwrt64.sys [528384 2011-05-27] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-10-14 20:11 - 2019-10-14 20:15 - 000022372 _____ C:\Users\riaditel\Desktop\FRST.txt
2019-10-13 16:06 - 2019-10-13 19:16 - 000001664 _____ C:\Windows\system32\ASOROSet.bin
2019-10-13 16:05 - 2019-10-13 16:05 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2019-10-13 16:05 - 2015-10-26 11:32 - 002596448 _____ (Sonix Tech. Co., Ltd.) C:\Windows\system32\Drivers\snp2uvc.sys
2019-10-13 16:05 - 2015-10-26 11:32 - 000411240 _____ (Sonix Technology Co., Ltd.) C:\Windows\SysWOW64\rsnp2uvc.dll
2019-10-13 16:05 - 2015-10-26 11:32 - 000409696 _____ (Sonix Technology Co., Ltd.) C:\Windows\system32\rsnp2uvc.dll
2019-10-13 16:05 - 2015-10-26 11:32 - 000387688 _____ (Sonix Technology Co., Ltd.) C:\Windows\system32\vsnp2uvc.dll
2019-10-13 16:05 - 2015-10-26 11:32 - 000319072 _____ (Sonix Technology Co., Ltd.) C:\Windows\SysWOW64\vsnp2uvc.dll
2019-10-13 16:05 - 2015-10-26 11:32 - 000255072 _____ (Sonix Technology Co., Ltd.) C:\Windows\system32\SETC945.tmp
2019-10-13 16:05 - 2015-10-26 11:32 - 000035432 _____ () C:\Windows\snuvcdsm.exe
2019-10-13 15:58 - 2014-09-29 11:16 - 000454416 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
2019-10-13 10:27 - 2019-10-13 19:12 - 000000000 ____D C:\ProgramData\Intel
2019-10-13 10:27 - 2012-05-15 07:13 - 000144896 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll
2019-10-13 10:27 - 2012-05-15 07:13 - 000020992 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2019-10-13 10:27 - 2012-05-15 06:20 - 000104448 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelOpenCL32.dll
2019-10-13 10:27 - 2012-05-15 06:20 - 000017920 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2019-10-13 10:24 - 2015-06-04 22:21 - 005906536 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
2019-10-13 10:24 - 2015-06-04 22:21 - 000513640 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2019-10-13 10:24 - 2015-06-04 22:21 - 000444008 _____ (Intel Corporation) C:\Windows\system32\SETE03F.tmp
2019-10-13 10:24 - 2015-06-04 22:21 - 000401512 _____ (Intel Corporation) C:\Windows\system32\SETDA72.tmp
2019-10-13 10:24 - 2015-06-04 22:21 - 000280680 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2019-10-13 10:24 - 2015-06-04 22:21 - 000256616 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2019-10-13 10:24 - 2015-06-04 22:21 - 000187496 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2019-10-13 10:24 - 2015-06-04 22:21 - 000173672 _____ (Intel Corporation) C:\Windows\system32\SETDA23.tmp
2019-10-13 10:24 - 2015-06-04 22:20 - 000116224 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v4229.dll
2019-10-13 10:24 - 2015-05-26 21:02 - 005375448 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2019-10-13 10:24 - 2015-05-26 21:00 - 012694808 _____ (Intel Corporation) C:\Windows\system32\igdumd64.dll
2019-10-13 10:24 - 2015-05-26 21:00 - 011245520 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10umd32.dll
2019-10-13 10:24 - 2015-05-26 21:00 - 011117808 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumd32.dll
2019-10-13 10:24 - 2015-05-26 21:00 - 001049576 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2019-10-13 10:24 - 2015-05-26 21:00 - 000940360 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2019-10-13 10:24 - 2015-05-26 21:00 - 000530968 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2019-10-13 10:24 - 2015-05-26 21:00 - 000525800 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2019-10-13 10:24 - 2015-05-26 21:00 - 000220432 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2019-10-13 10:24 - 2015-05-26 21:00 - 000184352 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2019-10-13 10:24 - 2015-05-26 21:00 - 000031984 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2019-10-13 10:24 - 2015-05-26 21:00 - 000017082 _____ C:\Windows\system32\iglhxs64.vp
2019-10-13 10:24 - 2015-05-26 20:53 - 000101376 _____ C:\Windows\system32\igdde64.dll
2019-10-13 10:24 - 2015-05-26 20:53 - 000081408 _____ C:\Windows\SysWOW64\igdde32.dll
2019-10-13 10:24 - 2015-05-26 20:52 - 010811392 _____ (Intel Corporation) C:\Windows\SysWOW64\ig4icd32.dll
2019-10-13 10:24 - 2015-05-26 20:52 - 000442880 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2019-10-13 10:24 - 2015-05-26 20:52 - 000440320 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000439808 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000439808 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000438784 _____ (Intel Corporation) C:\Windows\system32\SETEB55.tmp
2019-10-13 10:24 - 2015-05-26 20:52 - 000438784 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000438784 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000438784 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000438784 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000438784 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000438784 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000438272 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000438272 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000438272 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000437760 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000437760 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000437760 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000437760 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000437760 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000437248 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000437248 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000435712 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000435712 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000432128 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000431104 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000429056 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000428544 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000410112 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2019-10-13 10:24 - 2015-05-26 20:52 - 000384512 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2019-10-13 10:24 - 2015-05-26 20:52 - 000330752 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2019-10-13 10:24 - 2015-05-26 20:52 - 000286208 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000223664 _____ C:\Windows\system32\Gfxres.th-TH.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000210106 _____ C:\Windows\system32\Gfxres.el-GR.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000194245 _____ C:\Windows\system32\Gfxres.ru-RU.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000175104 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2019-10-13 10:24 - 2015-05-26 20:52 - 000166170 _____ C:\Windows\system32\Gfxres.ar-SA.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000163421 _____ C:\Windows\system32\Gfxres.ja-JP.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000159008 _____ C:\Windows\system32\Gfxres.he-IL.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000149682 _____ C:\Windows\system32\Gfxres.it-IT.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000148042 _____ C:\Windows\system32\Gfxres.ko-KR.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000147393 _____ C:\Windows\system32\Gfxres.de-DE.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000147288 _____ C:\Windows\system32\Gfxres.es-ES.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000146004 _____ C:\Windows\system32\Gfxres.ro-RO.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000145491 _____ C:\Windows\system32\Gfxres.fr-FR.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000144645 _____ C:\Windows\system32\Gfxres.tr-TR.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000144260 _____ C:\Windows\system32\Gfxres.pt-BR.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000144020 _____ C:\Windows\system32\Gfxres.nl-NL.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000143932 _____ C:\Windows\system32\Gfxres.hu-HU.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000142882 _____ C:\Windows\system32\Gfxres.sv-SE.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000142877 _____ C:\Windows\system32\Gfxres.pt-PT.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000142717 _____ C:\Windows\system32\Gfxres.pl-PL.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000142336 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2019-10-13 10:24 - 2015-05-26 20:52 - 000142289 _____ C:\Windows\system32\Gfxres.cs-CZ.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000142008 _____ C:\Windows\system32\Gfxres.fi-FI.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000141838 _____ C:\Windows\system32\Gfxres.sk-SK.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000141049 _____ C:\Windows\system32\Gfxres.hr-HR.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000137889 _____ C:\Windows\system32\Gfxres.sl-SI.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000137784 _____ C:\Windows\system32\Gfxres.nb-NO.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000137141 _____ C:\Windows\system32\Gfxres.da-DK.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000132623 _____ C:\Windows\system32\Gfxres.en-US.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000126976 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2019-10-13 10:24 - 2015-05-26 20:52 - 000126300 _____ C:\Windows\system32\Gfxres.zh-TW.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000124650 _____ C:\Windows\system32\Gfxres.zh-CN.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000025088 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2019-10-13 10:24 - 2015-05-26 20:52 - 000009728 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2019-10-13 10:24 - 2015-05-26 20:52 - 000000268 _____ C:\Windows\system32\GfxUI.exe.config
2019-10-13 10:24 - 2015-05-26 20:51 - 013028864 _____ (Intel Corporation) C:\Windows\system32\ig4icd64.dll
2019-10-13 10:24 - 2015-05-26 20:50 - 003511296 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2019-10-13 10:24 - 2015-05-26 20:50 - 003121152 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2019-10-13 10:24 - 2015-05-26 20:50 - 000963452 _____ C:\Windows\SysWOW64\igcodeckrng600.bin
2019-10-13 10:24 - 2015-05-26 20:50 - 000963452 _____ C:\Windows\system32\igcodeckrng600.bin
2019-10-13 10:24 - 2015-05-26 20:50 - 000575488 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll
2019-10-13 10:24 - 2015-05-26 20:50 - 000542720 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll
2019-10-13 10:24 - 2015-05-26 20:50 - 000272928 _____ C:\Windows\SysWOW64\igvpkrng600.bin
2019-10-13 10:24 - 2015-05-26 20:50 - 000272928 _____ C:\Windows\system32\igvpkrng600.bin
2019-10-13 10:24 - 2015-05-26 20:50 - 000059425 _____ C:\Windows\system32\iglhxo64.vp
2019-10-13 10:24 - 2015-05-26 20:50 - 000059398 _____ C:\Windows\system32\iglhxg64.vp
2019-10-13 10:24 - 2015-05-26 20:50 - 000059230 _____ C:\Windows\system32\iglhxc64.vp
2019-10-13 10:24 - 2015-05-26 20:50 - 000059104 _____ C:\Windows\system32\iglhxc64_dev.vp
2019-10-13 10:24 - 2015-05-26 20:50 - 000058796 _____ C:\Windows\system32\iglhxg64_dev.vp
2019-10-13 10:24 - 2015-05-26 20:50 - 000058109 _____ C:\Windows\system32\iglhxo64_dev.vp
2019-10-13 10:24 - 2012-10-02 09:34 - 000016896 _____ (Intel(R) Corporation) C:\Windows\system32\IntcDAuC.dll
2019-10-13 10:23 - 2019-10-13 16:06 - 000000000 ____D C:\temp
2019-10-13 09:40 - 2019-10-13 09:40 - 000000000 ____D C:\Users\riaditel\AppData\Roaming\Systweak
2019-10-13 09:39 - 2019-10-13 19:18 - 000000466 _____ C:\Windows\Tasks\ASO-AutoCheckUpdate7Days.job
2019-10-13 09:39 - 2019-10-13 19:18 - 000000436 _____ C:\Windows\Tasks\ASO-OneClickCare.job
2019-10-13 09:39 - 2019-10-13 09:39 - 000003342 _____ C:\Windows\system32\Tasks\ASO-AutoCheckUpdate7Days
2019-10-13 09:39 - 2019-10-13 09:39 - 000003312 _____ C:\Windows\system32\Tasks\ASO-OneClickCare
2019-10-13 09:38 - 2019-10-14 20:09 - 000003158 _____ C:\Windows\system32\Tasks\Advanced System Optimizer
2019-10-13 09:38 - 2019-10-13 15:58 - 000000464 _____ C:\Windows\Tasks\ASOService.job
2019-10-13 09:38 - 2019-10-13 09:41 - 000000000 ____D C:\Program Files (x86)\Advanced System Optimizer 3
2019-10-13 09:38 - 2019-10-13 09:38 - 000002990 _____ C:\Windows\system32\Tasks\ASOService
2019-10-13 09:38 - 2019-10-13 09:38 - 000001500 _____ C:\Users\Public\Desktop\Smart PC Care.lnk
2019-10-13 09:38 - 2019-10-13 09:38 - 000001500 _____ C:\ProgramData\Desktop\Smart PC Care.lnk
2019-10-13 09:38 - 2019-10-13 09:38 - 000001468 _____ C:\Users\Public\Desktop\Advanced System Optimizer.lnk
2019-10-13 09:38 - 2019-10-13 09:38 - 000001468 _____ C:\ProgramData\Desktop\Advanced System Optimizer.lnk
2019-10-13 09:38 - 2019-10-13 09:38 - 000000000 ____D C:\ProgramData\Systweak
2019-10-13 09:38 - 2019-10-13 09:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3
2019-10-13 09:38 - 2017-06-23 15:43 - 000019344 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot64.exe
2019-10-13 09:38 - 2015-03-17 11:02 - 000016896 _____ C:\Windows\system32\sasnative64.exe
2019-10-13 09:10 - 2019-10-13 09:10 - 000000000 ____D C:\Windows\system32\appmgmt
2019-10-12 22:19 - 2019-10-13 09:06 - 000000000 ____D C:\Users\riaditel\AppData\Roaming\CrystalIdea Software
2019-10-12 22:19 - 2019-10-13 09:06 - 000000000 ____D C:\Program Files\Uninstall Tool
2019-10-12 22:18 - 2019-10-12 22:18 - 000000000 ____D C:\Users\riaditel\AppData\Roaming\WinRAR
2019-10-12 22:18 - 2016-10-15 23:59 - 004003240 _____ (CrystalIdea Software ) C:\Users\riaditel\Desktop\uninstalltool_setup.exe
2019-10-12 22:15 - 2019-10-12 22:15 - 000000690 _____ C:\Users\riaditel\Desktop\SCHOOOL.lnk
2019-10-12 22:15 - 2019-10-12 22:15 - 000000681 _____ C:\Users\riaditel\Desktop\SCHOOL.lnk
2019-10-12 22:13 - 2019-10-12 22:13 - 000000000 ____D C:\Users\riaditel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-10-12 22:13 - 2019-10-12 22:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-10-12 22:12 - 2019-10-12 22:13 - 000000000 ____D C:\Program Files\WinRAR
2019-10-12 22:09 - 2019-10-14 20:14 - 000000000 ____D C:\FRST
2019-10-12 21:02 - 2019-10-12 22:09 - 001616384 _____ (Farbar) C:\Users\riaditel\Desktop\FRST64.exe
2019-10-03 20:44 - 2019-10-12 21:05 - 000004064 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1550340504
2019-10-03 20:44 - 2019-10-03 20:44 - 001663040 _____ (Malwarebytes) C:\Users\riaditel\Desktop\JRT.exe
2019-10-03 20:40 - 2019-10-03 20:53 - 000000798 _____ C:\runcheck.txt
2019-10-03 20:39 - 2019-10-03 20:39 - 000000000 ____D C:\zoek_backup
2019-10-03 20:37 - 2019-10-03 20:38 - 002038755 _____ C:\Users\riaditel\Desktop\zoek.exe
2019-10-03 20:13 - 2019-10-03 20:17 - 000000000 ____D C:\AdwCleaner
2019-10-03 20:12 - 2019-10-03 20:12 - 007636680 _____ (Malwarebytes) C:\Users\riaditel\Desktop\adwcleaner_7.4.1.exe
2019-10-03 19:53 - 2019-10-03 19:54 - 000000000 ____D C:\Program Files (x86)\GUMBE6E.tmp

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-10-14 20:15 - 2009-07-14 06:45 - 000009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-10-14 20:15 - 2009-07-14 06:45 - 000009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-10-14 20:09 - 2012-06-15 22:40 - 000000000 ____D C:\Users\riaditel\AppData\Local\CrashDumps
2019-10-14 20:09 - 2011-10-12 16:28 - 000015456 _____ C:\Windows\system32\results.xml
2019-10-14 20:07 - 2012-05-18 10:22 - 000000000 ____D C:\Users\riaditel
2019-10-13 19:25 - 2009-07-14 07:13 - 000786174 _____ C:\Windows\system32\PerfStringBackup.INI
2019-10-13 19:25 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-10-13 19:18 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-10-13 19:16 - 2009-07-14 04:34 - 090963968 _____ C:\Windows\system32\config\SOFTWARE.bak
2019-10-13 19:16 - 2009-07-14 04:34 - 019660800 _____ C:\Windows\system32\config\SYSTEM.bak
2019-10-13 19:16 - 2009-07-14 04:34 - 000262144 _____ C:\Windows\system32\config\SECURITY.bak
2019-10-13 19:12 - 2011-10-12 17:52 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2019-10-13 19:12 - 2009-07-14 04:34 - 000262144 _____ C:\Windows\system32\config\SAM.bak
2019-10-13 16:06 - 2013-05-07 11:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ziacik v3.1
2019-10-13 16:00 - 2011-10-12 17:39 - 000000000 ____D C:\Program Files\Hewlett-Packard
2019-10-13 10:28 - 2011-10-12 16:30 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2019-10-13 10:27 - 2011-10-12 16:26 - 000000000 ____D C:\Program Files (x86)\Intel
2019-10-13 10:24 - 2011-10-12 16:26 - 000000000 ____D C:\Intel
2019-10-13 09:56 - 2011-10-13 02:13 - 000000000 ____D C:\Windows\Panther
2019-10-13 09:15 - 2012-06-18 01:17 - 000770484 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-10-13 09:13 - 2015-06-01 13:44 - 000000000 ____D C:\Windows\system32\MRT
2019-10-13 09:10 - 2011-10-13 06:35 - 000000000 ____D C:\ProgramData\Adobe
2019-10-13 09:08 - 2011-10-12 21:16 - 127230528 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-10-12 22:54 - 2011-10-12 20:30 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-10-12 21:14 - 2018-03-14 15:15 - 000004482 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2019-10-12 21:14 - 2012-06-14 23:31 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-10-12 21:14 - 2012-06-14 23:31 - 000004312 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2019-10-12 21:14 - 2011-10-12 20:30 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-10-12 21:14 - 2011-10-12 20:30 - 000000000 ____D C:\Windows\system32\Macromed
2019-10-12 21:08 - 2015-11-19 13:13 - 000003872 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1447931581
2019-10-12 21:08 - 2015-11-19 13:11 - 000000000 ____D C:\Program Files (x86)\Opera
2019-10-04 01:10 - 2012-05-18 21:29 - 000002392 _____ C:\Users\riaditel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-10-03 20:02 - 2012-05-18 21:27 - 000003552 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-550839865-1085242704-628959683-1004UA
2019-10-03 20:02 - 2012-05-18 21:27 - 000003280 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-550839865-1085242704-628959683-1004Core
2019-10-03 19:54 - 2015-06-01 09:15 - 000000000 ____D C:\Program Files (x86)\Google

==================== Files in the root of some directories ================

2012-05-23 07:22 - 2010-09-20 15:55 - 001550311 ____R () C:\Program Files (x86)\MANUAL.pdf
2012-05-23 07:22 - 2010-09-16 15:10 - 004629424 ____R (SILCOM Multimedia) C:\Program Files (x86)\Vš_vidiek.exe
2012-05-23 07:22 - 2010-09-03 10:14 - 002202336 ____R () C:\Program Files (x86)\Vš_vidiek.swf
2016-03-15 15:27 - 2016-03-15 15:27 - 000000427 _____ () C:\Program Files (x86)\Common Files\eInstruction.ini
2017-06-13 19:20 - 2017-03-19 14:39 - 000095604 ___SH () C:\Users\riaditel\AppData\Roaming\MicrosoftSearchIndexer

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-09-04 07:57
==================== End of FRST.txt ============================

Re: Spomalenie, virus. FRST log

Napsal: 14 říj 2019 19:52
od Rudy
Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: Spomalenie, virus. FRST log

Napsal: 14 říj 2019 20:12
od kroenen2
# -------------------------------
# Malwarebytes AdwCleaner 7.4.1.0
# -------------------------------
# Build: 09-05-2019
# Database: 2019-10-14.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-14-2019
# Duration: 00:00:07
# OS: Windows 7 Professional
# Cleaned: 41
# Failed: 0


***** [ Services ] *****

Deleted ASO3DiskOptimizer

***** [ Folders ] *****

Deleted C:\Program Files (x86)\advanced system optimizer 3
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\advanced system optimizer 3
Deleted C:\ProgramData\Systweak
Deleted C:\Users\riaditel\AppData\Roaming\Systweak

***** [ Files ] *****

Deleted C:\Users\Public\Desktop\Advanced System Optimizer.lnk
Deleted C:\Users\Public\Desktop\Smart PC Care.lnk
Deleted C:\Users\riaditel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Advanced System Optimizer.lnk
Deleted C:\Windows\System32\roboot64.exe
Deleted C:\Windows\System32\sasnative64.exe

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\ADVANCED SYSTEM OPTIMIZER
Deleted C:\Windows\System32\Tasks\ASO-AUTOCHECKUPDATE7DAYS
Deleted C:\Windows\System32\Tasks\ASO-ONECLICKCARE
Deleted C:\Windows\System32\Tasks\ASOSERVICE
Deleted C:\Windows\Tasks\ASO-AUTOCHECKUPDATE7DAYS.JOB
Deleted C:\Windows\Tasks\ASO-ONECLICKCARE.JOB
Deleted C:\Windows\Tasks\ASOSERVICE.JOB

***** [ Registry ] *****

Deleted HKCU\Software\systweak
Deleted HKLM\SOFTWARE\Classes\AppID\SecureShell.dll
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2AA41659-FCD4-4CF5-8CE6-92693B8ACB7A}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5465F91F-394F-4685-8944-571C128D6E6C}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{946EDBDD-0323-407B-A572-2791D4629232}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2AA41659-FCD4-4CF5-8CE6-92693B8ACB7A}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5465F91F-394F-4685-8944-571C128D6E6C}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{946EDBDD-0323-407B-A572-2791D4629232}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B284DD63-F455-4CDC-B94E-1DECCA480AF4}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASO-AutoCheckUpdate7Days
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASO-OneClickCare
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASOService
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Advanced System Optimizer
Deleted HKLM\Software\Classes\ASO3_JUMP_LIST
Deleted HKLM\Software\Classes\Interface\{C99650F6-688D-4BAB-86E4-BC045EF0FFBF}
Deleted HKLM\Software\Classes\TypeLib\{2A03A149-3CD3-429D-B4A4-28D9D2974874}
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\SecureShell.dll
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{B0F3F4F9-CB76-9A52-9442-B481A5FF49D3}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{D23C3BA7-6DC3-4DDF-9BDF-12599E852A40}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{C99650F6-688D-4BAB-86E4-BC045EF0FFBF}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{2A03A149-3CD3-429D-B4A4-28D9D2974874}
Deleted HKLM\Software\Wow6432Node\systweak

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted Softonic EN
Deleted Softonic EN

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner_Debug.log - [60691 octets] - [03/10/2019 20:13:19]
AdwCleaner[S00].txt - [2741 octets] - [03/10/2019 20:16:13]
AdwCleaner[C00].txt - [2687 octets] - [03/10/2019 20:18:19]
AdwCleaner[S01].txt - [1573 octets] - [12/10/2019 21:16:00]
AdwCleaner[C01].txt - [1723 octets] - [12/10/2019 21:16:19]
AdwCleaner[S02].txt - [5543 octets] - [14/10/2019 20:57:56]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########

Re: Spomalenie, virus. FRST log

Napsal: 14 říj 2019 20:55
od Rudy
Jj, viry tam byly. Nyní dejte nové logy FRST+Addition.

Re: Spomalenie, virus. FRST log

Napsal: 14 říj 2019 21:08
od kroenen2
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-10-2019 02
Ran by riaditel (administrator) on MPCMPC-5VORJJFJ (Hewlett-Packard HP ProBook 4330s) (14-10-2019 22:06:46)
Running from C:\Users\riaditel\Desktop
Loaded Profiles: riaditel (Available Profiles: riaditel & učitel)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Users\riaditel\AppData\Roaming\Macromedia\svchost.exe
() [File not signed] C:\Users\riaditel\AppData\Roaming\Macromedia\svchost.exe
(Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Atheros Communications Inc. -> Atheros) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(DigitalPersona, Inc. -> DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(eIT Co., Ltd. and Xiroku Inc.) [File not signed] C:\Program Files (x86)\Hitachi Software Engineering\FX-DuoDriver\LSDRVA.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Macrovision Europe Ltd.) [File not signed] C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) [File not signed] C:\Users\riaditel\AppData\Roaming\Macromedia\dllhost32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wscript.exe
(Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Motorola Inc -> Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
(Motorola Inc -> Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\obexsrv.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\assistant\browser_assistant.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\assistant\browser_assistant.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-05-27] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
HKLM\...\Run: [MicrosoftSearchIndexer] => "wscript.exe //E:vbscript C:\Users\riaditel\AppData\Roaming\MicrosoftSearchIndexer"
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2833504 2017-08-26] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files (x86)\Opera\assistant\browser_assistant.exe [2766360 2019-10-09] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-550839865-1085242704-628959683-1004\...\Run: [Google Update] => C:\Users\riaditel\AppData\Local\Google\Update\1.3.35.302\GoogleUpdateCore.exe [1107752 2019-10-03] (Google Inc -> Google LLC)
HKU\S-1-5-21-550839865-1085242704-628959683-1004\...\Run: [MicrosoftSearchIndexer] => "wscript.exe //E:vbscript C:\Users\riaditel\AppData\Roaming\MicrosoftSearchIndexer"
HKU\S-1-5-21-550839865-1085242704-628959683-1004\...\Run: [Google Update 12.3] => C:\Users\riaditel\AppData\Roaming\Macromedia\svchost.exe [2219008 2018-06-26] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-550839865-1085242704-628959683-1004\...\RunOnce: [Application Restart #2] => C:\Users\riaditel\AppData\Local\Google\Chrome\Application\chrome.exe [1531376 2019-09-18] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
HKLM\Software\...\Winlogon\GPExtensions: [{8D90E7E9-6F48-4e24-85E0-596C8E6C4639}] -> C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPCmsGPOClient.dll [2011-08-24] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
HKLM\Software\...\Winlogon\GPExtensions: [{D75A25CD-0CCA-4C3C-A5E6-94039CC03B72}] -> C:\Windows\system32\DPLic.dll [2011-08-24] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\StarBoard Light Sensor Driver.lnk [2012-05-21]
ShortcutTarget: StarBoard Light Sensor Driver.lnk -> C:\Program Files (x86)\Hitachi Software Engineering\FX-DuoDriver\LSDRVA.exe (eIT Co., Ltd. and Xiroku Inc.) [File not signed]

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {33FA770B-F1E8-4236-8266-688D05355009} - System32\Tasks\MicrosoftSearchIndexer => wscript.exe //E:vbscript C:\Users\riaditel\AppData\Roaming\MicrosoftSearchIndexer
Task: {55049452-B899-4ECE-AE4B-7D61F1B1C826} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-550839865-1085242704-628959683-1004UA => C:\Users\riaditel\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-07] (Google Inc -> Google Inc.)
Task: {5FE45A5D-6918-4EDC-ADA2-EA06F164023B} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_270_Plugin.exe [1457720 2019-10-12] (Adobe Inc. -> Adobe)
Task: {75E83BAC-E076-4FA0-A7EE-D2773C086314} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-550839865-1085242704-628959683-1004Core => C:\Users\riaditel\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-07] (Google Inc -> Google Inc.)
Task: {8E5C605B-F42D-4318-85B0-C0A2A6BB9806} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-10-12] (Adobe Inc. -> Adobe)
Task: {9CBAFF7A-29AB-4649-9944-B595EC52C9E9} - System32\Tasks\{34903FBF-0F00-460B-942B-F666EF91E286} => C:\Windows\system32\pcalua.exe -a "E:\01 Personal images\projekt 12k\drivers\Intel PROSet Extensions for Microsoft Windows 7 sp51589.exe" -d "E:\01 Personal images\projekt 12k\drivers"
Task: {AEDBEB2C-D98A-457A-A138-9FD8C9D30C6F} - System32\Tasks\Google Update 12.3 => C:\Users\riaditel\AppData\Roaming\Macromedia\svchost.exe [2219008 2018-06-26] () [File not signed] <==== ATTENTION
Task: {AEEEB0E7-08B8-4BFF-9984-4657F2A91A7B} - System32\Tasks\Opera scheduled assistant Autoupdate 1550340504 => C:\Program Files (x86)\Opera\launcher.exe [1348632 2019-10-04] (Opera Software AS -> Opera Software)
Task: {CC463D46-396E-438F-B39E-B489168BA456} - System32\Tasks\{F51E4ADE-DD88-4196-9957-C3692E8D89BC} => C:\Windows\system32\pcalua.exe -a "C:\Users\riaditel\Downloads\implugin (3).exe" -d C:\Users\riaditel\Downloads
Task: {E679D6EE-E35B-45B9-921D-8E0155B5C3C5} - System32\Tasks\Opera scheduled Autoupdate 1447931581 => C:\Program Files (x86)\Opera\launcher.exe [1348632 2019-10-04] (Opera Software AS -> Opera Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{B2091D3B-B826-49A0-8592-02823FE08B01}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-550839865-1085242704-628959683-1004 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-550839865-1085242704-628959683-1004 -> {FEEB4A72-51B4-4CA9-8444-84423FF6E484} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-01-06] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
BHO-x32: Pomocník pri prihlasovaní v konte Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

FireFox:
========
FF ProfilePath: C:\Users\riaditel\AppData\Roaming\Mozilla\Firefox\Profiles\ofdca1dk.default-1481887113342 [2019-10-13]
FF Extension: (Seznam lištička) - C:\Users\riaditel\AppData\Roaming\Mozilla\Firefox\Profiles\ofdca1dk.default-1481887113342\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-05-11] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: (DigitalPersona Extension) - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2011-10-12] [Legacy] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_270.dll [2019-10-12] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_270.dll [2019-10-12] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-03-17] (VideoLAN) [File not signed]
FF Plugin HKU\S-1-5-21-550839865-1085242704-628959683-1004: @tools.google.com/Google Update;version=3 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-06-03] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-550839865-1085242704-628959683-1004: @tools.google.com/Google Update;version=9 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-06-03] (Google Inc -> Google LLC)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\riaditel\AppData\Local\Google\Chrome\User Data\Default [2019-10-14]
CHR Extension: (YouTube) - C:\Users\riaditel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-10]
CHR Extension: (Google Search) - C:\Users\riaditel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\riaditel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Gmail) - C:\Users\riaditel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-09-03]
CHR Extension: (Chrome Media Router) - C:\Users\riaditel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-10-13]
CHR Profile: C:\Users\riaditel\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-08-30]
CHR Profile: C:\Users\riaditel\AppData\Local\Google\Chrome\User Data\System Profile [2017-08-30]
StartMenuInternet: Google Chrome - C:\Users\riaditel\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft, Inc. -> ArcSoft Inc.)
R2 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [89600 2009-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-01-06] (Atheros Communications Inc. -> Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [53920 2011-01-06] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [486224 2011-08-24] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
S3 FLCDLOCK; C:\Windows\SysWOW64\flcdlock.exe [476728 2011-09-05] (Hewlett-Packard Company -> Hewlett-Packard Company)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2011-12-16] (Macrovision Europe Ltd.) [File not signed]
R3 FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [1028096 2011-12-16] (Macrovision Europe Ltd.) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [1698360 2011-07-06] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [301568 2011-05-27] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
S2 PdiService; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Accelerometer; C:\Windows\System32\DRIVERS\Accelerometer.sys [43840 2012-09-24] (Hewlett-Packard Company -> Hewlett-Packard Company)
S3 ATHDFU; C:\Windows\System32\Drivers\AthDfu.sys [51872 2011-01-06] (Atheros Communications Inc. -> Windows (R) Win 7 DDK provider)
S3 athr; C:\Windows\System32\DRIVERS\athrx.sys [2753536 2011-06-21] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
S3 BTMCOM; C:\Windows\System32\Drivers\btmcom.sys [52736 2010-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Motorola, Inc.)
S3 BTMHID; C:\Windows\system32\drivers\btmhid.sys [34176 2010-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Motorola, Inc.)
S3 BTMUSB; C:\Windows\System32\Drivers\btmusb.sys [486144 2011-02-08] (Microsoft Windows Hardware Compatibility Publisher -> Motorola Solutions, Inc.)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [64312 2011-08-22] (Hewlett-Packard Company -> Hewlett-Packard Company)
R0 hpdskflt; C:\Windows\System32\drivers\hpdskflt.sys [31040 2012-09-24] (Hewlett-Packard Company -> Hewlett-Packard Company)
R3 HpqKbFiltr; C:\Windows\System32\DRIVERS\HpqKbFiltr.sys [25912 2011-07-06] (Hewlett-Packard Company -> Hewlett-Packard Company)
S3 LSDRVA; C:\Windows\System32\Drivers\lsdrva.sys [46360 2009-12-08] (eIT Co., Ltd. -> eIT Co., Ltd. and Xiroku Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [180264 2016-02-04] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [91648 2011-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [208896 2011-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
S3 RTLE8023x64; C:\Windows\System32\DRIVERS\Rtenic64.sys [328808 2010-10-28] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation )
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [3709656 2015-01-06] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation )
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [2596448 2015-10-26] (Sonix Technology CO., LTD -> Sonix Tech. Co., Ltd.)
R3 StarBoardMT; C:\Windows\System32\DRIVERS\StarBoardMT.sys [27816 2010-06-29] (Hitachi Software Engineering Co., Ltd. -> Hitachi Software Engineering Co., Ltd.)
R3 STHDA; C:\Windows\System32\DRIVERS\stwrt64.sys [528384 2011-05-27] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-10-14 20:32 - 2019-10-14 20:32 - 000010576 _____ C:\Users\riaditel\Desktop\Addition.zip
2019-10-14 20:11 - 2019-10-14 22:07 - 000020213 _____ C:\Users\riaditel\Desktop\FRST.txt
2019-10-13 16:06 - 2019-10-13 19:16 - 000001664 _____ C:\Windows\system32\ASOROSet.bin
2019-10-13 16:05 - 2019-10-13 16:05 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2019-10-13 16:05 - 2015-10-26 11:32 - 002596448 _____ (Sonix Tech. Co., Ltd.) C:\Windows\system32\Drivers\snp2uvc.sys
2019-10-13 16:05 - 2015-10-26 11:32 - 000411240 _____ (Sonix Technology Co., Ltd.) C:\Windows\SysWOW64\rsnp2uvc.dll
2019-10-13 16:05 - 2015-10-26 11:32 - 000409696 _____ (Sonix Technology Co., Ltd.) C:\Windows\system32\rsnp2uvc.dll
2019-10-13 16:05 - 2015-10-26 11:32 - 000387688 _____ (Sonix Technology Co., Ltd.) C:\Windows\system32\vsnp2uvc.dll
2019-10-13 16:05 - 2015-10-26 11:32 - 000319072 _____ (Sonix Technology Co., Ltd.) C:\Windows\SysWOW64\vsnp2uvc.dll
2019-10-13 16:05 - 2015-10-26 11:32 - 000255072 _____ (Sonix Technology Co., Ltd.) C:\Windows\system32\SETC945.tmp
2019-10-13 16:05 - 2015-10-26 11:32 - 000035432 _____ () C:\Windows\snuvcdsm.exe
2019-10-13 15:58 - 2014-09-29 11:16 - 000454416 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
2019-10-13 10:27 - 2019-10-13 19:12 - 000000000 ____D C:\ProgramData\Intel
2019-10-13 10:27 - 2012-05-15 07:13 - 000144896 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll
2019-10-13 10:27 - 2012-05-15 07:13 - 000020992 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2019-10-13 10:27 - 2012-05-15 06:20 - 000104448 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelOpenCL32.dll
2019-10-13 10:27 - 2012-05-15 06:20 - 000017920 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2019-10-13 10:24 - 2015-06-04 22:21 - 005906536 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
2019-10-13 10:24 - 2015-06-04 22:21 - 000513640 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2019-10-13 10:24 - 2015-06-04 22:21 - 000444008 _____ (Intel Corporation) C:\Windows\system32\SETE03F.tmp
2019-10-13 10:24 - 2015-06-04 22:21 - 000401512 _____ (Intel Corporation) C:\Windows\system32\SETDA72.tmp
2019-10-13 10:24 - 2015-06-04 22:21 - 000280680 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2019-10-13 10:24 - 2015-06-04 22:21 - 000256616 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2019-10-13 10:24 - 2015-06-04 22:21 - 000187496 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2019-10-13 10:24 - 2015-06-04 22:21 - 000173672 _____ (Intel Corporation) C:\Windows\system32\SETDA23.tmp
2019-10-13 10:24 - 2015-06-04 22:20 - 000116224 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v4229.dll
2019-10-13 10:24 - 2015-05-26 21:02 - 005375448 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2019-10-13 10:24 - 2015-05-26 21:00 - 012694808 _____ (Intel Corporation) C:\Windows\system32\igdumd64.dll
2019-10-13 10:24 - 2015-05-26 21:00 - 011245520 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10umd32.dll
2019-10-13 10:24 - 2015-05-26 21:00 - 011117808 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumd32.dll
2019-10-13 10:24 - 2015-05-26 21:00 - 001049576 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2019-10-13 10:24 - 2015-05-26 21:00 - 000940360 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2019-10-13 10:24 - 2015-05-26 21:00 - 000530968 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2019-10-13 10:24 - 2015-05-26 21:00 - 000525800 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2019-10-13 10:24 - 2015-05-26 21:00 - 000220432 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2019-10-13 10:24 - 2015-05-26 21:00 - 000184352 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2019-10-13 10:24 - 2015-05-26 21:00 - 000031984 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2019-10-13 10:24 - 2015-05-26 21:00 - 000017082 _____ C:\Windows\system32\iglhxs64.vp
2019-10-13 10:24 - 2015-05-26 20:53 - 000101376 _____ C:\Windows\system32\igdde64.dll
2019-10-13 10:24 - 2015-05-26 20:53 - 000081408 _____ C:\Windows\SysWOW64\igdde32.dll
2019-10-13 10:24 - 2015-05-26 20:52 - 010811392 _____ (Intel Corporation) C:\Windows\SysWOW64\ig4icd32.dll
2019-10-13 10:24 - 2015-05-26 20:52 - 000442880 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2019-10-13 10:24 - 2015-05-26 20:52 - 000440320 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000439808 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000439808 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000438784 _____ (Intel Corporation) C:\Windows\system32\SETEB55.tmp
2019-10-13 10:24 - 2015-05-26 20:52 - 000438784 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000438784 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000438784 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000438784 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000438784 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000438784 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000438272 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000438272 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000438272 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000437760 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000437760 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000437760 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000437760 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000437760 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000437248 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000437248 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000435712 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000435712 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000432128 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000431104 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000429056 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000428544 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000410112 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2019-10-13 10:24 - 2015-05-26 20:52 - 000384512 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2019-10-13 10:24 - 2015-05-26 20:52 - 000330752 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2019-10-13 10:24 - 2015-05-26 20:52 - 000286208 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2019-10-13 10:24 - 2015-05-26 20:52 - 000223664 _____ C:\Windows\system32\Gfxres.th-TH.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000210106 _____ C:\Windows\system32\Gfxres.el-GR.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000194245 _____ C:\Windows\system32\Gfxres.ru-RU.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000175104 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2019-10-13 10:24 - 2015-05-26 20:52 - 000166170 _____ C:\Windows\system32\Gfxres.ar-SA.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000163421 _____ C:\Windows\system32\Gfxres.ja-JP.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000159008 _____ C:\Windows\system32\Gfxres.he-IL.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000149682 _____ C:\Windows\system32\Gfxres.it-IT.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000148042 _____ C:\Windows\system32\Gfxres.ko-KR.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000147393 _____ C:\Windows\system32\Gfxres.de-DE.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000147288 _____ C:\Windows\system32\Gfxres.es-ES.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000146004 _____ C:\Windows\system32\Gfxres.ro-RO.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000145491 _____ C:\Windows\system32\Gfxres.fr-FR.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000144645 _____ C:\Windows\system32\Gfxres.tr-TR.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000144260 _____ C:\Windows\system32\Gfxres.pt-BR.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000144020 _____ C:\Windows\system32\Gfxres.nl-NL.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000143932 _____ C:\Windows\system32\Gfxres.hu-HU.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000142882 _____ C:\Windows\system32\Gfxres.sv-SE.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000142877 _____ C:\Windows\system32\Gfxres.pt-PT.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000142717 _____ C:\Windows\system32\Gfxres.pl-PL.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000142336 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2019-10-13 10:24 - 2015-05-26 20:52 - 000142289 _____ C:\Windows\system32\Gfxres.cs-CZ.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000142008 _____ C:\Windows\system32\Gfxres.fi-FI.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000141838 _____ C:\Windows\system32\Gfxres.sk-SK.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000141049 _____ C:\Windows\system32\Gfxres.hr-HR.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000137889 _____ C:\Windows\system32\Gfxres.sl-SI.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000137784 _____ C:\Windows\system32\Gfxres.nb-NO.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000137141 _____ C:\Windows\system32\Gfxres.da-DK.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000132623 _____ C:\Windows\system32\Gfxres.en-US.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000126976 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2019-10-13 10:24 - 2015-05-26 20:52 - 000126300 _____ C:\Windows\system32\Gfxres.zh-TW.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000124650 _____ C:\Windows\system32\Gfxres.zh-CN.resources
2019-10-13 10:24 - 2015-05-26 20:52 - 000025088 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2019-10-13 10:24 - 2015-05-26 20:52 - 000009728 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2019-10-13 10:24 - 2015-05-26 20:52 - 000000268 _____ C:\Windows\system32\GfxUI.exe.config
2019-10-13 10:24 - 2015-05-26 20:51 - 013028864 _____ (Intel Corporation) C:\Windows\system32\ig4icd64.dll
2019-10-13 10:24 - 2015-05-26 20:50 - 003511296 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2019-10-13 10:24 - 2015-05-26 20:50 - 003121152 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2019-10-13 10:24 - 2015-05-26 20:50 - 000963452 _____ C:\Windows\SysWOW64\igcodeckrng600.bin
2019-10-13 10:24 - 2015-05-26 20:50 - 000963452 _____ C:\Windows\system32\igcodeckrng600.bin
2019-10-13 10:24 - 2015-05-26 20:50 - 000575488 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll
2019-10-13 10:24 - 2015-05-26 20:50 - 000542720 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll
2019-10-13 10:24 - 2015-05-26 20:50 - 000272928 _____ C:\Windows\SysWOW64\igvpkrng600.bin
2019-10-13 10:24 - 2015-05-26 20:50 - 000272928 _____ C:\Windows\system32\igvpkrng600.bin
2019-10-13 10:24 - 2015-05-26 20:50 - 000059425 _____ C:\Windows\system32\iglhxo64.vp
2019-10-13 10:24 - 2015-05-26 20:50 - 000059398 _____ C:\Windows\system32\iglhxg64.vp
2019-10-13 10:24 - 2015-05-26 20:50 - 000059230 _____ C:\Windows\system32\iglhxc64.vp
2019-10-13 10:24 - 2015-05-26 20:50 - 000059104 _____ C:\Windows\system32\iglhxc64_dev.vp
2019-10-13 10:24 - 2015-05-26 20:50 - 000058796 _____ C:\Windows\system32\iglhxg64_dev.vp
2019-10-13 10:24 - 2015-05-26 20:50 - 000058109 _____ C:\Windows\system32\iglhxo64_dev.vp
2019-10-13 10:24 - 2012-10-02 09:34 - 000016896 _____ (Intel(R) Corporation) C:\Windows\system32\IntcDAuC.dll
2019-10-13 10:23 - 2019-10-13 16:06 - 000000000 ____D C:\temp
2019-10-13 09:10 - 2019-10-13 09:10 - 000000000 ____D C:\Windows\system32\appmgmt
2019-10-12 22:19 - 2019-10-13 09:06 - 000000000 ____D C:\Users\riaditel\AppData\Roaming\CrystalIdea Software
2019-10-12 22:19 - 2019-10-13 09:06 - 000000000 ____D C:\Program Files\Uninstall Tool
2019-10-12 22:18 - 2019-10-12 22:18 - 000000000 ____D C:\Users\riaditel\AppData\Roaming\WinRAR
2019-10-12 22:18 - 2016-10-15 23:59 - 004003240 _____ (CrystalIdea Software ) C:\Users\riaditel\Desktop\uninstalltool_setup.exe
2019-10-12 22:15 - 2019-10-12 22:15 - 000000690 _____ C:\Users\riaditel\Desktop\SCHOOOL.lnk
2019-10-12 22:15 - 2019-10-12 22:15 - 000000681 _____ C:\Users\riaditel\Desktop\SCHOOL.lnk
2019-10-12 22:13 - 2019-10-12 22:13 - 000000000 ____D C:\Users\riaditel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-10-12 22:13 - 2019-10-12 22:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-10-12 22:12 - 2019-10-12 22:13 - 000000000 ____D C:\Program Files\WinRAR
2019-10-12 22:09 - 2019-10-14 22:07 - 000000000 ____D C:\FRST
2019-10-12 21:02 - 2019-10-12 22:09 - 001616384 _____ (Farbar) C:\Users\riaditel\Desktop\FRST64.exe
2019-10-03 20:44 - 2019-10-12 21:05 - 000004064 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1550340504
2019-10-03 20:44 - 2019-10-03 20:44 - 001663040 _____ (Malwarebytes) C:\Users\riaditel\Desktop\JRT.exe
2019-10-03 20:40 - 2019-10-03 20:53 - 000000798 _____ C:\runcheck.txt
2019-10-03 20:39 - 2019-10-03 20:39 - 000000000 ____D C:\zoek_backup
2019-10-03 20:37 - 2019-10-03 20:38 - 002038755 _____ C:\Users\riaditel\Desktop\zoek.exe
2019-10-03 20:13 - 2019-10-03 20:17 - 000000000 ____D C:\AdwCleaner
2019-10-03 20:12 - 2019-10-03 20:12 - 007636680 _____ (Malwarebytes) C:\Users\riaditel\Desktop\adwcleaner_7.4.1.exe
2019-10-03 19:53 - 2019-10-03 19:54 - 000000000 ____D C:\Program Files (x86)\GUMBE6E.tmp

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-10-14 21:15 - 2009-07-14 06:45 - 000009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-10-14 21:15 - 2009-07-14 06:45 - 000009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-10-14 21:12 - 2009-07-14 07:13 - 000786174 _____ C:\Windows\system32\PerfStringBackup.INI
2019-10-14 21:12 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-10-14 21:10 - 2012-06-15 22:40 - 000000000 ____D C:\Users\riaditel\AppData\Local\CrashDumps
2019-10-14 21:07 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-10-14 20:09 - 2011-10-12 16:28 - 000015456 _____ C:\Windows\system32\results.xml
2019-10-14 20:07 - 2012-05-18 10:22 - 000000000 ____D C:\Users\riaditel
2019-10-13 19:16 - 2009-07-14 04:34 - 090963968 _____ C:\Windows\system32\config\SOFTWARE.bak
2019-10-13 19:16 - 2009-07-14 04:34 - 019660800 _____ C:\Windows\system32\config\SYSTEM.bak
2019-10-13 19:16 - 2009-07-14 04:34 - 000262144 _____ C:\Windows\system32\config\SECURITY.bak
2019-10-13 19:12 - 2011-10-12 17:52 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2019-10-13 19:12 - 2009-07-14 04:34 - 000262144 _____ C:\Windows\system32\config\SAM.bak
2019-10-13 16:06 - 2013-05-07 11:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ziacik v3.1
2019-10-13 16:00 - 2011-10-12 17:39 - 000000000 ____D C:\Program Files\Hewlett-Packard
2019-10-13 10:28 - 2011-10-12 16:30 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2019-10-13 10:27 - 2011-10-12 16:26 - 000000000 ____D C:\Program Files (x86)\Intel
2019-10-13 10:24 - 2011-10-12 16:26 - 000000000 ____D C:\Intel
2019-10-13 09:56 - 2011-10-13 02:13 - 000000000 ____D C:\Windows\Panther
2019-10-13 09:15 - 2012-06-18 01:17 - 000770484 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-10-13 09:13 - 2015-06-01 13:44 - 000000000 ____D C:\Windows\system32\MRT
2019-10-13 09:10 - 2011-10-13 06:35 - 000000000 ____D C:\ProgramData\Adobe
2019-10-13 09:08 - 2011-10-12 21:16 - 127230528 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-10-12 22:54 - 2011-10-12 20:30 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-10-12 21:14 - 2018-03-14 15:15 - 000004482 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2019-10-12 21:14 - 2012-06-14 23:31 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-10-12 21:14 - 2012-06-14 23:31 - 000004312 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2019-10-12 21:14 - 2011-10-12 20:30 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-10-12 21:14 - 2011-10-12 20:30 - 000000000 ____D C:\Windows\system32\Macromed
2019-10-12 21:08 - 2015-11-19 13:13 - 000003872 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1447931581
2019-10-12 21:08 - 2015-11-19 13:11 - 000000000 ____D C:\Program Files (x86)\Opera
2019-10-04 01:10 - 2012-05-18 21:29 - 000002392 _____ C:\Users\riaditel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-10-03 20:02 - 2012-05-18 21:27 - 000003552 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-550839865-1085242704-628959683-1004UA
2019-10-03 20:02 - 2012-05-18 21:27 - 000003280 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-550839865-1085242704-628959683-1004Core
2019-10-03 19:54 - 2015-06-01 09:15 - 000000000 ____D C:\Program Files (x86)\Google

==================== Files in the root of some directories ================

2012-05-23 07:22 - 2010-09-20 15:55 - 001550311 ____R () C:\Program Files (x86)\MANUAL.pdf
2012-05-23 07:22 - 2010-09-16 15:10 - 004629424 ____R (SILCOM Multimedia) C:\Program Files (x86)\Vš_vidiek.exe
2012-05-23 07:22 - 2010-09-03 10:14 - 002202336 ____R () C:\Program Files (x86)\Vš_vidiek.swf
2016-03-15 15:27 - 2016-03-15 15:27 - 000000427 _____ () C:\Program Files (x86)\Common Files\eInstruction.ini
2017-06-13 19:20 - 2017-03-19 14:39 - 000095604 ___SH () C:\Users\riaditel\AppData\Roaming\MicrosoftSearchIndexer

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-10-14 21:45
==================== End of FRST.txt ============================

Re: Spomalenie, virus. FRST log

Napsal: 15 říj 2019 09:29
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKU\S-1-5-21-550839865-1085242704-628959683-1004\...\Run: [Google Update 12.3] => C:\Users\riaditel\AppData\Roaming\Macromedia\svchost.exe [2219008 2018-06-26] () [File not signed] <==== ATTENTION
Task: {9CBAFF7A-29AB-4649-9944-B595EC52C9E9} - System32\Tasks\{34903FBF-0F00-460B-942B-F666EF91E286} => C:\Windows\system32\pcalua.exe -a "E:\01 Personal images\projekt 12k\drivers\Intel PROSet Extensions for Microsoft Windows 7 sp51589.exe" -d "E:\01 Personal images\projekt 12k\drivers"
Task: {AEDBEB2C-D98A-457A-A138-9FD8C9D30C6F} - System32\Tasks\Google Update 12.3 => C:\Users\riaditel\AppData\Roaming\Macromedia\svchost.exe [2219008 2018-06-26] () [File not signed] <==== ATTENTION
Task: {CC463D46-396E-438F-B39E-B489168BA456} - System32\Tasks\{F51E4ADE-DD88-4196-9957-C3692E8D89BC} => C:\Windows\system32\pcalua.exe -a "C:\Users\riaditel\Downloads\implugin (3).exe" -d C:\Users\riaditel\Downloads
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Windows\system32\SETE03F.tmp
C:\Windows\system32\SETDA72.tmp
C:\Windows\system32\SETDA23.tmp
C:\Program Files (x86)\GUMBE6E.tmp
C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-550839865-1085242704-628959683-1004UA
C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-550839865-1085242704-628959683-1004Core
HKU\S-1-5-21-550839865-1085242704-628959683-1004\...\ChromeHTML: -> C:\Users\riaditel\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File
ContextMenuHandlers1: [SecureExt] -> {D23C3BA7-6DC3-4DDF-9BDF-12599E852A40} => -> No File
ContextMenuHandlers2: [SecureExt] -> {D23C3BA7-6DC3-4DDF-9BDF-12599E852A40} => -> No File
ContextMenuHandlers6: [SecureExt] -> {D23C3BA7-6DC3-4DDF-9BDF-12599E852A40} => -> No File
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe No File

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Spomalenie, virus. FRST log

Napsal: 15 říj 2019 14:57
od kroenen2
Fix result of Farbar Recovery Scan Tool (x64) Version: 12-10-2019 02
Ran by riaditel (15-10-2019 15:53:43) Run:1
Running from C:\Users\riaditel\Desktop
Loaded Profiles: riaditel (Available Profiles: riaditel & učitel)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-550839865-1085242704-628959683-1004\...\Run: [Google Update 12.3] => C:\Users\riaditel\AppData\Roaming\Macromedia\svchost.exe [2219008 2018-06-26] () [File not signed] <==== ATTENTION
Task: {9CBAFF7A-29AB-4649-9944-B595EC52C9E9} - System32\Tasks\{34903FBF-0F00-460B-942B-F666EF91E286} => C:\Windows\system32\pcalua.exe -a "E:\01 Personal images\projekt 12k\drivers\Intel PROSet Extensions for Microsoft Windows 7 sp51589.exe" -d "E:\01 Personal images\projekt 12k\drivers"
Task: {AEDBEB2C-D98A-457A-A138-9FD8C9D30C6F} - System32\Tasks\Google Update 12.3 => C:\Users\riaditel\AppData\Roaming\Macromedia\svchost.exe [2219008 2018-06-26] () [File not signed] <==== ATTENTION
Task: {CC463D46-396E-438F-B39E-B489168BA456} - System32\Tasks\{F51E4ADE-DD88-4196-9957-C3692E8D89BC} => C:\Windows\system32\pcalua.exe -a "C:\Users\riaditel\Downloads\implugin (3).exe" -d C:\Users\riaditel\Downloads
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Windows\system32\SETE03F.tmp
C:\Windows\system32\SETDA72.tmp
C:\Windows\system32\SETDA23.tmp
C:\Program Files (x86)\GUMBE6E.tmp
C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-550839865-1085242704-628959683-1004UA
C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-550839865-1085242704-628959683-1004Core
HKU\S-1-5-21-550839865-1085242704-628959683-1004\...\ChromeHTML: -> C:\Users\riaditel\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\riaditel\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File
ContextMenuHandlers1: [SecureExt] -> {D23C3BA7-6DC3-4DDF-9BDF-12599E852A40} => -> No File
ContextMenuHandlers2: [SecureExt] -> {D23C3BA7-6DC3-4DDF-9BDF-12599E852A40} => -> No File
ContextMenuHandlers6: [SecureExt] -> {D23C3BA7-6DC3-4DDF-9BDF-12599E852A40} => -> No File
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe No File

EmptyTemp:
End
*****************

Processes closed successfully.
"HKU\S-1-5-21-550839865-1085242704-628959683-1004\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update 12.3" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9CBAFF7A-29AB-4649-9944-B595EC52C9E9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9CBAFF7A-29AB-4649-9944-B595EC52C9E9}" => removed successfully
C:\Windows\System32\Tasks\{34903FBF-0F00-460B-942B-F666EF91E286} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{34903FBF-0F00-460B-942B-F666EF91E286}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AEDBEB2C-D98A-457A-A138-9FD8C9D30C6F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AEDBEB2C-D98A-457A-A138-9FD8C9D30C6F}" => removed successfully
C:\Windows\System32\Tasks\Google Update 12.3 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Google Update 12.3" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CC463D46-396E-438F-B39E-B489168BA456}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CC463D46-396E-438F-B39E-B489168BA456}" => removed successfully
C:\Windows\System32\Tasks\{F51E4ADE-DD88-4196-9957-C3692E8D89BC} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F51E4ADE-DD88-4196-9957-C3692E8D89BC}" => removed successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
C:\Windows\system32\SETE03F.tmp => moved successfully
C:\Windows\system32\SETDA72.tmp => moved successfully
C:\Windows\system32\SETDA23.tmp => moved successfully
C:\Program Files (x86)\GUMBE6E.tmp => moved successfully
C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-550839865-1085242704-628959683-1004UA => moved successfully
C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-550839865-1085242704-628959683-1004Core => moved successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\ChromeHTML => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4} => removed successfully
HKU\S-1-5-21-550839865-1085242704-628959683-1004_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E} => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SecureExt => removed successfully
HKLM\Software\Classes\CLSID\{D23C3BA7-6DC3-4DDF-9BDF-12599E852A40} => not found
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\SecureExt => removed successfully
HKLM\Software\Classes\CLSID\{D23C3BA7-6DC3-4DDF-9BDF-12599E852A40} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\SecureExt => removed successfully
HKLM\Software\Classes\CLSID\{D23C3BA7-6DC3-4DDF-9BDF-12599E852A40} => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\SPPSVC-In-TCP" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\SPPSVC-In-TCP-NoScope" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 62068225 B
Java, Flash, Steam htmlcache => 171254 B
Windows/system/drivers => 1407729 B
Edge => 0 B
Chrome => 159372202 B
Firefox => 379069766 B
Opera => 13018560 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 73300 B
Public => 73300 B
ProgramData => 73300 B
systemprofile => 101872102 B
systemprofile32 => 101942390 B
LocalService => 101942390 B
NetworkService => 101961698 B
riaditel => 103125516 B
učitel => 103397660 B

RecycleBin => 8713807466 B
EmptyTemp: => 9.3 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 15:54:35 ====

Re: Spomalenie, virus. FRST log

Napsal: 15 říj 2019 16:49
od Rudy
Smazáno. Nastala nějaká změna?

Re: Spomalenie, virus. FRST log

Napsal: 14 lis 2019 22:09
od kroenen2
Ďakujem, je to už fajn :)

Re: Spomalenie, virus. FRST log

Napsal: 15 lis 2019 10:17
od Rudy
Nemáte zač! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz