Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
Storkan
Návštěvník
Návštěvník
Příspěvky: 36
Registrován: 27 pro 2018 23:55

Prosím o kontrolu logu

#1 Příspěvek od Storkan »

Dobrý den

Chtěl bych Vás požádat o kontrolu logu. Není to můj NTB, ale známého tak nevím co s tím dělal. Každopádně Služby vytěžují CPU a disk na 100% a nejdou aktualizace systému, stále se odpojuje od sítě atd. Předem děkuji za ochotu

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30.01.2019
Ran by Aspire (30-01-2019 22:41:13)
Running from C:\Users\Aspire\Downloads
Windows 8.1 Connected (X64) (2015-12-03 16:53:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2649769328-1442576681-4040288438-500 - Administrator - Disabled)
Aspire (S-1-5-21-2649769328-1442576681-4040288438-1001 - Administrator - Enabled) => C:\Users\Aspire
Guest (S-1-5-21-2649769328-1442576681-4040288438-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{C788B026-20BD-4E96-B698-533F1D6C5013}) (Version: 7.2.4 - Hewlett-Packard) Hidden
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.10.2002 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2001 - Acer Incorporated)
abMusic (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 3.01.2003.6 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 4.00.2001.1 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8105 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.12.2006 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8104 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3012 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8106 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.02.2003 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.01.3003 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.01.3003 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2001.4 - Acer Incorporated)
Adobe Reader XI (11.0.04) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.04 - Adobe Systems Incorporated)
Aloha TriPeaks (HKLM-x32\...\WTA-ab56ec5b-6fa4-4dfb-bd78-ceeace722f58) (Version: 2.2.0.98 - WildTangent) Hidden
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.25.2001.0 - Acer Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.1.2360 - AVAST Software)
Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
Cradle Of Egypt Collector's Edition (HKLM-x32\...\WTA-c69db588-ef65-4379-86e4-188dd0df1c9d) (Version: 2.2.0.110 - WildTangent) Hidden
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.3721 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3914.57 - CyberLink Corp.)
FOTOLAB CEWE fotosvet (HKLM-x32\...\FOTOLAB CEWE fotosvet) (Version: 6.1.5 - CEWE Stiftung u Co. KGaA)
Game Channels (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 9.2.0.11 - WildTangent, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.81 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (HKLM-x32\...\WTA-42b228cc-bd7b-4186-a616-f63c62029ec8) (Version: 2.2.0.110 - WildTangent) Hidden
Host App Service (HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\SweetLabs_AP) (Version: 0.269.8.718 - Pokki) <==== ATTENTION
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8101 - Acer Incorporated)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated)
Luxor Evolved (HKLM-x32\...\WTA-64989219-8e08-458e-a1ec-b6526f1cae0d) (Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (HKLM-x32\...\WTA-225c38ea-1b45-4706-a184-d47b2af73567) (Version: 2.2.0.98 - WildTangent) Hidden
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.7.208 - McAfee, Inc.)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.11126.20266 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\OneDriveSetup.exe) (Version: 18.151.0729.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11126.20266 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11126.20266 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11126.20266 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.11126.20266 - Microsoft Corporation) Hidden
Peggle Nights (HKLM-x32\...\WTA-2986e38a-969a-4097-a644-39cc63a74389) (Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-44a97d0b-062e-4cc5-b3f9-6aca6fe37e30) (Version: 2.2.0.98 - WildTangent) Hidden
Pokki Start Menu (HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\SweetLabs_Start_Menu) (Version: 0.269.8.718 - Pokki)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.29 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21245 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7209 - Realtek Semiconductor Corp.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
The Chronicles of Emerland Solitaire (HKLM-x32\...\WTA-e97af41c-4dff-483b-9b8e-233af0e814c0) (Version: 3.0.2.32 - WildTangent) Hidden
Trinklit Supreme (HKLM-x32\...\WTA-1cd45dff-6ea5-42d7-8045-a335bae852a6) (Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer) (Version: 4.1.1.30 - WildTangent) Hidden
WildTangent ShortcutProvider (HKLM-x32\...\{80831F60-19D7-43B3-A60C-5CAF8C478DF6}) (Version: 4.5.0.160 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2649769328-1442576681-4040288438-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Aspire\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileCoAuthLib64.dll => No File
CustomCLSID: HKU\S-1-5-21-2649769328-1442576681-4040288438-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-30] (AVAST Software)
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvAppExt.dll [2014-02-26] (Qualcomm®Atheros®)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-30] (AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-30] (AVAST Software)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ShellContextExt.dll [2014-02-26] (Qualcomm®Atheros®)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2014-03-07] (Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\Windows\system32\igfxOSP.dll [2014-03-07] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-30] (AVAST Software)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0E3D8C1F-20BC-4577-84C3-2B3E0148A5C1} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-03-17] (Acer Incorporate)
Task: {165B1243-58EC-45DD-9CC8-8AD8D854B785} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-03-21] (Acer Incorporated)
Task: {1E6382CF-D98B-4776-BE28-63D33F295BCC} - System32\Tasks\SweetLabs App Platform => C:\Users\Aspire\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe [2018-12-20] (Pokki)
Task: {247D4397-C93D-4EAD-8E50-03A8007C3044} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2019-01-02] (Microsoft Corporation)
Task: {566C560F-B1AA-4414-98A8-F044168EC987} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-03-22] (Acer Incorporate)
Task: {5B03D0FD-3F27-4E32-B560-E9B9717F9A2E} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-03-22] (Acer Incorporate)
Task: {6316AE17-1805-42EA-9A43-3FD5E42FE9D3} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2019-01-30] (Microsoft Corporation)
Task: {67A70410-051F-4079-89CD-7BBF63037EC6} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-03-19] (Acer Incorporated)
Task: {6CD970C7-7986-4651-85F0-F4113A2383C4} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-07-08] ()
Task: {75D5F4A7-F055-4633-BE9A-EE0D94D658D7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-01-30] (Google Inc.)
Task: {7DF07CC3-AD1F-4DDF-B004-DF37887F66FB} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-01-25] (TODO: <Company name>)
Task: {8557A9C5-037C-42AF-AED4-7B68546E667A} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2017-09-26] (Acer Incorporated)
Task: {90656965-7EB1-41B3-A764-A1D118438BFF} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2019-01-30] (Microsoft Corporation)
Task: {967374E2-40BA-48EB-80CC-B7080BE82C31} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2019-01-30] (AVAST Software)
Task: {99DD3051-4CD8-464B-94E5-602DA19F9FA9} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2019-01-30] (Microsoft Corporation)
Task: {A86A3A4E-49FC-45D3-A4A4-57C9D66CAE8D} - System32\Tasks\abDocsDllLoader => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [2017-09-28] ()
Task: {BE66E331-DB0F-4F10-B557-A4BCE9A8A010} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2019-01-30] (Microsoft Corporation)
Task: {C8D1584C-7261-4068-869E-1CA6AC5BF2AB} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {CC94D9A2-4750-44D7-9ADF-4E0846477447} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2019-01-02] (Microsoft Corporation)
Task: {F9479D42-2A76-476C-9917-91D3FC2F2141} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-01-30] (Google Inc.)
Task: {FC6A410C-BFFB-464C-9636-17639FF5EB06} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2019-01-30] (Microsoft Corporation)
Task: {FE681400-330C-4E5C-B916-1D31B03D5118} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2019-01-30] (AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\Public\Desktop\Booking.com.lnk -> C:\Program Files\Booking.COM\StartURL.exe () -> hxxp://www.booking.com/index.html?aid=379334

==================== Loaded Modules (Whitelisted) ==============

2011-08-05 07:56 - 2011-08-05 07:56 - 000034304 _____ () C:\Windows\System32\sxr3xlm.dll
2014-06-24 23:13 - 2012-04-24 11:43 - 000254512 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2014-04-21 11:37 - 2014-03-07 17:21 - 000080312 _____ () C:\Windows\system32\igfxexps.dll
2014-02-26 06:14 - 2014-02-26 06:14 - 000011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-02-26 06:11 - 2014-02-26 06:11 - 000086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2014-02-26 06:17 - 2014-02-26 06:17 - 000012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2014-06-24 22:45 - 2013-10-01 10:09 - 000078880 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2019-01-30 20:57 - 2019-01-30 20:57 - 093695912 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2019-01-30 20:47 - 2019-01-30 20:47 - 000667016 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-07-15 18:50 - 2018-07-15 18:50 - 000183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\ErrorReporting.dll
2017-11-14 16:06 - 2017-11-14 16:06 - 000015136 _____ () C:\Windows\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2017-09-26 12:35 - 2017-09-26 12:35 - 000013088 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2017-09-26 12:34 - 2017-09-26 12:34 - 000277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Acer\Remote Files\
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\acer01.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{DE009EB0-F7C2-4C4C-B04F-F38E497FD23F}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{AC236072-FE1C-4CCF-95A2-F784C5EB3DF9}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{FC94B1E3-F4FA-477E-8BFF-8573F6A33E76}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp.)
FirewallRules: [{B80E5E2D-FB73-461C-B382-6483A8C39D99}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe (Spotify Ltd)
FirewallRules: [{B6CBC285-8BD2-4CDE-9C66-C743CD7241BA}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe (Spotify Ltd)
FirewallRules: [{B1FA4FBB-9410-47B3-AC8E-E7049FD8B5AE}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
FirewallRules: [{E1E72048-54DD-4259-AB55-AF8A4B011020}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
FirewallRules: [{E6A65797-BD19-4C1B-83EA-D8750C887EC8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe (CyberLink Corp.)
FirewallRules: [{DD220CF1-61F2-4E75-81B8-8BC965037195}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe No File
FirewallRules: [{0F6EF111-B06C-4596-B33E-571C3F3F3C81}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe No File
FirewallRules: [{980362F8-D8CE-4454-A42F-8008C3457AC9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe No File
FirewallRules: [{2D3A9B46-5FD9-45CD-A634-43B79B849550}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe (CyberLink Corp.)
FirewallRules: [{16EAE2FD-227D-4270-A1A3-729E043174CC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe (CyberLink Corp.)
FirewallRules: [{71D2231C-9AA8-4646-97CE-4EBD9999115A}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe No File
FirewallRules: [{967D939E-1305-4412-B466-CDB1871C210A}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe No File
FirewallRules: [{3B78E2AE-8D7C-4F8F-B7A6-B3F6BBC24BA8}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe No File
FirewallRules: [{07565A5C-739F-417E-B7FB-906F683C0404}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe No File
FirewallRules: [{F616D4AA-8DB3-4DD9-BA77-0FDEEA0F34D7}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe No File
FirewallRules: [{027100CC-40C8-4581-BBD7-8B483237D8E6}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe No File
FirewallRules: [{2B4F1FAB-D315-4AE1-AF2C-900896AF1651}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe No File
FirewallRules: [{99081A27-141B-4D12-9A4B-1C4450EC9944}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe No File
FirewallRules: [{68D9F4CF-B13C-4A79-8571-2F503AE3C9F8}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe No File
FirewallRules: [{E3831676-2D1E-4779-B300-D22AC7B64333}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe No File
FirewallRules: [{558414EB-3026-4355-AA98-DA1D26CA07CC}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe No File
FirewallRules: [{B5A3F2E0-DA8D-426E-BC7E-09D76BE107F1}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe No File
FirewallRules: [{ED89EBE0-B098-4245-9725-74E09C9DF3CC}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe No File
FirewallRules: [{1C02D183-D4A4-4149-802E-140172FC79EA}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe No File
FirewallRules: [{0A5B3B3A-036A-4F8A-82DF-99BB6EF149CD}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe No File
FirewallRules: [{731338CF-5054-4BE9-B708-98C5E67C226D}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe No File
FirewallRules: [{0A080567-12F4-46F9-9BA6-7F99FB2DB969}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe No File
FirewallRules: [{9391313B-7593-4A19-B6BE-C78BEAFE6DB1}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe No File
FirewallRules: [{ED9E485E-39E1-4053-AB80-3EC566DFAE49}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe No File
FirewallRules: [{9D3C9E54-8E17-4E65-AD8D-7DD1073C4A16}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe No File
FirewallRules: [{F760D05C-82C7-4EAA-951F-4D7CB91A8802}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe No File
FirewallRules: [{720D3DF2-867C-4583-8AB8-89B6DCFA1D47}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe No File
FirewallRules: [{3DFFCBAC-2FEC-4ADA-BD58-EAE2AD4CA97B}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe No File
FirewallRules: [{A9B37617-8054-4B30-98C4-2190B67438AF}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe No File
FirewallRules: [{3268E737-6640-4336-A9D2-5AD2F42C78CA}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (acer)
FirewallRules: [{854DAB08-6F6E-44AE-9D3D-F4306A275F19}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (acer)
FirewallRules: [{C1789D86-EE16-41C1-8F6A-91366C2B6B7F}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (acer)
FirewallRules: [{62A2A385-69AF-4F0A-8811-89E09656DCA8}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (acer)
FirewallRules: [{2764D0BD-4CCF-4A81-8289-AD8FB4ADA4DC}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
FirewallRules: [{66211DC7-64AF-4637-9965-E71A9103EC55}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
FirewallRules: [{10A31E13-74F5-43AD-B5B6-24267B54B2A3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
FirewallRules: [{0A48A9CD-36F9-4DD9-B23A-FB394FF41FCD}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
FirewallRules: [{8EC55915-BED6-42BC-99DD-352915FE5128}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
FirewallRules: [{47EC79A5-0270-411A-A1CB-D1E920F434CB}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
FirewallRules: [{5A9823B6-7079-4461-94E9-E006EA655C38}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
FirewallRules: [{5874400D-1358-4FEE-91CA-233562810154}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
FirewallRules: [{07235409-303C-452C-BDDF-1F55F494814A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
FirewallRules: [{890A5B8E-F0AB-44A6-806C-487078DB5B13}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
FirewallRules: [{AED33B4F-C2B1-4451-BBDB-8EA472039736}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
FirewallRules: [{7A2B87BB-B1F2-4813-B67E-A9C3C0DE5A4E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
FirewallRules: [{655934EA-9463-42DB-98DB-B9C5EB348D32}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
FirewallRules: [{5CF5960D-B8F0-4C25-81FA-AD3C3916BCB9}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
FirewallRules: [{13D3CF31-77A6-4456-87A4-2CE5FC008200}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
FirewallRules: [{863D5CB5-0E10-4405-AFFF-C452A4E72298}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
FirewallRules: [{A906B312-CCBF-4E77-8577-706CE5860BE6}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{1A1B70D4-09B2-42FE-902F-CAF4D30D594B}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{FB7765F9-2A45-42D4-9C35-1AD50C66F1C7}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{46E93DB6-60D6-4FAD-AF6D-729D14E38E1D}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{9102403D-03D5-43EB-A50F-352B855798B2}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{C83483DE-7C58-4A0D-BA6E-DD863EF9ED38}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{D47464F5-1217-4CA8-9630-F51F51CC9DAE}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{748F3D12-B58A-46AA-A5C5-EF8F2EF51373}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{57F859AA-ECF8-4549-8458-4DDA4512C0AE}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{27E9DAA2-12D9-4607-9465-426EA9F6A310}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{04BE9A16-1CA5-4975-AC06-911B6FE2EBDD}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{EB9671DF-B372-4D96-A64C-2EC8974220EA}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{802C366C-86D2-46BD-B996-00780BC48F83}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{BD87900E-76AA-41D1-8D19-DD6678C80F65}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{9FC376C2-15D9-4E51-8BB9-CBB8774AB015}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{1C24ED3B-E2C5-4199-8A0E-5CCC10D7D39E}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{698CE724-6755-4C81-8486-16238FA2258D}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{9018091E-9AEF-4C3C-A218-E957C98D10D2}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{87C89094-294E-431D-A456-504544859586}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{EAB9225F-D78D-4735-BF68-FBFC6D042ACD}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{B59640B5-BADD-467C-967D-3D2357484F14}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{D12C00B8-AD97-439C-B022-F50F5CE322E5}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{15CD5942-6503-4406-AAD1-4C4150C74E72}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{255B70A2-2A37-4711-823C-DF1026245B86}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{A97C8676-4A45-4C25-9D31-D081D51E0C90}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{2C7A8150-B6B9-429C-9533-CE5A30D8D118}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{46741D73-0112-4348-9645-10FEFD4F55FA}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{E68D59E8-208F-4329-943A-140848F1E730}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{A914637C-D135-46C6-A68A-693CE504C74D}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{D44E58AB-AB6D-4D45-A045-317834E9BB09}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{E7518BBF-E1CE-4751-B5BA-F09E49774457}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{7595E50C-B1F4-44C6-98F8-A6EBC559F50A}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{8F3F1232-3A04-4FBB-B2FE-EBA1185CD121}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{268B819D-A2A0-4DD7-965C-3116B6165412}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{66D31253-A211-4DB6-AA45-41B0D1B38AF6}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{36221610-4696-436F-99AF-D85F2B1F717B}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{18DF0D93-BBD3-47E5-BE29-A600ED567421}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{B0529176-5AA2-48E7-A471-E8B757FCD8BC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{4AE55323-2A8E-4E2E-ADA2-908E41694050}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation)
FirewallRules: [{CC048247-4341-477A-8840-8383E9CA365D}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{5613135C-D695-4B94-A49F-79EFAA109F16}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{3C086F63-E1B4-4B40-9D2E-88699C96A70A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

==================== Restore Points =========================

20-09-2018 09:59:40 Naplánovaný kontrolní bod
30-01-2019 19:50:44 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/18/2018 07:50:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_Audiosrv, verze: 6.3.9600.16384, časové razítko: 0x5215dfe3
Název chybujícího modulu: ntdll.dll, verze: 6.3.9600.17031, časové razítko: 0x530895af
Kód výjimky: 0xc000000d
Posun chyby: 0x0000000000102c50
ID chybujícího procesu: 0x67c
Čas spuštění chybující aplikace: 0x01d4671356a47e20
Cesta k chybující aplikaci: C:\Windows\system32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: be9c2cca-d306-11e8-8270-18cf5e5df793
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/18/2018 03:47:09 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Problém zabránil odeslání dat programu Zlepšování softwaru a služeb na základě zkušeností uživatelů společnosti Microsoft, (chyba 80070005).

Error: (10/18/2018 06:20:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1032

Error: (10/18/2018 06:20:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1032

Error: (10/18/2018 06:20:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/16/2018 07:29:22 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2782

Error: (10/16/2018 07:29:22 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2782

Error: (10/16/2018 07:29:22 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (01/30/2019 07:56:05 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80246007): Aktualizace systému Windows 8.1 pro systémy s procesorem x64 (KB3053863).

Error: (01/30/2019 07:56:05 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80246007): Aktualizace systému Windows 8.1 pro systémy s procesorem x64 (KB3024755).

Error: (01/30/2019 07:56:05 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80246007): Aktualizace zabezpečení systému Windows 8.1 pro systémy na platformě x64 (KB3126587).

Error: (01/30/2019 07:56:05 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80246007): Aktualizace zabezpečení systému Windows 8.1 pro systémy na platformě x64 (KB3159398).

Error: (01/30/2019 07:56:05 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80246007): Aktualizace systému Windows 8.1 pro systémy s procesorem x64 (KB2989930).

Error: (01/30/2019 07:56:05 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80246007): Aktualizace systému Windows 8.1 pro systémy s procesorem x64 (KB2994290).

Error: (01/30/2019 07:56:05 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80246007): 2017-11 kumulativní aktualizace zabezpečení a pro zvýšení kvality pro .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2 a 4.7 v systémech Windows 8.1 a Server 2012 R2 pro x64 (KB4049017).

Error: (01/30/2019 07:56:04 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80246007): Aktualizace zabezpečení pro rozhraní Microsoft .NET Framework 3.5 v systémech Windows 8.1 a Windows Server 2012 R2 platformy x64 (KB2972213).


Windows Defender:
===================================
Date: 2018-10-15 19:33:42.074
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {A69741D1-F1E5-4055-9F41-DAFDF4FC9BDB}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-10-15 19:26:08.344
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {E72DBE59-504F-4900-B8E7-515841D72090}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-10-15 19:19:46.028
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {CB87D61B-BD76-4881-9C10-9956D828169C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-09-23 19:04:40.194
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {85515849-A02C-4C3B-99A6-FE2BEA303696}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-09-23 18:37:35.070
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {91D13EDE-3D46-4060-9CD6-B0CEAF58FC1C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2016-09-17 18:50:10.748
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 106.0.0.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Systém kontroly sítě
Typ aktualizace: Úplné
Uživatel: Acer\Aspire
Aktuální verze modulu:
Předchozí verze modulu: 2.1.9700.0
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2016-09-17 18:50:10.732
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.155.266.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: Acer\Aspire
Aktuální verze modulu:
Předchozí verze modulu: 1.1.9700.0
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2016-09-17 18:50:10.732
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.155.266.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: Acer\Aspire
Aktuální verze modulu:
Předchozí verze modulu: 1.1.9700.0
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2016-09-17 18:50:10.639
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.155.266.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.9700.0
Kód chyby: 0x8024402c
Popis chyby :Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2016-01-16 18:42:41.241
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.

CodeIntegrity:
===================================

Date: 2018-09-24 11:33:05.358
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-12-03 19:34:59.834
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-12-03 19:34:54.769
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-08-19 14:17:30.311
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-08-19 14:17:26.676
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-03-26 11:37:04.673
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-03-26 11:33:24.014
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-03-26 11:33:22.317
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Celeron(R) CPU N2830 @ 2.16GHz
Percentage of memory in use: 49%
Total physical RAM: 3979.2 MB
Available physical RAM: 1996.08 MB
Total Virtual: 4683.2 MB
Available Virtual: 2465.33 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:448.23 GB) (Free:386.22 GB) NTFS

\\?\Volume{259e6a77-7c87-4571-974a-e7fb6ab5b2b4}\ (Recovery) (Fixed) (Total:0.59 GB) (Free:0.3 GB) NTFS
\\?\Volume{43c7a754-4dc3-41a0-8f79-c89bc3e51fa7}\ (Push Button Reset) (Fixed) (Total:16.52 GB) (Free:2.21 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 33A1FD29)

Partition: GPT.

==================== End of Addition.txt ============================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30.01.2019
Ran by Aspire (administrator) on ACER (30-01-2019 22:37:09)
Running from C:\Users\Aspire\Downloads
Loaded Profiles: Aspire (Available Profiles: Aspire)
Platform: Windows 8.1 Connected (X64) Language: Čeština (Česká republika)
Default browser: IE
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Spotify Ltd) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Users\Aspire\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe
(Microsoft Corporation) C:\Users\Aspire\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe
Failed to access process -> wmplayer.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Media Player\setup_wm.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Pokki) C:\Users\Aspire\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17031_none_fa50b3979b1bcb4a\TiWorker.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\livecomm.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-21] (Realtek Semiconductor)
HKLM-x32\...\Run: [Adobe ARM] => c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-30] (AVAST Software)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-02-26] (Qualcomm®Atheros®)
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1168896 2014-06-24] (Spotify Ltd)
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\MountPoints2: {11655245-e665-11e7-826d-f8a963a40627} - "E:\autorun.exe"
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\MountPoints2: {11655257-e665-11e7-826d-f8a963a40627} - "E:\autorun.exe"
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\MountPoints2: {11655ae5-e665-11e7-826d-f8a963a40627} - "F:\autorun.exe"
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\MountPoints2: {11655aef-e665-11e7-826d-f8a963a40627} - "F:\autorun.exe"
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\MountPoints2: {d2454599-6bd1-11e8-826e-f8a963a40627} - "E:\autorun.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.81\Installer\chrmstp.exe [2019-01-30] (Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> c:\Program Files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll [2013-09-05] (Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-02-26] (Qualcomm®Atheros®)
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-02-26] (Qualcomm®Atheros®)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2019-01-30]
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
Startup: C:\Users\Aspire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2018-09-24]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7F614279-92D1-4F8D-B3C2-211DDB11ACE6}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ED7ADB51-15BE-4AAD-BC5D-0BF629C3CD5C}: [DhcpNameServer] 213.46.172.37 213.46.172.36

Internet Explorer:
==================
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKU\S-1-5-21-2649769328-1442576681-4040288438-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2649769328-1442576681-4040288438-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2649769328-1442576681-4040288438-1001 -> {F4BA8A93-AE01-453D-8A4E-B1FCFEAF52C2} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-01-30] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-01-30] (Google Inc.)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll [2018-07-17] (McAfee, Inc.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2019-01-30] (Google Inc.)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\siteadvisor\McIEPlg.dll [2018-07-17] (McAfee, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-01-30] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2019-01-30] (Google Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll [2018-07-17] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\McIEPlg.dll [2018-07-17] (McAfee, Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-30] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-30] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-30] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-30] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll [2018-07-17] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\McIEPlg.dll [2018-07-17] (McAfee, Inc.)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [2019-01-30]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-30] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [No File]
FF Plugin-x32: Adobe Reader -> c:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-09-05] (Adobe Systems Inc.)

Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Profile: C:\Users\Aspire\AppData\Local\Google\Chrome\User Data\Default [2019-01-30]
CHR Extension: (Prezentace) - C:\Users\Aspire\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-01-30]
CHR Extension: (Dokumenty) - C:\Users\Aspire\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-01-30]
CHR Extension: (Disk Google) - C:\Users\Aspire\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-01-30]
CHR Extension: (YouTube) - C:\Users\Aspire\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-30]
CHR Extension: (Tabulky) - C:\Users\Aspire\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-01-30]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Aspire\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2019-01-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\Aspire\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-01-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Aspire\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-01-30]
CHR Extension: (Gmail) - C:\Users\Aspire\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-01-30]
CHR Extension: (Chrome Media Router) - C:\Users\Aspire\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-30]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-03-22]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-03-22]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7834368 2019-01-30] (AVAST Software)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-02-26] (Windows (R) Win 7 DDK provider) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357816 2019-01-30] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9619816 2019-01-04] (Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573544 2014-03-21] (Acer Incorporated)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-18] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [459496 2014-03-17] (Acer Incorporate)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [604824 2018-07-17] (McAfee, Inc.)
S2 McWAMigrationTool; C:\Program Files\McAfee\WAMigrationTool\MigrationTool.exe [985320 2019-01-30] (McAfee, Inc.)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [457960 2014-03-22] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-03-22] (Acer Incorporate)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [222952 2014-01-25] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37304 2019-01-30] (AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [203488 2019-01-30] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [223056 2019-01-30] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196264 2019-01-30] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320888 2019-01-30] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [58160 2019-01-30] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239808 2019-01-30] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46584 2019-01-30] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42488 2019-01-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [166792 2019-01-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111992 2019-01-30] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88144 2019-01-30] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1034056 2019-01-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [474648 2019-01-30] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [218056 2019-01-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380144 2019-01-30] (AVAST Software)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3888640 2014-02-14] (Qualcomm Atheros Communications, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-26] (Qualcomm Atheros)
S3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Intel Corporation)
R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [67584 2013-11-11] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [111608 2017-02-14] (McAfee, Inc.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [461528 2013-12-20] (Realsil Semiconductor Corporation)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-19] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-30 22:37 - 2019-01-30 22:39 - 000019976 _____ C:\Users\Aspire\Downloads\FRST.txt
2019-01-30 22:36 - 2019-01-30 22:37 - 000000000 ____D C:\FRST
2019-01-30 22:33 - 2019-01-30 22:35 - 002428928 _____ (Farbar) C:\Users\Aspire\Downloads\FRST64.exe
2019-01-30 21:47 - 2019-01-30 21:47 - 000002506 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-01-30 21:47 - 2019-01-30 21:47 - 000002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-01-30 21:47 - 2019-01-30 21:47 - 000002477 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-01-30 21:47 - 2019-01-30 21:47 - 000002472 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-01-30 21:47 - 2019-01-30 21:47 - 000002433 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-01-30 21:47 - 2019-01-30 21:47 - 000002398 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-01-30 21:47 - 2019-01-30 21:47 - 000002394 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-01-30 21:47 - 2019-01-30 21:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2019-01-30 21:24 - 2019-01-30 21:24 - 000003292 _____ C:\Windows\System32\Tasks\SweetLabs App Platform
2019-01-30 21:09 - 2019-01-30 21:10 - 000000000 ____D C:\ProgramData\Google
2019-01-30 21:09 - 2019-01-30 21:09 - 000000000 ____D C:\Program Files\Google
2019-01-30 21:08 - 2019-01-30 21:10 - 000000000 ____D C:\Users\Aspire\AppData\Local\Google
2019-01-30 21:07 - 2019-01-30 21:07 - 000002324 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-01-30 21:07 - 2019-01-30 21:07 - 000002283 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-01-30 21:02 - 2019-01-30 21:25 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-01-30 21:02 - 2019-01-30 21:25 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-01-30 21:01 - 2019-01-30 21:09 - 000000000 ____D C:\Program Files (x86)\Google
2019-01-30 20:59 - 2019-01-30 20:59 - 000000000 ____D C:\Users\Aspire\AppData\Roaming\AVAST Software
2019-01-30 20:59 - 2019-01-30 20:59 - 000000000 ____D C:\Users\Aspire\AppData\Local\CEF
2019-01-30 20:58 - 2019-01-30 20:58 - 000002099 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-01-30 20:58 - 2019-01-30 20:58 - 000000000 ____D C:\Users\Aspire\AppData\Local\AVAST Software
2019-01-30 20:58 - 2019-01-30 20:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2019-01-30 20:52 - 2019-01-30 20:52 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2019-01-30 20:51 - 2019-01-30 20:51 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-01-30 20:49 - 2019-01-30 20:51 - 000223056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-01-30 20:49 - 2019-01-30 20:51 - 000166792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-01-30 20:49 - 2019-01-30 20:47 - 000474648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-01-30 20:49 - 2019-01-30 20:47 - 000380144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-01-30 20:49 - 2019-01-30 20:47 - 000239808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-01-30 20:49 - 2019-01-30 20:47 - 000218056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-01-30 20:49 - 2019-01-30 20:47 - 000203488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-01-30 20:49 - 2019-01-30 20:47 - 000111992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-01-30 20:49 - 2019-01-30 20:47 - 000088144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-01-30 20:49 - 2019-01-30 20:47 - 000046584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2019-01-30 20:49 - 2019-01-30 20:47 - 000042488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-01-30 20:49 - 2019-01-30 20:46 - 001034056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-01-30 20:49 - 2019-01-30 20:46 - 000320888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblog.sys
2019-01-30 20:49 - 2019-01-30 20:46 - 000196264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-01-30 20:49 - 2019-01-30 20:46 - 000058160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-01-30 20:49 - 2019-01-30 20:46 - 000037304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-01-30 20:48 - 2019-01-30 20:48 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-01-30 20:48 - 2019-01-30 20:47 - 000361352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-01-30 20:44 - 2019-01-30 20:48 - 000000000 ____D C:\ProgramData\AVAST Software
2019-01-30 20:44 - 2019-01-30 20:44 - 000000000 ____D C:\Program Files\AVAST Software
2019-01-30 20:43 - 2019-01-30 20:43 - 007450264 _____ (AVAST Software) C:\Users\Aspire\Downloads\avast_free_antivirus_setup_online_l3a.exe

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-30 22:33 - 2016-02-17 18:34 - 000000000 ____D C:\Users\Aspire\AppData\Local\CrashDumps
2019-01-30 22:26 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\Inf
2019-01-30 22:14 - 2013-08-22 16:20 - 000000000 ____D C:\Windows\CbsTemp
2019-01-30 21:52 - 2015-12-03 18:01 - 000003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2649769328-1442576681-4040288438-1001
2019-01-30 21:50 - 2013-08-22 16:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-01-30 21:45 - 2014-06-24 23:17 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-01-30 21:29 - 2015-12-03 17:54 - 000000000 ____D C:\Users\Aspire\AppData\Local\SweetLabs App Platform
2019-01-30 20:39 - 2016-11-10 14:50 - 000000000 ____D C:\Program Files\McAfee
2019-01-30 20:38 - 2015-12-12 02:05 - 000003958 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{5ADC40AB-14AB-4317-9B8F-3D1A756ABBD7}
2019-01-30 19:49 - 2016-09-19 15:06 - 000000000 __RDO C:\Users\Aspire\OneDrive
2019-01-30 19:46 - 2014-06-24 23:04 - 000739924 _____ C:\Windows\system32\perfh005.dat
2019-01-30 19:46 - 2014-06-24 23:04 - 000151610 _____ C:\Windows\system32\perfc005.dat
2019-01-30 19:46 - 2014-03-18 10:47 - 001745984 _____ C:\Windows\system32\PerfStringBackup.INI

Some files in TEMP:
====================
2015-12-31 13:59 - 2015-12-31 13:59 - 000467968 _____ (Realtek Semiconductor Corp.) C:\Users\Aspire\AppData\Local\Temp\COMAP.EXE
2017-08-19 13:13 - 2017-08-19 13:14 - 063610200 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\oct14C.tmp.exe
2017-05-19 18:35 - 2017-05-22 14:08 - 064118864 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\oct1D38.tmp.exe
2015-12-03 17:59 - 2015-12-03 17:59 - 000002399 _____ () C:\Users\Aspire\AppData\Local\Temp\oct267E.tmp.exe
2016-07-25 08:15 - 2016-07-25 08:15 - 063953600 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\oct2F90.tmp.exe
2016-07-30 18:26 - 2016-07-30 18:26 - 063953128 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\oct3BB7.tmp.exe
2015-12-15 01:02 - 2015-12-15 01:02 - 063066872 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\oct52CC.tmp.exe
2018-01-22 14:41 - 2018-01-22 14:42 - 041424392 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\oct59ED.tmp.exe
2016-02-17 09:38 - 2016-02-17 09:39 - 063078856 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\oct6129.tmp.exe
2017-08-11 16:53 - 2017-08-11 16:57 - 063610592 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\oct6A8D.tmp.exe
2016-11-17 13:02 - 2016-11-17 13:06 - 064111920 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\oct7B2D.tmp.exe
2016-09-20 18:52 - 2016-09-20 18:53 - 064108904 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\oct8785.tmp.exe
2019-01-30 20:37 - 2019-01-30 20:38 - 044622200 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\octA35.tmp.exe
2017-12-07 19:11 - 2017-12-08 18:36 - 041373360 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\octA943.tmp.exe
2016-04-16 07:14 - 2016-04-16 07:15 - 063707840 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\octA9F8.tmp.exe
2018-03-17 13:11 - 2018-03-17 13:12 - 041561472 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\octAD0C.tmp.exe
2017-12-16 09:29 - 2017-12-16 09:29 - 041440856 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\octBC22.tmp.exe
2016-03-12 13:44 - 2016-03-12 13:45 - 063142648 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\octC8D8.tmp.exe
2015-12-12 03:46 - 2015-12-12 03:47 - 062903592 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\octD51A.tmp.exe
2017-10-07 12:49 - 2017-10-07 12:50 - 041565936 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\octEDD.tmp.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-10-15 18:04

==================== End of FRST.txt ============================

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu logu

#2 Příspěvek od Conder »

Ahoj :)

:arrow: Odporucam odinstalovat McAfee WebAdvisor (zrejme nainstalovane neumyselne pri instalacii ineho programu, navyse je to zbytocnost, kedze je tam uz Avast).

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Nechaj zaskrtnute vsetky nalezy
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Storkan
Návštěvník
Návštěvník
Příspěvky: 36
Registrován: 27 pro 2018 23:55

Re: Prosím o kontrolu logu

#3 Příspěvek od Storkan »

# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build: 01-30-2019
# Database: 2019-01-25.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-31-2019
# Duration: 00:00:07
# OS: Windows 8.1 Connected
# Cleaned: 30
# Failed: 1


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\Public\Pokki
Deleted C:\Program Files\Booking.com
Not Deleted C:\Users\Aspire\AppData\Local\SweetLabs App Platform

***** [ Files ] *****

Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pokki Start Menu.lnk
Deleted C:\Users\Aspire\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Pokki Start Menu.lnk
Deleted C:\Users\Aspire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Start Menu.lnk
Deleted C:\Users\Aspire\Favorites\Booking.com.url
Deleted C:\Users\Public\Desktop\Booking.com.lnk
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
Deleted C:\Users\Aspire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\SweetLabs App Platform

***** [ Registry ] *****

Deleted HKCU\Software\SweetLabs App Platform
Deleted HKCU\Software\Classes\lnkfile\shell\pokki
Deleted HKCU\Software\Classes\Drive\shell\pokki
Deleted HKCU\Software\Classes\Directory\shell\pokki
Deleted HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Deleted HKCU\Software\Classes\pokki
Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\TBDEn|SBOEM2
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
Deleted HKLM\Software\Wow6432Node\Classes\AppID\OverlayIcon.DLL
Deleted HKLM\SOFTWARE\Classes\AppID\OverlayIcon.DLL
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{ADF1FA2A-6EAA-4A97-A55F-3C8B92843EF5}
Deleted HKLM\Software\Classes\TypeLib\{ADF1FA2A-6EAA-4A97-A55F-3C8B92843EF5}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{7BCA6879-A9F8-47DE-AE05-F5CE7EA3A474}
Deleted HKLM\Software\Classes\Interface\{7BCA6879-A9F8-47DE-AE05-F5CE7EA3A474}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1E6382CF-D98B-4776-BE28-63D33F295BCC}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SweetLabs App Platform
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\staticimgfarm.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ak.staticimgfarm.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\warthunder.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [4157 octets] - [31/01/2019 00:56:12]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu logu

#4 Příspěvek od Conder »

:arrow: Poprosim o obidva nove logy z FRST.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Storkan
Návštěvník
Návštěvník
Příspěvky: 36
Registrován: 27 pro 2018 23:55

Re: Prosím o kontrolu logu

#5 Příspěvek od Storkan »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30.01.2019
Ran by Aspire (31-01-2019 17:18:27)
Running from C:\Users\Aspire\Desktop
Windows 8.1 Connected (X64) (2015-12-03 16:53:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2649769328-1442576681-4040288438-500 - Administrator - Disabled)
Aspire (S-1-5-21-2649769328-1442576681-4040288438-1001 - Administrator - Enabled) => C:\Users\Aspire
Guest (S-1-5-21-2649769328-1442576681-4040288438-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{C788B026-20BD-4E96-B698-533F1D6C5013}) (Version: 7.2.4 - Hewlett-Packard) Hidden
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.10.2002 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2001 - Acer Incorporated)
abMusic (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 3.01.2003.6 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 4.00.2001.1 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8105 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.12.2006 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8104 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3012 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8106 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.02.2003 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.01.3003 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.01.3003 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2001.4 - Acer Incorporated)
Adobe Reader XI (11.0.20) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.20 - Adobe Systems Incorporated)
Aloha TriPeaks (HKLM-x32\...\WTA-ab56ec5b-6fa4-4dfb-bd78-ceeace722f58) (Version: 2.2.0.98 - WildTangent) Hidden
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.25.2001.0 - Acer Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.1.2360 - AVAST Software)
Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
Cradle Of Egypt Collector's Edition (HKLM-x32\...\WTA-c69db588-ef65-4379-86e4-188dd0df1c9d) (Version: 2.2.0.110 - WildTangent) Hidden
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.3721 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3914.57 - CyberLink Corp.)
FOTOLAB CEWE fotosvet (HKLM-x32\...\FOTOLAB CEWE fotosvet) (Version: 6.1.5 - CEWE Stiftung u Co. KGaA)
Game Channels (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 9.2.0.11 - WildTangent, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.81 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (HKLM-x32\...\WTA-42b228cc-bd7b-4186-a616-f63c62029ec8) (Version: 2.2.0.110 - WildTangent) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8101 - Acer Incorporated)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated)
Luxor Evolved (HKLM-x32\...\WTA-64989219-8e08-458e-a1ec-b6526f1cae0d) (Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (HKLM-x32\...\WTA-225c38ea-1b45-4706-a184-d47b2af73567) (Version: 2.2.0.98 - WildTangent) Hidden
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.11126.20266 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\OneDriveSetup.exe) (Version: 18.240.1202.0004 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11126.20266 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11126.20266 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11126.20266 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.11126.20266 - Microsoft Corporation) Hidden
Peggle Nights (HKLM-x32\...\WTA-2986e38a-969a-4097-a644-39cc63a74389) (Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-44a97d0b-062e-4cc5-b3f9-6aca6fe37e30) (Version: 2.2.0.98 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.29 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21245 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7209 - Realtek Semiconductor Corp.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
The Chronicles of Emerland Solitaire (HKLM-x32\...\WTA-e97af41c-4dff-483b-9b8e-233af0e814c0) (Version: 3.0.2.32 - WildTangent) Hidden
Trinklit Supreme (HKLM-x32\...\WTA-1cd45dff-6ea5-42d7-8045-a335bae852a6) (Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer) (Version: 4.1.1.30 - WildTangent) Hidden
WildTangent ShortcutProvider (HKLM-x32\...\{80831F60-19D7-43B3-A60C-5CAF8C478DF6}) (Version: 4.5.0.160 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2649769328-1442576681-4040288438-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Aspire\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileCoAuthLib64.dll => No File
CustomCLSID: HKU\S-1-5-21-2649769328-1442576681-4040288438-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-30] (AVAST Software)
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvAppExt.dll [2014-02-26] (Qualcomm®Atheros®)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-30] (AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-30] (AVAST Software)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ShellContextExt.dll [2014-02-26] (Qualcomm®Atheros®)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2014-03-07] (Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\Windows\system32\igfxOSP.dll [2014-03-07] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-30] (AVAST Software)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0E3D8C1F-20BC-4577-84C3-2B3E0148A5C1} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-03-17] (Acer Incorporate)
Task: {165B1243-58EC-45DD-9CC8-8AD8D854B785} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-03-21] (Acer Incorporated)
Task: {247D4397-C93D-4EAD-8E50-03A8007C3044} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2019-01-02] (Microsoft Corporation)
Task: {566C560F-B1AA-4414-98A8-F044168EC987} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-03-22] (Acer Incorporate)
Task: {5B03D0FD-3F27-4E32-B560-E9B9717F9A2E} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-03-22] (Acer Incorporate)
Task: {6316AE17-1805-42EA-9A43-3FD5E42FE9D3} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2019-01-30] (Microsoft Corporation)
Task: {67A70410-051F-4079-89CD-7BBF63037EC6} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-03-19] (Acer Incorporated)
Task: {6CD970C7-7986-4651-85F0-F4113A2383C4} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-07-08] ()
Task: {75D5F4A7-F055-4633-BE9A-EE0D94D658D7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-01-30] (Google Inc.)
Task: {7DF07CC3-AD1F-4DDF-B004-DF37887F66FB} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-01-25] (TODO: <Company name>)
Task: {8557A9C5-037C-42AF-AED4-7B68546E667A} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2017-09-26] (Acer Incorporated)
Task: {90656965-7EB1-41B3-A764-A1D118438BFF} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2019-01-30] (Microsoft Corporation)
Task: {967374E2-40BA-48EB-80CC-B7080BE82C31} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2019-01-30] (AVAST Software)
Task: {99DD3051-4CD8-464B-94E5-602DA19F9FA9} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2019-01-30] (Microsoft Corporation)
Task: {A86A3A4E-49FC-45D3-A4A4-57C9D66CAE8D} - System32\Tasks\abDocsDllLoader => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [2017-09-28] ()
Task: {BE66E331-DB0F-4F10-B557-A4BCE9A8A010} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2019-01-30] (Microsoft Corporation)
Task: {C8D1584C-7261-4068-869E-1CA6AC5BF2AB} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {CC94D9A2-4750-44D7-9ADF-4E0846477447} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2019-01-02] (Microsoft Corporation)
Task: {F9479D42-2A76-476C-9917-91D3FC2F2141} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-01-30] (Google Inc.)
Task: {FC6A410C-BFFB-464C-9636-17639FF5EB06} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2019-01-30] (Microsoft Corporation)
Task: {FE681400-330C-4E5C-B916-1D31B03D5118} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2019-01-30] (AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2011-08-05 07:56 - 2011-08-05 07:56 - 000034304 _____ () C:\Windows\System32\sxr3xlm.dll
2014-06-24 23:13 - 2012-04-24 11:43 - 000254512 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2014-02-26 06:14 - 2014-02-26 06:14 - 000011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-02-26 06:11 - 2014-02-26 06:11 - 000086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2014-02-26 06:17 - 2014-02-26 06:17 - 000012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2014-04-21 11:37 - 2014-03-07 17:21 - 000080312 _____ () C:\Windows\system32\igfxexps.dll
2019-01-30 20:57 - 2019-01-30 20:57 - 093695912 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2019-01-30 20:47 - 2019-01-30 20:47 - 000667016 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2017-11-14 16:06 - 2017-11-14 16:06 - 000015136 _____ () C:\Windows\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2017-09-26 12:35 - 2017-09-26 12:35 - 000013088 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2017-09-26 12:34 - 2017-09-26 12:34 - 000277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Acer\Remote Files\
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\acer01.jpg
DNS Servers: 192.168.8.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{DE009EB0-F7C2-4C4C-B04F-F38E497FD23F}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{AC236072-FE1C-4CCF-95A2-F784C5EB3DF9}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{FC94B1E3-F4FA-477E-8BFF-8573F6A33E76}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp.)
FirewallRules: [{B80E5E2D-FB73-461C-B382-6483A8C39D99}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe (Spotify Ltd)
FirewallRules: [{B6CBC285-8BD2-4CDE-9C66-C743CD7241BA}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe (Spotify Ltd)
FirewallRules: [{B1FA4FBB-9410-47B3-AC8E-E7049FD8B5AE}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
FirewallRules: [{E1E72048-54DD-4259-AB55-AF8A4B011020}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
FirewallRules: [{E6A65797-BD19-4C1B-83EA-D8750C887EC8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe (CyberLink Corp.)
FirewallRules: [{DD220CF1-61F2-4E75-81B8-8BC965037195}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe No File
FirewallRules: [{0F6EF111-B06C-4596-B33E-571C3F3F3C81}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe No File
FirewallRules: [{980362F8-D8CE-4454-A42F-8008C3457AC9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe No File
FirewallRules: [{2D3A9B46-5FD9-45CD-A634-43B79B849550}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe (CyberLink Corp.)
FirewallRules: [{16EAE2FD-227D-4270-A1A3-729E043174CC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe (CyberLink Corp.)
FirewallRules: [{71D2231C-9AA8-4646-97CE-4EBD9999115A}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe No File
FirewallRules: [{967D939E-1305-4412-B466-CDB1871C210A}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe No File
FirewallRules: [{3B78E2AE-8D7C-4F8F-B7A6-B3F6BBC24BA8}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe No File
FirewallRules: [{07565A5C-739F-417E-B7FB-906F683C0404}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe No File
FirewallRules: [{F616D4AA-8DB3-4DD9-BA77-0FDEEA0F34D7}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe No File
FirewallRules: [{027100CC-40C8-4581-BBD7-8B483237D8E6}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe No File
FirewallRules: [{2B4F1FAB-D315-4AE1-AF2C-900896AF1651}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe No File
FirewallRules: [{99081A27-141B-4D12-9A4B-1C4450EC9944}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe No File
FirewallRules: [{68D9F4CF-B13C-4A79-8571-2F503AE3C9F8}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe No File
FirewallRules: [{E3831676-2D1E-4779-B300-D22AC7B64333}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe No File
FirewallRules: [{558414EB-3026-4355-AA98-DA1D26CA07CC}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe No File
FirewallRules: [{B5A3F2E0-DA8D-426E-BC7E-09D76BE107F1}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe No File
FirewallRules: [{ED89EBE0-B098-4245-9725-74E09C9DF3CC}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe No File
FirewallRules: [{1C02D183-D4A4-4149-802E-140172FC79EA}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe No File
FirewallRules: [{0A5B3B3A-036A-4F8A-82DF-99BB6EF149CD}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe No File
FirewallRules: [{731338CF-5054-4BE9-B708-98C5E67C226D}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe No File
FirewallRules: [{0A080567-12F4-46F9-9BA6-7F99FB2DB969}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe No File
FirewallRules: [{9391313B-7593-4A19-B6BE-C78BEAFE6DB1}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe No File
FirewallRules: [{ED9E485E-39E1-4053-AB80-3EC566DFAE49}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe No File
FirewallRules: [{9D3C9E54-8E17-4E65-AD8D-7DD1073C4A16}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe No File
FirewallRules: [{F760D05C-82C7-4EAA-951F-4D7CB91A8802}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe No File
FirewallRules: [{720D3DF2-867C-4583-8AB8-89B6DCFA1D47}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe No File
FirewallRules: [{3DFFCBAC-2FEC-4ADA-BD58-EAE2AD4CA97B}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe No File
FirewallRules: [{A9B37617-8054-4B30-98C4-2190B67438AF}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe No File
FirewallRules: [{3268E737-6640-4336-A9D2-5AD2F42C78CA}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (acer)
FirewallRules: [{854DAB08-6F6E-44AE-9D3D-F4306A275F19}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (acer)
FirewallRules: [{C1789D86-EE16-41C1-8F6A-91366C2B6B7F}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (acer)
FirewallRules: [{62A2A385-69AF-4F0A-8811-89E09656DCA8}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (acer)
FirewallRules: [{2764D0BD-4CCF-4A81-8289-AD8FB4ADA4DC}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
FirewallRules: [{66211DC7-64AF-4637-9965-E71A9103EC55}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
FirewallRules: [{10A31E13-74F5-43AD-B5B6-24267B54B2A3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
FirewallRules: [{0A48A9CD-36F9-4DD9-B23A-FB394FF41FCD}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
FirewallRules: [{8EC55915-BED6-42BC-99DD-352915FE5128}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
FirewallRules: [{47EC79A5-0270-411A-A1CB-D1E920F434CB}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
FirewallRules: [{5A9823B6-7079-4461-94E9-E006EA655C38}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
FirewallRules: [{5874400D-1358-4FEE-91CA-233562810154}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
FirewallRules: [{07235409-303C-452C-BDDF-1F55F494814A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
FirewallRules: [{890A5B8E-F0AB-44A6-806C-487078DB5B13}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
FirewallRules: [{AED33B4F-C2B1-4451-BBDB-8EA472039736}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
FirewallRules: [{7A2B87BB-B1F2-4813-B67E-A9C3C0DE5A4E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
FirewallRules: [{655934EA-9463-42DB-98DB-B9C5EB348D32}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
FirewallRules: [{5CF5960D-B8F0-4C25-81FA-AD3C3916BCB9}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
FirewallRules: [{13D3CF31-77A6-4456-87A4-2CE5FC008200}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
FirewallRules: [{863D5CB5-0E10-4405-AFFF-C452A4E72298}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
FirewallRules: [{A906B312-CCBF-4E77-8577-706CE5860BE6}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{1A1B70D4-09B2-42FE-902F-CAF4D30D594B}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{FB7765F9-2A45-42D4-9C35-1AD50C66F1C7}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{46E93DB6-60D6-4FAD-AF6D-729D14E38E1D}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{9102403D-03D5-43EB-A50F-352B855798B2}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{C83483DE-7C58-4A0D-BA6E-DD863EF9ED38}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{D47464F5-1217-4CA8-9630-F51F51CC9DAE}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{748F3D12-B58A-46AA-A5C5-EF8F2EF51373}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{57F859AA-ECF8-4549-8458-4DDA4512C0AE}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{27E9DAA2-12D9-4607-9465-426EA9F6A310}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{04BE9A16-1CA5-4975-AC06-911B6FE2EBDD}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{EB9671DF-B372-4D96-A64C-2EC8974220EA}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{802C366C-86D2-46BD-B996-00780BC48F83}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{BD87900E-76AA-41D1-8D19-DD6678C80F65}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{9FC376C2-15D9-4E51-8BB9-CBB8774AB015}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{1C24ED3B-E2C5-4199-8A0E-5CCC10D7D39E}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{698CE724-6755-4C81-8486-16238FA2258D}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{9018091E-9AEF-4C3C-A218-E957C98D10D2}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{87C89094-294E-431D-A456-504544859586}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{EAB9225F-D78D-4735-BF68-FBFC6D042ACD}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{B59640B5-BADD-467C-967D-3D2357484F14}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{D12C00B8-AD97-439C-B022-F50F5CE322E5}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{15CD5942-6503-4406-AAD1-4C4150C74E72}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{255B70A2-2A37-4711-823C-DF1026245B86}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{A97C8676-4A45-4C25-9D31-D081D51E0C90}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{2C7A8150-B6B9-429C-9533-CE5A30D8D118}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{46741D73-0112-4348-9645-10FEFD4F55FA}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{E68D59E8-208F-4329-943A-140848F1E730}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{A914637C-D135-46C6-A68A-693CE504C74D}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{D44E58AB-AB6D-4D45-A045-317834E9BB09}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{E7518BBF-E1CE-4751-B5BA-F09E49774457}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{7595E50C-B1F4-44C6-98F8-A6EBC559F50A}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{8F3F1232-3A04-4FBB-B2FE-EBA1185CD121}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{268B819D-A2A0-4DD7-965C-3116B6165412}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{66D31253-A211-4DB6-AA45-41B0D1B38AF6}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{36221610-4696-436F-99AF-D85F2B1F717B}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{18DF0D93-BBD3-47E5-BE29-A600ED567421}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{B0529176-5AA2-48E7-A471-E8B757FCD8BC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{4AE55323-2A8E-4E2E-ADA2-908E41694050}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation)
FirewallRules: [{CC048247-4341-477A-8840-8383E9CA365D}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{5613135C-D695-4B94-A49F-79EFAA109F16}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{3C086F63-E1B4-4B40-9D2E-88699C96A70A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

==================== Restore Points =========================

20-09-2018 09:59:40 Naplánovaný kontrolní bod
30-01-2019 19:50:44 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/30/2019 11:21:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_Audiosrv, verze: 6.3.9600.16384, časové razítko: 0x5215dfe3
Název chybujícího modulu: ntdll.dll, verze: 6.3.9600.17031, časové razítko: 0x530895af
Kód výjimky: 0xc000000d
Posun chyby: 0x0000000000102c50
ID chybujícího procesu: 0xb4c
Čas spuštění chybující aplikace: 0x01d4b8e9d32d4c81
Cesta k chybující aplikaci: C:\Windows\system32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: 58c69755-24dd-11e9-8274-f8a963a40627
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/30/2019 11:10:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: IEXPLORE.EXE, verze: 11.0.9600.17037, časové razítko: 0x5312c30a
Název chybujícího modulu: MSHTML.dll, verze: 11.0.9600.17037, časové razítko: 0x5312faa5
Kód výjimky: 0xc0000409
Posun chyby: 0x006a6e2b
ID chybujícího procesu: 0x8a0
Čas spuštění chybující aplikace: 0x01d4b8e7f4fee546
Cesta k chybující aplikaci: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\MSHTML.dll
ID zprávy: c9bfc419-24db-11e9-8273-f8a963a40627
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/30/2019 11:09:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_Audiosrv, verze: 6.3.9600.16384, časové razítko: 0x5215dfe3
Název chybujícího modulu: ntdll.dll, verze: 6.3.9600.17031, časové razítko: 0x530895af
Kód výjimky: 0xc000000d
Posun chyby: 0x0000000000102c50
ID chybujícího procesu: 0x78
Čas spuštění chybující aplikace: 0x01d4b8e81e5fd20b
Cesta k chybující aplikaci: C:\Windows\system32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: a4c1dcdd-24db-11e9-8273-f8a963a40627
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/30/2019 11:06:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_Audiosrv, verze: 6.3.9600.16384, časové razítko: 0x5215dfe3
Název chybujícího modulu: ntdll.dll, verze: 6.3.9600.17031, časové razítko: 0x530895af
Kód výjimky: 0xc000000d
Posun chyby: 0x0000000000102c50
ID chybujícího procesu: 0xb5c
Čas spuštění chybující aplikace: 0x01d4b8e7f898fee5
Cesta k chybující aplikaci: C:\Windows\system32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: 5a83acbe-24db-11e9-8273-f8a963a40627
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/18/2018 07:50:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_Audiosrv, verze: 6.3.9600.16384, časové razítko: 0x5215dfe3
Název chybujícího modulu: ntdll.dll, verze: 6.3.9600.17031, časové razítko: 0x530895af
Kód výjimky: 0xc000000d
Posun chyby: 0x0000000000102c50
ID chybujícího procesu: 0x67c
Čas spuštění chybující aplikace: 0x01d4671356a47e20
Cesta k chybující aplikaci: C:\Windows\system32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: be9c2cca-d306-11e8-8270-18cf5e5df793
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/18/2018 03:47:09 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Problém zabránil odeslání dat programu Zlepšování softwaru a služeb na základě zkušeností uživatelů společnosti Microsoft, (chyba 80070005).

Error: (10/18/2018 06:20:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1032

Error: (10/18/2018 06:20:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1032


System errors:
=============
Error: (01/31/2019 05:16:11 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Centrum zabezpečení, ale tato akce selhala kvůli následující chybě:
Instance této služby je již spuštěna.

Error: (01/31/2019 05:14:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Centrum zabezpečení byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (01/31/2019 05:14:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Podpora rozhraní NetBIOS nad protokolem TCP/IP byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 100 milisekund: Restartovat službu.

Error: (01/31/2019 05:14:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Protokol událostí systému Windows byla neočekávaně ukončena. Tento stav nastal již 3krát.

Error: (01/31/2019 05:14:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Klient DHCP byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 300000 milisekund: Restartovat službu.

Error: (01/31/2019 05:14:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Zvuk systému Windows byla neočekávaně ukončena. Tento stav nastal již 3krát.

Error: (01/31/2019 05:12:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Podpora rozhraní NetBIOS nad protokolem TCP/IP byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 100 milisekund: Restartovat službu.

Error: (01/31/2019 05:12:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Protokol událostí systému Windows byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.


Windows Defender:
===================================
Date: 2018-10-15 19:33:42.074
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {A69741D1-F1E5-4055-9F41-DAFDF4FC9BDB}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-10-15 19:26:08.344
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {E72DBE59-504F-4900-B8E7-515841D72090}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-10-15 19:19:46.028
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {CB87D61B-BD76-4881-9C10-9956D828169C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-09-23 19:04:40.194
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {85515849-A02C-4C3B-99A6-FE2BEA303696}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-09-23 18:37:35.070
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {91D13EDE-3D46-4060-9CD6-B0CEAF58FC1C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2016-09-17 18:50:10.748
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 106.0.0.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Systém kontroly sítě
Typ aktualizace: Úplné
Uživatel: Acer\Aspire
Aktuální verze modulu:
Předchozí verze modulu: 2.1.9700.0
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2016-09-17 18:50:10.732
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.155.266.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: Acer\Aspire
Aktuální verze modulu:
Předchozí verze modulu: 1.1.9700.0
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2016-09-17 18:50:10.732
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.155.266.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: Acer\Aspire
Aktuální verze modulu:
Předchozí verze modulu: 1.1.9700.0
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2016-09-17 18:50:10.639
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.155.266.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.9700.0
Kód chyby: 0x8024402c
Popis chyby :Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2016-01-16 18:42:41.241
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.

CodeIntegrity:
===================================

Date: 2018-09-24 11:33:05.358
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-12-03 19:34:59.834
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-12-03 19:34:54.769
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-08-19 14:17:30.311
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-08-19 14:17:26.676
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-03-26 11:37:04.673
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-03-26 11:33:24.014
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-03-26 11:33:22.317
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Celeron(R) CPU N2830 @ 2.16GHz
Percentage of memory in use: 41%
Total physical RAM: 3979.2 MB
Available physical RAM: 2332.75 MB
Total Virtual: 4683.2 MB
Available Virtual: 3202.59 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:448.23 GB) (Free:383.33 GB) NTFS

\\?\Volume{259e6a77-7c87-4571-974a-e7fb6ab5b2b4}\ (Recovery) (Fixed) (Total:0.59 GB) (Free:0.3 GB) NTFS
\\?\Volume{43c7a754-4dc3-41a0-8f79-c89bc3e51fa7}\ (Push Button Reset) (Fixed) (Total:16.52 GB) (Free:2.21 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 33A1FD29)

Partition: GPT.

==================== End of Addition.txt ============================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30.01.2019
Ran by Aspire (administrator) on ACER (31-01-2019 17:16:36)
Running from C:\Users\Aspire\Desktop
Loaded Profiles: Aspire (Available Profiles: Aspire)
Platform: Windows 8.1 Connected (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Spotify Ltd) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17031_none_fa50b3979b1bcb4a\TiWorker.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\ielowutil.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-21] (Realtek Semiconductor)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1160408 2017-03-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-30] (AVAST Software)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-02-26] (Qualcomm®Atheros®)
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1168896 2014-06-24] (Spotify Ltd)
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\MountPoints2: {11655245-e665-11e7-826d-f8a963a40627} - "E:\autorun.exe"
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\MountPoints2: {11655257-e665-11e7-826d-f8a963a40627} - "E:\autorun.exe"
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\MountPoints2: {11655ae5-e665-11e7-826d-f8a963a40627} - "F:\autorun.exe"
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\MountPoints2: {11655aef-e665-11e7-826d-f8a963a40627} - "F:\autorun.exe"
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\MountPoints2: {d2454599-6bd1-11e8-826e-f8a963a40627} - "E:\autorun.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.81\Installer\chrmstp.exe [2019-01-30] (Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> c:\Program Files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll [2017-03-28] (Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-02-26] (Qualcomm®Atheros®)
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-02-26] (Qualcomm®Atheros®)
Startup: C:\Users\Aspire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2018-09-24]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{7F614279-92D1-4F8D-B3C2-211DDB11ACE6}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{ED7ADB51-15BE-4AAD-BC5D-0BF629C3CD5C}: [DhcpNameServer] 213.46.172.37 213.46.172.36

Internet Explorer:
==================
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKU\S-1-5-21-2649769328-1442576681-4040288438-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2649769328-1442576681-4040288438-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2649769328-1442576681-4040288438-1001 -> {F4BA8A93-AE01-453D-8A4E-B1FCFEAF52C2} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-01-30] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-01-30] (Google Inc.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2019-01-30] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-01-30] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2019-01-30] (Google Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll No File
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-30] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-30] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-30] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-30] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll No File

FireFox:
========
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-30] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-03-28] (Adobe Systems Inc.)

Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Profile: C:\Users\Aspire\AppData\Local\Google\Chrome\User Data\Default [2019-01-31]
CHR Extension: (Prezentace) - C:\Users\Aspire\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-01-30]
CHR Extension: (Dokumenty) - C:\Users\Aspire\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-01-30]
CHR Extension: (Disk Google) - C:\Users\Aspire\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-01-30]
CHR Extension: (YouTube) - C:\Users\Aspire\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-30]
CHR Extension: (Tabulky) - C:\Users\Aspire\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-01-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\Aspire\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-01-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Aspire\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-01-30]
CHR Extension: (Gmail) - C:\Users\Aspire\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-01-30]
CHR Extension: (Chrome Media Router) - C:\Users\Aspire\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-30]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7834368 2019-01-30] (AVAST Software)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-02-26] (Windows (R) Win 7 DDK provider) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357816 2019-01-30] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9619816 2019-01-04] (Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573544 2014-03-21] (Acer Incorporated)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-18] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [459496 2014-03-17] (Acer Incorporate)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [457960 2014-03-22] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-03-22] (Acer Incorporate)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [222952 2014-01-25] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37304 2019-01-30] (AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [203488 2019-01-30] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [223056 2019-01-30] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196264 2019-01-30] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320888 2019-01-30] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [58160 2019-01-30] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239808 2019-01-30] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46584 2019-01-30] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42488 2019-01-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [166792 2019-01-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111992 2019-01-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88144 2019-01-30] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1034056 2019-01-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [474648 2019-01-30] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [218056 2019-01-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380144 2019-01-30] (AVAST Software)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3888640 2014-02-14] (Qualcomm Atheros Communications, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-26] (Qualcomm Atheros)
S3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Intel Corporation)
R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [67584 2013-11-11] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [461528 2013-12-20] (Realsil Semiconductor Corporation)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-19] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-31 17:16 - 2019-01-31 17:17 - 000016973 _____ C:\Users\Aspire\Desktop\FRST.txt
2019-01-31 00:54 - 2019-01-31 00:56 - 000000000 ____D C:\AdwCleaner
2019-01-31 00:49 - 2019-01-31 00:49 - 007316688 _____ (Malwarebytes) C:\Users\Aspire\Desktop\adwcleaner_7.2.7.0.exe
2019-01-31 00:10 - 2015-07-30 15:04 - 000124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2019-01-31 00:10 - 2015-07-30 14:48 - 000103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2019-01-30 23:47 - 2015-10-13 16:59 - 000397224 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2019-01-30 23:47 - 2015-10-13 16:59 - 000340872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2019-01-30 23:47 - 2015-10-13 16:59 - 000137960 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-01-30 23:47 - 2015-10-13 16:59 - 000120376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-01-30 23:47 - 2015-10-13 16:59 - 000106952 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2019-01-30 23:47 - 2015-10-13 16:59 - 000091416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2019-01-30 23:47 - 2015-10-11 07:36 - 000561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2019-01-30 23:47 - 2015-10-11 07:36 - 000177496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-01-30 23:47 - 2015-10-10 19:40 - 000202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-01-30 23:47 - 2015-10-10 19:39 - 000401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-01-30 23:47 - 2015-10-10 19:07 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-01-30 23:47 - 2015-10-10 18:33 - 001441280 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-01-30 23:47 - 2015-10-10 18:27 - 000432640 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-01-30 23:47 - 2015-10-10 18:11 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-01-30 23:47 - 2015-10-10 17:45 - 000359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-01-30 23:47 - 2015-06-27 04:12 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-01-30 23:47 - 2015-03-09 03:02 - 000057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
2019-01-30 23:47 - 2014-10-29 03:51 - 000154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-01-30 23:47 - 2014-10-29 03:50 - 000736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-01-30 23:47 - 2014-10-29 03:06 - 000736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-01-30 23:47 - 2014-10-29 03:06 - 000154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-01-30 23:47 - 2014-10-29 02:57 - 000324608 _____ (Microsoft Corporation) C:\Windows\system32\BthHFSrv.dll
2019-01-30 23:46 - 2015-05-30 22:18 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2019-01-30 23:46 - 2015-05-30 20:36 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2019-01-30 23:46 - 2015-05-30 20:35 - 000911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-01-30 23:46 - 2014-12-08 20:42 - 000535640 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2019-01-30 23:46 - 2014-12-08 20:42 - 000531616 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2019-01-30 23:46 - 2014-12-08 20:42 - 000448792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2019-01-30 23:46 - 2014-12-08 20:42 - 000413248 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2019-01-30 23:46 - 2014-12-08 20:42 - 000372408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2019-01-30 23:46 - 2014-12-08 20:42 - 000108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2019-01-30 23:46 - 2014-12-08 20:42 - 000038264 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2019-01-30 23:46 - 2014-12-08 20:42 - 000033584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2019-01-30 23:46 - 2014-10-29 05:00 - 000465320 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2019-01-30 23:46 - 2014-10-29 05:00 - 000139984 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2019-01-30 23:46 - 2014-10-29 04:52 - 000500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-01-30 23:46 - 2014-10-29 04:52 - 000482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-01-30 23:46 - 2014-10-29 04:52 - 000394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2019-01-30 23:46 - 2014-10-29 04:52 - 000272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-01-30 23:46 - 2014-10-29 04:12 - 000413136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2019-01-30 23:46 - 2014-10-29 04:12 - 000136296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2019-01-30 23:46 - 2014-10-29 04:07 - 000424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-01-30 23:46 - 2014-10-29 04:07 - 000370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-01-30 23:46 - 2014-10-29 04:07 - 000344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2019-01-30 23:46 - 2014-10-29 02:59 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2019-01-30 23:45 - 2016-02-02 19:16 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys
2019-01-30 23:45 - 2015-12-02 16:04 - 000670208 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2019-01-30 23:45 - 2015-12-02 16:01 - 000561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2019-01-30 23:45 - 2015-11-05 09:59 - 000145408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2019-01-30 23:45 - 2015-09-29 13:24 - 000155480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2019-01-30 23:45 - 2015-05-07 17:47 - 000564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2019-01-30 23:45 - 2015-03-11 02:49 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2019-01-30 23:45 - 2015-03-11 02:09 - 000021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2019-01-30 23:45 - 2014-10-29 03:45 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2019-01-30 23:45 - 2014-10-29 03:42 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2019-01-30 23:45 - 2014-10-29 03:00 - 000642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2019-01-30 23:45 - 2014-10-29 03:00 - 000005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2019-01-30 23:45 - 2014-10-29 02:58 - 000014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2019-01-30 23:44 - 2014-12-09 02:50 - 000225280 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2019-01-30 23:44 - 2014-06-16 23:26 - 000779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2019-01-30 23:44 - 2014-06-16 23:24 - 000834048 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2019-01-30 23:44 - 2014-06-06 15:20 - 004190720 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-01-30 23:33 - 2016-02-06 19:08 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2019-01-30 23:33 - 2014-04-08 23:46 - 000086688 _____ (Microsoft Corporation) C:\Windows\system32\mrt_map.dll
2019-01-30 23:33 - 2014-04-08 23:46 - 000028320 _____ (Microsoft Corporation) C:\Windows\system32\mrt100.dll
2019-01-30 23:33 - 2014-04-08 19:54 - 000080032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt_map.dll
2019-01-30 23:33 - 2014-04-08 19:54 - 000026784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt100.dll
2019-01-30 23:32 - 2016-01-31 18:17 - 000779264 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeui.exe
2019-01-30 22:36 - 2019-01-31 17:16 - 000000000 ____D C:\FRST
2019-01-30 22:33 - 2019-01-30 22:35 - 002428928 _____ (Farbar) C:\Users\Aspire\Desktop\FRST64.exe
2019-01-30 21:47 - 2019-01-30 21:47 - 000002506 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-01-30 21:47 - 2019-01-30 21:47 - 000002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-01-30 21:47 - 2019-01-30 21:47 - 000002477 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-01-30 21:47 - 2019-01-30 21:47 - 000002472 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-01-30 21:47 - 2019-01-30 21:47 - 000002433 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-01-30 21:47 - 2019-01-30 21:47 - 000002398 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-01-30 21:47 - 2019-01-30 21:47 - 000002394 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-01-30 21:47 - 2019-01-30 21:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2019-01-30 21:09 - 2019-01-30 21:10 - 000000000 ____D C:\ProgramData\Google
2019-01-30 21:09 - 2019-01-30 21:09 - 000000000 ____D C:\Program Files\Google
2019-01-30 21:08 - 2019-01-30 21:10 - 000000000 ____D C:\Users\Aspire\AppData\Local\Google
2019-01-30 21:07 - 2019-01-30 21:07 - 000002324 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-01-30 21:07 - 2019-01-30 21:07 - 000002283 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-01-30 21:02 - 2019-01-30 21:25 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-01-30 21:02 - 2019-01-30 21:25 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-01-30 21:01 - 2019-01-30 21:09 - 000000000 ____D C:\Program Files (x86)\Google
2019-01-30 20:59 - 2019-01-30 20:59 - 000000000 ____D C:\Users\Aspire\AppData\Roaming\AVAST Software
2019-01-30 20:59 - 2019-01-30 20:59 - 000000000 ____D C:\Users\Aspire\AppData\Local\CEF
2019-01-30 20:58 - 2019-01-30 20:58 - 000002099 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-01-30 20:58 - 2019-01-30 20:58 - 000000000 ____D C:\Users\Aspire\AppData\Local\AVAST Software
2019-01-30 20:58 - 2019-01-30 20:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2019-01-30 20:52 - 2019-01-30 20:52 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2019-01-30 20:51 - 2019-01-31 17:05 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-01-30 20:49 - 2019-01-30 20:51 - 000223056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-01-30 20:49 - 2019-01-30 20:51 - 000166792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-01-30 20:49 - 2019-01-30 20:47 - 000474648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-01-30 20:49 - 2019-01-30 20:47 - 000380144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-01-30 20:49 - 2019-01-30 20:47 - 000239808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-01-30 20:49 - 2019-01-30 20:47 - 000218056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-01-30 20:49 - 2019-01-30 20:47 - 000203488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-01-30 20:49 - 2019-01-30 20:47 - 000111992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-01-30 20:49 - 2019-01-30 20:47 - 000088144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-01-30 20:49 - 2019-01-30 20:47 - 000046584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2019-01-30 20:49 - 2019-01-30 20:47 - 000042488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-01-30 20:49 - 2019-01-30 20:46 - 001034056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-01-30 20:49 - 2019-01-30 20:46 - 000320888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblog.sys
2019-01-30 20:49 - 2019-01-30 20:46 - 000196264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-01-30 20:49 - 2019-01-30 20:46 - 000058160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-01-30 20:49 - 2019-01-30 20:46 - 000037304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-01-30 20:48 - 2019-01-30 20:48 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-01-30 20:48 - 2019-01-30 20:47 - 000361352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-01-30 20:44 - 2019-01-30 20:48 - 000000000 ____D C:\ProgramData\AVAST Software
2019-01-30 20:44 - 2019-01-30 20:44 - 000000000 ____D C:\Program Files\AVAST Software
2019-01-30 20:43 - 2019-01-30 20:43 - 007450264 _____ (AVAST Software) C:\Users\Aspire\Downloads\avast_free_antivirus_setup_online_l3a.exe

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-31 17:16 - 2015-12-12 02:05 - 000003958 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{5ADC40AB-14AB-4317-9B8F-3D1A756ABBD7}
2019-01-31 17:15 - 2015-12-03 18:01 - 000003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2649769328-1442576681-4040288438-1001
2019-01-31 17:15 - 2013-08-22 16:20 - 000000000 ____D C:\Windows\CbsTemp
2019-01-31 17:11 - 2016-09-19 15:06 - 000000000 __RDO C:\Users\Aspire\OneDrive
2019-01-31 17:10 - 2013-08-22 15:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-01-31 00:52 - 2014-04-21 11:09 - 000000000 ____D C:\ProgramData\McAfee
2019-01-31 00:38 - 2015-12-03 17:54 - 000000000 ____D C:\Users\Aspire\AppData\Local\SweetLabs App Platform
2019-01-31 00:25 - 2013-08-22 15:44 - 000484904 _____ C:\Windows\system32\FNTCACHE.DAT
2019-01-31 00:25 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\Inf
2019-01-30 23:16 - 2013-08-22 14:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2019-01-30 23:13 - 2014-06-24 23:04 - 000739924 _____ C:\Windows\system32\perfh005.dat
2019-01-30 23:13 - 2014-06-24 23:04 - 000151610 _____ C:\Windows\system32\perfc005.dat
2019-01-30 23:13 - 2014-03-18 10:47 - 001745984 _____ C:\Windows\system32\PerfStringBackup.INI
2019-01-30 23:11 - 2014-04-21 11:06 - 000002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2019-01-30 23:10 - 2016-02-17 18:34 - 000000000 ____D C:\Users\Aspire\AppData\Local\CrashDumps
2019-01-30 23:01 - 2017-11-14 15:40 - 000003166 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2649769328-1442576681-4040288438-1001
2019-01-30 23:01 - 2017-11-13 18:07 - 000002333 _____ C:\Users\Aspire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive pro firmy.lnk
2019-01-30 23:00 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\system32\NDF
2019-01-30 21:50 - 2013-08-22 16:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-01-30 21:45 - 2014-06-24 23:17 - 000000000 ____D C:\Program Files (x86)\Microsoft Office

Some files in TEMP:
====================
2015-12-31 13:59 - 2015-12-31 13:59 - 000467968 _____ (Realtek Semiconductor Corp.) C:\Users\Aspire\AppData\Local\Temp\COMAP.EXE
2017-08-19 13:13 - 2017-08-19 13:14 - 063610200 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\oct14C.tmp.exe
2017-05-19 18:35 - 2017-05-22 14:08 - 064118864 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\oct1D38.tmp.exe
2015-12-03 17:59 - 2015-12-03 17:59 - 000002399 _____ () C:\Users\Aspire\AppData\Local\Temp\oct267E.tmp.exe
2016-07-25 08:15 - 2016-07-25 08:15 - 063953600 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\oct2F90.tmp.exe
2016-07-30 18:26 - 2016-07-30 18:26 - 063953128 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\oct3BB7.tmp.exe
2015-12-15 01:02 - 2015-12-15 01:02 - 063066872 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\oct52CC.tmp.exe
2018-01-22 14:41 - 2018-01-22 14:42 - 041424392 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\oct59ED.tmp.exe
2016-02-17 09:38 - 2016-02-17 09:39 - 063078856 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\oct6129.tmp.exe
2017-08-11 16:53 - 2017-08-11 16:57 - 063610592 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\oct6A8D.tmp.exe
2016-11-17 13:02 - 2016-11-17 13:06 - 064111920 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\oct7B2D.tmp.exe
2016-09-20 18:52 - 2016-09-20 18:53 - 064108904 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\oct8785.tmp.exe
2019-01-30 20:37 - 2019-01-30 20:38 - 044622200 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\octA35.tmp.exe
2017-12-07 19:11 - 2017-12-08 18:36 - 041373360 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\octA943.tmp.exe
2016-04-16 07:14 - 2016-04-16 07:15 - 063707840 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\octA9F8.tmp.exe
2018-03-17 13:11 - 2018-03-17 13:12 - 041561472 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\octAD0C.tmp.exe
2017-12-16 09:29 - 2017-12-16 09:29 - 041440856 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\octBC22.tmp.exe
2016-03-12 13:44 - 2016-03-12 13:45 - 063142648 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\octC8D8.tmp.exe
2015-12-12 03:46 - 2015-12-12 03:47 - 062903592 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\octD51A.tmp.exe
2017-10-07 12:49 - 2017-10-07 12:50 - 041565936 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\octEDD.tmp.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-01-30 23:28

==================== End of FRST.txt ============================

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu logu

#6 Příspěvek od Conder »

:arrow: Este pred nasledujucim krokom odporucam odinstalovat aj "Google Toolbar for Internet Explorer", ak ho nepouzivas/nepotrebujes (zbytocny toolbar, zrejme tiez nainstalovany neumyselne).

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
    File: C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
    File: C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
    File: C:\Windows\System32\HPZinw12.dll
    File: C:\Windows\System32\HPZipm12.dll
    ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{18455581-E099-4BA8-BC6B-F34B2F06600C}
    ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11d4-9B18-009027A5CD4F}
    
    HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\MountPoints2: {11655245-e665-11e7-826d-f8a963a40627} - "E:\autorun.exe" 
    HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\MountPoints2: {11655257-e665-11e7-826d-f8a963a40627} - "E:\autorun.exe" 
    HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\MountPoints2: {11655ae5-e665-11e7-826d-f8a963a40627} - "F:\autorun.exe" 
    HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\MountPoints2: {11655aef-e665-11e7-826d-f8a963a40627} - "F:\autorun.exe" 
    HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\MountPoints2: {d2454599-6bd1-11e8-826e-f8a963a40627} - "E:\autorun.exe" 
    HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
    HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
    SearchScopes: HKU\S-1-5-21-2649769328-1442576681-4040288438-1001 -> {F4BA8A93-AE01-453D-8A4E-B1FCFEAF52C2} URL = 
    BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-01-30] (Google Inc.)
    BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2019-01-30] (Google Inc.)
    Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-01-30] (Google Inc.)
    Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2019-01-30] (Google Inc.)
    Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll No File
    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll No File
    FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [No File]
    2019-01-31 00:52 - 2014-04-21 11:09 - 000000000 ____D C:\ProgramData\McAfee
    CustomCLSID: HKU\S-1-5-21-2649769328-1442576681-4040288438-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Aspire\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileCoAuthLib64.dll => No File
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
    C:\Program Files\Common Files\mcafee
    FirewallRules: [{DE009EB0-F7C2-4C4C-B04F-F38E497FD23F}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe No File
    FirewallRules: [{AC236072-FE1C-4CCF-95A2-F784C5EB3DF9}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe No File
    C:\Users\Aspire\AppData\Local\SweetLabs App Platform
    c:\PROGRA~1\mcafee
    c:\PROGRA~2\mcafee
    c:\PROGRA~3\mcafee
    
    Hosts:
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Storkan
Návštěvník
Návštěvník
Příspěvky: 36
Registrován: 27 pro 2018 23:55

Re: Prosím o kontrolu logu

#7 Příspěvek od Storkan »

Fix result of Farbar Recovery Scan Tool (x64) Version: 30.01.2019
Ran by Aspire (01-02-2019 10:14:46) Run:1
Running from C:\Users\Aspire\Desktop
Loaded Profiles: Aspire (Available Profiles: Aspire)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
File: C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
File: C:\Windows\System32\HPZinw12.dll
File: C:\Windows\System32\HPZipm12.dll
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{18455581-E099-4BA8-BC6B-F34B2F06600C}
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11d4-9B18-009027A5CD4F}

HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\MountPoints2: {11655245-e665-11e7-826d-f8a963a40627} - "E:\autorun.exe"
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\MountPoints2: {11655257-e665-11e7-826d-f8a963a40627} - "E:\autorun.exe"
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\MountPoints2: {11655ae5-e665-11e7-826d-f8a963a40627} - "F:\autorun.exe"
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\MountPoints2: {11655aef-e665-11e7-826d-f8a963a40627} - "F:\autorun.exe"
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\MountPoints2: {d2454599-6bd1-11e8-826e-f8a963a40627} - "E:\autorun.exe"
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKU\S-1-5-21-2649769328-1442576681-4040288438-1001 -> {F4BA8A93-AE01-453D-8A4E-B1FCFEAF52C2} URL =
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-01-30] (Google Inc.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2019-01-30] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-01-30] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2019-01-30] (Google Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll No File
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [No File]
2019-01-31 00:52 - 2014-04-21 11:09 - 000000000 ____D C:\ProgramData\McAfee
CustomCLSID: HKU\S-1-5-21-2649769328-1442576681-4040288438-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Aspire\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileCoAuthLib64.dll => No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
C:\Program Files\Common Files\mcafee
FirewallRules: [{DE009EB0-F7C2-4C4C-B04F-F38E497FD23F}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{AC236072-FE1C-4CCF-95A2-F784C5EB3DF9}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe No File
C:\Users\Aspire\AppData\Local\SweetLabs App Platform
c:\PROGRA~1\mcafee
c:\PROGRA~2\mcafee
c:\PROGRA~3\mcafee

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 14
Average :
Sum : 752156437
Maximum :
Minimum :
Property : Length




========= End of Powershell: =========


========================= File: C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe ========================

C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
File not signed
MD5: BBF78A7D6F9BFF37927303ED2539FAB7
Creation and modification date: 2014-02-26 06:17 - 2014-02-26 06:17
Size: 000319104
Attributes: ----A
Company Name: Windows (R) Win 7 DDK provider
Internal Name: SETUPAPI.DLL
Original Name: SETUPAPI.DLL
Product: Windows (R) Win 7 DDK driver
Description: Windows Setup API
File Version: 6.2.9200.16384
Product Version: 6.2.9200.16384
Copyright: © Microsoft Corporation. All rights reserved.
VirusTotal: https://www.virustotal.com/file/b37b291 ... 545032211/

====== End of File: ======


========================= File: C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe ========================

C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
File not signed
MD5: 768DD5CB66952BC4A3BD474757AEE34F
Creation and modification date: 2013-07-02 04:08 - 2013-07-02 04:08
Size: 000733696
Attributes: ----A
Company Name: Intel(R) Corporation
Internal Name: HeciServer
Original Name: HeciServer.exe
Product: Intel(R) Capability Licensing Service Interface
Description: Intel(R) Capability Licensing Service Interface
File Version: 1.28.506.1 sys_sysscbld
Product Version: 1,28,506,1
Copyright: (C) Copyright Intel(R) Corporation
VirusTotal: https://www.virustotal.com/file/5a1f91f ... 548452971/

====== End of File: ======


========================= File: C:\Windows\System32\HPZinw12.dll ========================

C:\Windows\System32\HPZinw12.dll
File not signed
MD5: D4F51E88C71BF8F06EA1BE320B0BB75B
Creation and modification date: 2010-01-18 12:29 - 2010-01-18 12:29
Size: 000071680
Attributes: ----A
Company Name: Hewlett-Packard
Internal Name: Dot4Net
Original Name: Dot4Net.DLL
Product: Bidi User Mode
Description: Dot4Net Module
File Version: 12,2,5,51
Product Version: 12,2,5,51
Copyright: Copyright © 2006, 2007 Hewlett-Packard
VirusTotal: https://www.virustotal.com/file/abda528 ... 545985891/

====== End of File: ======


========================= File: C:\Windows\System32\HPZipm12.dll ========================

C:\Windows\System32\HPZipm12.dll
File not signed
MD5: 9A80707D8B6C1806531BFD7399B3CC76
Creation and modification date: 2010-01-18 12:29 - 2010-01-18 12:29
Size: 000089600
Attributes: ----A
Company Name: Hewlett-Packard
Internal Name: PmlDrv
Original Name: PmlDrv.DLL
Product: Bidi User Mode
Description: PmlDrv Module
File Version: 12,2,5,51
Product Version: 12,2,5,51
Copyright: Copyright © 2006, 2007 Hewlett-Packard
VirusTotal: https://www.virustotal.com/file/c9996a2 ... 539270422/

====== End of File: ======

================== ExportKey: ===================

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{18455581-E099-4BA8-BC6B-F34B2F06600C}]
"AuthorizedCDFPrefix"=""
"Comments"=""
"Contact"=""
"DisplayVersion"="1.0.0"
"HelpLink"=""
"HelpTelephone"=""
"InstallDate"="20190130"
"InstallLocation"="C:\Program Files (x86)\Google\Installers\"
"InstallSource"="C:\Program Files (x86)\Google\Google Toolbar\"
"ModifyPath"="MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}"
"Publisher"="Google Inc."
"Readme"=""
"Size"=""
"EstimatedSize"="45"
"SystemComponent"="1"
"UninstallString"="MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}"
"URLInfoAbout"=""
"URLUpdateInfo"=""
"VersionMajor"="1"
"VersionMinor"="0"
"WindowsInstaller"="1"
"Version"="16777216"
"Language"="1033"
"DisplayName"="Google Toolbar for Internet Explorer"

=== End of ExportKey ===
================== ExportKey: ===================

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11d4-9B18-009027A5CD4F}]
"DisplayName"="Google Toolbar for Internet Explorer"
"UninstallString"=""C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_8B0481A9A34D47CD.exe" /uninstall"
"NoModify"="1"
"NoRepair"="1"
"Publisher"="Google Inc."
"DisplayIcon"="C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_8B0481A9A34D47CD.exe"
"InstallLocation"="C:\Program Files (x86)\Google\Google Toolbar\"
"MajorVersion"="7"
"MinorVersion"="5"
"DisplayVersion"="7.5.8231.2252"

=== End of ExportKey ===
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{11655245-e665-11e7-826d-f8a963a40627} => removed successfully
HKLM\Software\Classes\CLSID\{11655245-e665-11e7-826d-f8a963a40627} => not found
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{11655257-e665-11e7-826d-f8a963a40627} => removed successfully
HKLM\Software\Classes\CLSID\{11655257-e665-11e7-826d-f8a963a40627} => not found
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{11655ae5-e665-11e7-826d-f8a963a40627} => removed successfully
HKLM\Software\Classes\CLSID\{11655ae5-e665-11e7-826d-f8a963a40627} => not found
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{11655aef-e665-11e7-826d-f8a963a40627} => removed successfully
HKLM\Software\Classes\CLSID\{11655aef-e665-11e7-826d-f8a963a40627} => not found
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d2454599-6bd1-11e8-826e-f8a963a40627} => removed successfully
HKLM\Software\Classes\CLSID\{d2454599-6bd1-11e8-826e-f8a963a40627} => not found
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F4BA8A93-AE01-453D-8A4E-B1FCFEAF52C2} => removed successfully
HKLM\Software\Classes\CLSID\{F4BA8A93-AE01-453D-8A4E-B1FCFEAF52C2} => not found
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => removed successfully
HKLM\Software\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => removed successfully
HKLM\Software\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => removed successfully
HKLM\Software\Classes\PROTOCOLS\Handler\dssrequest => removed successfully
HKLM\Software\Classes\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5} => removed successfully
HKLM\Software\Classes\PROTOCOLS\Handler\sacore => removed successfully
HKLM\Software\Classes\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5} => not found
HKLM\Software\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0 => removed successfully
C:\ProgramData\McAfee => moved successfully
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5} => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => removed successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => removed successfully
C:\Program Files\Common Files\mcafee => moved successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DE009EB0-F7C2-4C4C-B04F-F38E497FD23F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AC236072-FE1C-4CCF-95A2-F784C5EB3DF9}" => removed successfully
C:\Users\Aspire\AppData\Local\SweetLabs App Platform => moved successfully
"c:\PROGRA~1\mcafee" => not found
"c:\PROGRA~2\mcafee" => not found
"c:\PROGRA~3\mcafee" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 96269802 B
Java, Flash, Steam htmlcache => 21274 B
Windows/system/drivers => 317028066 B
Edge => 0 B
Chrome => 36270499 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 10608 B
NetworkService => 1710348 B
Aspire => 5140987349 B

RecycleBin => 77918 B
EmptyTemp: => 5.2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 10:24:09 ====

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu logu

#8 Příspěvek od Conder »

:arrow: Nastala nejaka zmena alebo su este s PC nejake problemy?

:arrow: Plocha ma cca 700 MB, co sice nie je az tak vela, ale aj tak preventivne odporucam presunut vsetky subory a zlozky z plochy do dokumentov a na ploche nechat iba odkazy/zastupcov. Prilis velka velkost plochy moze sposobit spomalenie systemu.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Storkan
Návštěvník
Návštěvník
Příspěvky: 36
Registrován: 27 pro 2018 23:55

Re: Prosím o kontrolu logu

#9 Příspěvek od Storkan »

NTB se znatelně zrychlil ale pořád nejdou zapnout některé služby (ovládání hlasitosti, síťové komponenty, aktualizace atd...)

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu logu

#10 Příspěvek od Conder »

:arrow: Spusti kontrolu integrity systemovych suborov:
  • Otvor Start, napis "cmd" (bez uvodzoviek), klikni pravym tlacitkom mysi na Prikazovy riadok a klikni na Spustit ako spravca
  • Skopiruj a spusti prikaz:

    Kód: Vybrat vše

    DISM.exe /Online /Cleanup-image /Restorehealth
  • Po dokonceni skopiruj a spusti druhy prikaz:

    Kód: Vybrat vše

    sfc /scannow
  • Po dokonceni obidvoch prikazov skopiruj a spusti tento prikaz:

    Kód: Vybrat vše

    findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >> "%userprofile%\desktop\sfcdetails.txt" && copy %windir%\logs\dism\dism.log %userprofile%\desktop\dism.txt
  • Na ploche sa vytvoria subory sfcdetails.txt a dism.txt, tieto subory zabal ho do archivu RAR alebo ZIP a posli ako prilohu k dalsiemu prispevku
  • Restartuj PC a napis ako sa chova PC
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Storkan
Návštěvník
Návštěvník
Příspěvky: 36
Registrován: 27 pro 2018 23:55

Re: Prosím o kontrolu logu

#11 Příspěvek od Storkan »

Aktualizace zatím vypadají, že běží, ale služby ještě ne. Navíc sfc nechodí
Přílohy
dism.zip
(288.18 KiB) Staženo 34 x

Storkan
Návštěvník
Návštěvník
Příspěvky: 36
Registrován: 27 pro 2018 23:55

Re: Prosím o kontrolu logu

#12 Příspěvek od Storkan »

sfc běží chtělo to restart
Přílohy
sfcdetails.zip
(4.16 KiB) Staženo 37 x

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu logu

#13 Příspěvek od Conder »

:arrow: Pardon za zdrzanie.

:arrow: Spusti este raz obidva prikazy a posli logy.

:arrow: Ako to vyzera s PC?
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Storkan
Návštěvník
Návštěvník
Příspěvky: 36
Registrován: 27 pro 2018 23:55

Re: Prosím o kontrolu logu

#14 Příspěvek od Storkan »

Omlouvat se netřeba :-) Jsem rád že mi někdo pomůže a stejně jsem teď neměl čas. PC vypadá, že je v cajku přeinstaloval jsem ovladače, které byly na službě závislé (zvuk, wifi, net atd.) a vypadá, že vše běhá jak má. Logy zašlu jen co se dokončí.

Storkan
Návštěvník
Návštěvník
Příspěvky: 36
Registrován: 27 pro 2018 23:55

Re: Prosím o kontrolu logu

#15 Příspěvek od Storkan »

Zasílám slíbený log
Přílohy
dism.zip
(294.57 KiB) Staženo 46 x

Odpovědět