VIRY.CZ

Dobrý den

Chtěl bych Vás požádat o kontrolu logu. Není to můj NTB, ale známého tak nevím co s tím dělal. Každopádně Služby vytěžují CPU a disk na 100% a nejdou aktualizace systému, stále se odpojuje od sítě atd. Předem děkuji za ochotu

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30.01.2019
Ran by Aspire (30-01-2019 22:41:13)
Running from C:\Users\Aspire\Downloads
Windows 8.1 Connected (X64) (2015-12-03 16:53:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2649769328-1442576681-4040288438-500 - Administrator - Disabled)
Aspire (S-1-5-21-2649769328-1442576681-4040288438-1001 - Administrator - Enabled) => C:\Users\Aspire
Guest (S-1-5-21-2649769328-1442576681-4040288438-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{C788B026-20BD-4E96-B698-533F1D6C5013}) (Version: 7.2.4 - Hewlett-Packard) Hidden
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.10.2002 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2001 - Acer Incorporated)
abMusic (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 3.01.2003.6 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 4.00.2001.1 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8105 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.12.2006 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8104 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3012 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8106 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.02.2003 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.01.3003 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.01.3003 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2001.4 - Acer Incorporated)
Adobe Reader XI (11.0.04) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.04 - Adobe Systems Incorporated)
Aloha TriPeaks (HKLM-x32\...\WTA-ab56ec5b-6fa4-4dfb-bd78-ceeace722f58) (Version: 2.2.0.98 - WildTangent) Hidden
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.25.2001.0 - Acer Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.1.2360 - AVAST Software)
Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
Cradle Of Egypt Collector's Edition (HKLM-x32\...\WTA-c69db588-ef65-4379-86e4-188dd0df1c9d) (Version: 2.2.0.110 - WildTangent) Hidden
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.3721 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3914.57 - CyberLink Corp.)
FOTOLAB CEWE fotosvet (HKLM-x32\...\FOTOLAB CEWE fotosvet) (Version: 6.1.5 - CEWE Stiftung u Co. KGaA)
Game Channels (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 9.2.0.11 - WildTangent, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.81 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (HKLM-x32\...\WTA-42b228cc-bd7b-4186-a616-f63c62029ec8) (Version: 2.2.0.110 - WildTangent) Hidden
Host App Service (HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\SweetLabs_AP) (Version: 0.269.8.718 - Pokki) <==== ATTENTION
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8101 - Acer Incorporated)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated)
Luxor Evolved (HKLM-x32\...\WTA-64989219-8e08-458e-a1ec-b6526f1cae0d) (Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (HKLM-x32\...\WTA-225c38ea-1b45-4706-a184-d47b2af73567) (Version: 2.2.0.98 - WildTangent) Hidden
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.7.208 - McAfee, Inc.)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.11126.20266 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\OneDriveSetup.exe) (Version: 18.151.0729.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11126.20266 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11126.20266 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11126.20266 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.11126.20266 - Microsoft Corporation) Hidden
Peggle Nights (HKLM-x32\...\WTA-2986e38a-969a-4097-a644-39cc63a74389) (Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-44a97d0b-062e-4cc5-b3f9-6aca6fe37e30) (Version: 2.2.0.98 - WildTangent) Hidden
Pokki Start Menu (HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\SweetLabs_Start_Menu) (Version: 0.269.8.718 - Pokki)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.29 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21245 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7209 - Realtek Semiconductor Corp.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
The Chronicles of Emerland Solitaire (HKLM-x32\...\WTA-e97af41c-4dff-483b-9b8e-233af0e814c0) (Version: 3.0.2.32 - WildTangent) Hidden
Trinklit Supreme (HKLM-x32\...\WTA-1cd45dff-6ea5-42d7-8045-a335bae852a6) (Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer) (Version: 4.1.1.30 - WildTangent) Hidden
WildTangent ShortcutProvider (HKLM-x32\...\{80831F60-19D7-43B3-A60C-5CAF8C478DF6}) (Version: 4.5.0.160 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2649769328-1442576681-4040288438-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Aspire\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileCoAuthLib64.dll => No File
CustomCLSID: HKU\S-1-5-21-2649769328-1442576681-4040288438-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-30] (AVAST Software)
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvAppExt.dll [2014-02-26] (Qualcomm®Atheros®)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-30] (AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-30] (AVAST Software)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ShellContextExt.dll [2014-02-26] (Qualcomm®Atheros®)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2014-03-07] (Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\Windows\system32\igfxOSP.dll [2014-03-07] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-30] (AVAST Software)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0E3D8C1F-20BC-4577-84C3-2B3E0148A5C1} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-03-17] (Acer Incorporate)
Task: {165B1243-58EC-45DD-9CC8-8AD8D854B785} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-03-21] (Acer Incorporated)
Task: {1E6382CF-D98B-4776-BE28-63D33F295BCC} - System32\Tasks\SweetLabs App Platform => C:\Users\Aspire\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe [2018-12-20] (Pokki)
Task: {247D4397-C93D-4EAD-8E50-03A8007C3044} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2019-01-02] (Microsoft Corporation)
Task: {566C560F-B1AA-4414-98A8-F044168EC987} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-03-22] (Acer Incorporate)
Task: {5B03D0FD-3F27-4E32-B560-E9B9717F9A2E} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-03-22] (Acer Incorporate)
Task: {6316AE17-1805-42EA-9A43-3FD5E42FE9D3} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2019-01-30] (Microsoft Corporation)
Task: {67A70410-051F-4079-89CD-7BBF63037EC6} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-03-19] (Acer Incorporated)
Task: {6CD970C7-7986-4651-85F0-F4113A2383C4} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-07-08] ()
Task: {75D5F4A7-F055-4633-BE9A-EE0D94D658D7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-01-30] (Google Inc.)
Task: {7DF07CC3-AD1F-4DDF-B004-DF37887F66FB} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-01-25] (TODO: <Company name>)
Task: {8557A9C5-037C-42AF-AED4-7B68546E667A} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2017-09-26] (Acer Incorporated)
Task: {90656965-7EB1-41B3-A764-A1D118438BFF} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2019-01-30] (Microsoft Corporation)
Task: {967374E2-40BA-48EB-80CC-B7080BE82C31} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2019-01-30] (AVAST Software)
Task: {99DD3051-4CD8-464B-94E5-602DA19F9FA9} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2019-01-30] (Microsoft Corporation)
Task: {A86A3A4E-49FC-45D3-A4A4-57C9D66CAE8D} - System32\Tasks\abDocsDllLoader => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [2017-09-28] ()
Task: {BE66E331-DB0F-4F10-B557-A4BCE9A8A010} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2019-01-30] (Microsoft Corporation)
Task: {C8D1584C-7261-4068-869E-1CA6AC5BF2AB} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {CC94D9A2-4750-44D7-9ADF-4E0846477447} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2019-01-02] (Microsoft Corporation)
Task: {F9479D42-2A76-476C-9917-91D3FC2F2141} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-01-30] (Google Inc.)
Task: {FC6A410C-BFFB-464C-9636-17639FF5EB06} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2019-01-30] (Microsoft Corporation)
Task: {FE681400-330C-4E5C-B916-1D31B03D5118} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2019-01-30] (AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\Public\Desktop\Booking.com.lnk -> C:\Program Files\Booking.COM\StartURL.exe () -> hxxp://www.booking.com/index.html?aid=379334

==================== Loaded Modules (Whitelisted) ==============

2011-08-05 07:56 - 2011-08-05 07:56 - 000034304 _____ () C:\Windows\System32\sxr3xlm.dll
2014-06-24 23:13 - 2012-04-24 11:43 - 000254512 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2014-04-21 11:37 - 2014-03-07 17:21 - 000080312 _____ () C:\Windows\system32\igfxexps.dll
2014-02-26 06:14 - 2014-02-26 06:14 - 000011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-02-26 06:11 - 2014-02-26 06:11 - 000086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2014-02-26 06:17 - 2014-02-26 06:17 - 000012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2014-06-24 22:45 - 2013-10-01 10:09 - 000078880 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2019-01-30 20:57 - 2019-01-30 20:57 - 093695912 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2019-01-30 20:47 - 2019-01-30 20:47 - 000667016 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-07-15 18:50 - 2018-07-15 18:50 - 000183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\ErrorReporting.dll
2017-11-14 16:06 - 2017-11-14 16:06 - 000015136 _____ () C:\Windows\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2017-09-26 12:35 - 2017-09-26 12:35 - 000013088 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2017-09-26 12:34 - 2017-09-26 12:34 - 000277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Acer\Remote Files\
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\acer01.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{DE009EB0-F7C2-4C4C-B04F-F38E497FD23F}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{AC236072-FE1C-4CCF-95A2-F784C5EB3DF9}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{FC94B1E3-F4FA-477E-8BFF-8573F6A33E76}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp.)
FirewallRules: [{B80E5E2D-FB73-461C-B382-6483A8C39D99}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe (Spotify Ltd)
FirewallRules: [{B6CBC285-8BD2-4CDE-9C66-C743CD7241BA}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe (Spotify Ltd)
FirewallRules: [{B1FA4FBB-9410-47B3-AC8E-E7049FD8B5AE}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
FirewallRules: [{E1E72048-54DD-4259-AB55-AF8A4B011020}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
FirewallRules: [{E6A65797-BD19-4C1B-83EA-D8750C887EC8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe (CyberLink Corp.)
FirewallRules: [{DD220CF1-61F2-4E75-81B8-8BC965037195}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe No File
FirewallRules: [{0F6EF111-B06C-4596-B33E-571C3F3F3C81}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe No File
FirewallRules: [{980362F8-D8CE-4454-A42F-8008C3457AC9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe No File
FirewallRules: [{2D3A9B46-5FD9-45CD-A634-43B79B849550}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe (CyberLink Corp.)
FirewallRules: [{16EAE2FD-227D-4270-A1A3-729E043174CC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe (CyberLink Corp.)
FirewallRules: [{71D2231C-9AA8-4646-97CE-4EBD9999115A}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe No File
FirewallRules: [{967D939E-1305-4412-B466-CDB1871C210A}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe No File
FirewallRules: [{3B78E2AE-8D7C-4F8F-B7A6-B3F6BBC24BA8}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe No File
FirewallRules: [{07565A5C-739F-417E-B7FB-906F683C0404}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe No File
FirewallRules: [{F616D4AA-8DB3-4DD9-BA77-0FDEEA0F34D7}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe No File
FirewallRules: [{027100CC-40C8-4581-BBD7-8B483237D8E6}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe No File
FirewallRules: [{2B4F1FAB-D315-4AE1-AF2C-900896AF1651}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe No File
FirewallRules: [{99081A27-141B-4D12-9A4B-1C4450EC9944}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe No File
FirewallRules: [{68D9F4CF-B13C-4A79-8571-2F503AE3C9F8}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe No File
FirewallRules: [{E3831676-2D1E-4779-B300-D22AC7B64333}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe No File
FirewallRules: [{558414EB-3026-4355-AA98-DA1D26CA07CC}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe No File
FirewallRules: [{B5A3F2E0-DA8D-426E-BC7E-09D76BE107F1}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe No File
FirewallRules: [{ED89EBE0-B098-4245-9725-74E09C9DF3CC}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe No File
FirewallRules: [{1C02D183-D4A4-4149-802E-140172FC79EA}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe No File
FirewallRules: [{0A5B3B3A-036A-4F8A-82DF-99BB6EF149CD}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe No File
FirewallRules: [{731338CF-5054-4BE9-B708-98C5E67C226D}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe No File
FirewallRules: [{0A080567-12F4-46F9-9BA6-7F99FB2DB969}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe No File
FirewallRules: [{9391313B-7593-4A19-B6BE-C78BEAFE6DB1}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe No File
FirewallRules: [{ED9E485E-39E1-4053-AB80-3EC566DFAE49}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe No File
FirewallRules: [{9D3C9E54-8E17-4E65-AD8D-7DD1073C4A16}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe No File
FirewallRules: [{F760D05C-82C7-4EAA-951F-4D7CB91A8802}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe No File
FirewallRules: [{720D3DF2-867C-4583-8AB8-89B6DCFA1D47}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe No File
FirewallRules: [{3DFFCBAC-2FEC-4ADA-BD58-EAE2AD4CA97B}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe No File
FirewallRules: [{A9B37617-8054-4B30-98C4-2190B67438AF}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe No File
FirewallRules: [{3268E737-6640-4336-A9D2-5AD2F42C78CA}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (acer)
FirewallRules: [{854DAB08-6F6E-44AE-9D3D-F4306A275F19}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (acer)
FirewallRules: [{C1789D86-EE16-41C1-8F6A-91366C2B6B7F}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (acer)
FirewallRules: [{62A2A385-69AF-4F0A-8811-89E09656DCA8}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (acer)
FirewallRules: [{2764D0BD-4CCF-4A81-8289-AD8FB4ADA4DC}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
FirewallRules: [{66211DC7-64AF-4637-9965-E71A9103EC55}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
FirewallRules: [{10A31E13-74F5-43AD-B5B6-24267B54B2A3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
FirewallRules: [{0A48A9CD-36F9-4DD9-B23A-FB394FF41FCD}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
FirewallRules: [{8EC55915-BED6-42BC-99DD-352915FE5128}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
FirewallRules: [{47EC79A5-0270-411A-A1CB-D1E920F434CB}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
FirewallRules: [{5A9823B6-7079-4461-94E9-E006EA655C38}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
FirewallRules: [{5874400D-1358-4FEE-91CA-233562810154}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
FirewallRules: [{07235409-303C-452C-BDDF-1F55F494814A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
FirewallRules: [{890A5B8E-F0AB-44A6-806C-487078DB5B13}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
FirewallRules: [{AED33B4F-C2B1-4451-BBDB-8EA472039736}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
FirewallRules: [{7A2B87BB-B1F2-4813-B67E-A9C3C0DE5A4E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
FirewallRules: [{655934EA-9463-42DB-98DB-B9C5EB348D32}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
FirewallRules: [{5CF5960D-B8F0-4C25-81FA-AD3C3916BCB9}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
FirewallRules: [{13D3CF31-77A6-4456-87A4-2CE5FC008200}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
FirewallRules: [{863D5CB5-0E10-4405-AFFF-C452A4E72298}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
FirewallRules: [{A906B312-CCBF-4E77-8577-706CE5860BE6}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{1A1B70D4-09B2-42FE-902F-CAF4D30D594B}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{FB7765F9-2A45-42D4-9C35-1AD50C66F1C7}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{46E93DB6-60D6-4FAD-AF6D-729D14E38E1D}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{9102403D-03D5-43EB-A50F-352B855798B2}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{C83483DE-7C58-4A0D-BA6E-DD863EF9ED38}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{D47464F5-1217-4CA8-9630-F51F51CC9DAE}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{748F3D12-B58A-46AA-A5C5-EF8F2EF51373}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{57F859AA-ECF8-4549-8458-4DDA4512C0AE}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{27E9DAA2-12D9-4607-9465-426EA9F6A310}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{04BE9A16-1CA5-4975-AC06-911B6FE2EBDD}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{EB9671DF-B372-4D96-A64C-2EC8974220EA}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{802C366C-86D2-46BD-B996-00780BC48F83}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{BD87900E-76AA-41D1-8D19-DD6678C80F65}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{9FC376C2-15D9-4E51-8BB9-CBB8774AB015}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{1C24ED3B-E2C5-4199-8A0E-5CCC10D7D39E}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{698CE724-6755-4C81-8486-16238FA2258D}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{9018091E-9AEF-4C3C-A218-E957C98D10D2}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{87C89094-294E-431D-A456-504544859586}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{EAB9225F-D78D-4735-BF68-FBFC6D042ACD}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{B59640B5-BADD-467C-967D-3D2357484F14}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{D12C00B8-AD97-439C-B022-F50F5CE322E5}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{15CD5942-6503-4406-AAD1-4C4150C74E72}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{255B70A2-2A37-4711-823C-DF1026245B86}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{A97C8676-4A45-4C25-9D31-D081D51E0C90}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{2C7A8150-B6B9-429C-9533-CE5A30D8D118}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{46741D73-0112-4348-9645-10FEFD4F55FA}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{E68D59E8-208F-4329-943A-140848F1E730}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{A914637C-D135-46C6-A68A-693CE504C74D}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{D44E58AB-AB6D-4D45-A045-317834E9BB09}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{E7518BBF-E1CE-4751-B5BA-F09E49774457}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{7595E50C-B1F4-44C6-98F8-A6EBC559F50A}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{8F3F1232-3A04-4FBB-B2FE-EBA1185CD121}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{268B819D-A2A0-4DD7-965C-3116B6165412}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{66D31253-A211-4DB6-AA45-41B0D1B38AF6}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{36221610-4696-436F-99AF-D85F2B1F717B}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{18DF0D93-BBD3-47E5-BE29-A600ED567421}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{B0529176-5AA2-48E7-A471-E8B757FCD8BC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{4AE55323-2A8E-4E2E-ADA2-908E41694050}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation)
FirewallRules: [{CC048247-4341-477A-8840-8383E9CA365D}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{5613135C-D695-4B94-A49F-79EFAA109F16}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{3C086F63-E1B4-4B40-9D2E-88699C96A70A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

==================== Restore Points =========================

20-09-2018 09:59:40 Naplánovaný kontrolní bod
30-01-2019 19:50:44 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/18/2018 07:50:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_Audiosrv, verze: 6.3.9600.16384, časové razítko: 0x5215dfe3
Název chybujícího modulu: ntdll.dll, verze: 6.3.9600.17031, časové razítko: 0x530895af
Kód výjimky: 0xc000000d
Posun chyby: 0x0000000000102c50
ID chybujícího procesu: 0x67c
Čas spuštění chybující aplikace: 0x01d4671356a47e20
Cesta k chybující aplikaci: C:\Windows\system32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: be9c2cca-d306-11e8-8270-18cf5e5df793
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/18/2018 03:47:09 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Problém zabránil odeslání dat programu Zlepšování softwaru a služeb na základě zkušeností uživatelů společnosti Microsoft, (chyba 80070005).

Error: (10/18/2018 06:20:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1032

Error: (10/18/2018 06:20:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1032

Error: (10/18/2018 06:20:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/16/2018 07:29:22 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2782

Error: (10/16/2018 07:29:22 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2782

Error: (10/16/2018 07:29:22 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (01/30/2019 07:56:05 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80246007): Aktualizace systému Windows 8.1 pro systémy s procesorem x64 (KB3053863).

Error: (01/30/2019 07:56:05 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80246007): Aktualizace systému Windows 8.1 pro systémy s procesorem x64 (KB3024755).

Error: (01/30/2019 07:56:05 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80246007): Aktualizace zabezpečení systému Windows 8.1 pro systémy na platformě x64 (KB3126587).

Error: (01/30/2019 07:56:05 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80246007): Aktualizace zabezpečení systému Windows 8.1 pro systémy na platformě x64 (KB3159398).

Error: (01/30/2019 07:56:05 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80246007): Aktualizace systému Windows 8.1 pro systémy s procesorem x64 (KB2989930).

Error: (01/30/2019 07:56:05 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80246007): Aktualizace systému Windows 8.1 pro systémy s procesorem x64 (KB2994290).

Error: (01/30/2019 07:56:05 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80246007): 2017-11 kumulativní aktualizace zabezpečení a pro zvýšení kvality pro .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2 a 4.7 v systémech Windows 8.1 a Server 2012 R2 pro x64 (KB4049017).

Error: (01/30/2019 07:56:04 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80246007): Aktualizace zabezpečení pro rozhraní Microsoft .NET Framework 3.5 v systémech Windows 8.1 a Windows Server 2012 R2 platformy x64 (KB2972213).


Windows Defender:
===================================
Date: 2018-10-15 19:33:42.074
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {A69741D1-F1E5-4055-9F41-DAFDF4FC9BDB}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-10-15 19:26:08.344
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {E72DBE59-504F-4900-B8E7-515841D72090}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-10-15 19:19:46.028
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {CB87D61B-BD76-4881-9C10-9956D828169C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-09-23 19:04:40.194
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {85515849-A02C-4C3B-99A6-FE2BEA303696}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-09-23 18:37:35.070
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {91D13EDE-3D46-4060-9CD6-B0CEAF58FC1C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2016-09-17 18:50:10.748
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 106.0.0.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Systém kontroly sítě
Typ aktualizace: Úplné
Uživatel: Acer\Aspire
Aktuální verze modulu:
Předchozí verze modulu: 2.1.9700.0
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2016-09-17 18:50:10.732
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.155.266.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: Acer\Aspire
Aktuální verze modulu:
Předchozí verze modulu: 1.1.9700.0
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2016-09-17 18:50:10.732
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.155.266.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: Acer\Aspire
Aktuální verze modulu:
Předchozí verze modulu: 1.1.9700.0
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2016-09-17 18:50:10.639
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.155.266.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.9700.0
Kód chyby: 0x8024402c
Popis chyby ři zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2016-01-16 18:42:41.241
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.

CodeIntegrity:
===================================

Date: 2018-09-24 11:33:05.358
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-12-03 19:34:59.834
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-12-03 19:34:54.769
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-08-19 14:17:30.311
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-08-19 14:17:26.676
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-03-26 11:37:04.673
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-03-26 11:33:24.014
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-03-26 11:33:22.317
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Celeron(R) CPU N2830 @ 2.16GHz
Percentage of memory in use: 49%
Total physical RAM: 3979.2 MB
Available physical RAM: 1996.08 MB
Total Virtual: 4683.2 MB
Available Virtual: 2465.33 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:448.23 GB) (Free:386.22 GB) NTFS

\\?\Volume{259e6a77-7c87-4571-974a-e7fb6ab5b2b4}\ (Recovery) (Fixed) (Total:0.59 GB) (Free:0.3 GB) NTFS
\\?\Volume{43c7a754-4dc3-41a0-8f79-c89bc3e51fa7}\ (Push Button Reset) (Fixed) (Total:16.52 GB) (Free:2.21 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 33A1FD29)

Partition: GPT.

==================== End of Addition.txt ============================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30.01.2019
Ran by Aspire (administrator) on ACER (30-01-2019 22:37:09)
Running from C:\Users\Aspire\Downloads
Loaded Profiles: Aspire (Available Profiles: Aspire)
Platform: Windows 8.1 Connected (X64) Language: Čeština (Česká republika)
Default browser: IE
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Spotify Ltd) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Users\Aspire\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe
(Microsoft Corporation) C:\Users\Aspire\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe
Failed to access process -> wmplayer.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Media Player\setup_wm.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Pokki) C:\Users\Aspire\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17031_none_fa50b3979b1bcb4a\TiWorker.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\livecomm.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-21] (Realtek Semiconductor)
HKLM-x32\...\Run: [Adobe ARM] => c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-30] (AVAST Software)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-02-26] (Qualcomm®Atheros®)
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1168896 2014-06-24] (Spotify Ltd)
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\MountPoints2: {11655245-e665-11e7-826d-f8a963a40627} - "E:\autorun.exe"
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\MountPoints2: {11655257-e665-11e7-826d-f8a963a40627} - "E:\autorun.exe"
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\MountPoints2: {11655ae5-e665-11e7-826d-f8a963a40627} - "F:\autorun.exe"
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\MountPoints2: {11655aef-e665-11e7-826d-f8a963a40627} - "F:\autorun.exe"
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\MountPoints2: {d2454599-6bd1-11e8-826e-f8a963a40627} - "E:\autorun.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.81\Installer\chrmstp.exe [2019-01-30] (Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> c:\Program Files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll [2013-09-05] (Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-02-26] (Qualcomm®Atheros®)
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-02-26] (Qualcomm®Atheros®)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2019-01-30]
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
Startup: C:\Users\Aspire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2018-09-24]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7F614279-92D1-4F8D-B3C2-211DDB11ACE6}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ED7ADB51-15BE-4AAD-BC5D-0BF629C3CD5C}: [DhcpNameServer] 213.46.172.37 213.46.172.36

Internet Explorer:
==================
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKU\S-1-5-21-2649769328-1442576681-4040288438-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2649769328-1442576681-4040288438-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2649769328-1442576681-4040288438-1001 -> {F4BA8A93-AE01-453D-8A4E-B1FCFEAF52C2} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-01-30] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-01-30] (Google Inc.)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll [2018-07-17] (McAfee, Inc.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2019-01-30] (Google Inc.)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\siteadvisor\McIEPlg.dll [2018-07-17] (McAfee, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-01-30] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2019-01-30] (Google Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll [2018-07-17] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\McIEPlg.dll [2018-07-17] (McAfee, Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-30] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-30] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-30] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-30] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll [2018-07-17] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\McIEPlg.dll [2018-07-17] (McAfee, Inc.)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [2019-01-30]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-30] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [No File]
FF Plugin-x32: Adobe Reader -> c:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-09-05] (Adobe Systems Inc.)

Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Profile: C:\Users\Aspire\AppData\Local\Google\Chrome\User Data\Default [2019-01-30]
CHR Extension: (Prezentace) - C:\Users\Aspire\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-01-30]
CHR Extension: (Dokumenty) - C:\Users\Aspire\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-01-30]
CHR Extension: (Disk Google) - C:\Users\Aspire\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-01-30]
CHR Extension: (YouTube) - C:\Users\Aspire\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-30]
CHR Extension: (Tabulky) - C:\Users\Aspire\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-01-30]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Aspire\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2019-01-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\Aspire\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-01-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Aspire\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-01-30]
CHR Extension: (Gmail) - C:\Users\Aspire\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-01-30]
CHR Extension: (Chrome Media Router) - C:\Users\Aspire\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-30]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-03-22]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-03-22]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7834368 2019-01-30] (AVAST Software)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-02-26] (Windows (R) Win 7 DDK provider) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357816 2019-01-30] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9619816 2019-01-04] (Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573544 2014-03-21] (Acer Incorporated)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-18] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [459496 2014-03-17] (Acer Incorporate)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [604824 2018-07-17] (McAfee, Inc.)
S2 McWAMigrationTool; C:\Program Files\McAfee\WAMigrationTool\MigrationTool.exe [985320 2019-01-30] (McAfee, Inc.)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [457960 2014-03-22] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-03-22] (Acer Incorporate)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [222952 2014-01-25] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37304 2019-01-30] (AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [203488 2019-01-30] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [223056 2019-01-30] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196264 2019-01-30] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320888 2019-01-30] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [58160 2019-01-30] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239808 2019-01-30] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46584 2019-01-30] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42488 2019-01-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [166792 2019-01-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111992 2019-01-30] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88144 2019-01-30] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1034056 2019-01-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [474648 2019-01-30] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [218056 2019-01-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380144 2019-01-30] (AVAST Software)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3888640 2014-02-14] (Qualcomm Atheros Communications, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-26] (Qualcomm Atheros)
S3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Intel Corporation)
R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [67584 2013-11-11] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [111608 2017-02-14] (McAfee, Inc.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [461528 2013-12-20] (Realsil Semiconductor Corporation)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-19] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-30 22:37 - 2019-01-30 22:39 - 000019976 _____ C:\Users\Aspire\Downloads\FRST.txt
2019-01-30 22:36 - 2019-01-30 22:37 - 000000000 ____D C:\FRST
2019-01-30 22:33 - 2019-01-30 22:35 - 002428928 _____ (Farbar) C:\Users\Aspire\Downloads\FRST64.exe
2019-01-30 21:47 - 2019-01-30 21:47 - 000002506 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-01-30 21:47 - 2019-01-30 21:47 - 000002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-01-30 21:47 - 2019-01-30 21:47 - 000002477 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-01-30 21:47 - 2019-01-30 21:47 - 000002472 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-01-30 21:47 - 2019-01-30 21:47 - 000002433 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-01-30 21:47 - 2019-01-30 21:47 - 000002398 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-01-30 21:47 - 2019-01-30 21:47 - 000002394 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-01-30 21:47 - 2019-01-30 21:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2019-01-30 21:24 - 2019-01-30 21:24 - 000003292 _____ C:\Windows\System32\Tasks\SweetLabs App Platform
2019-01-30 21:09 - 2019-01-30 21:10 - 000000000 ____D C:\ProgramData\Google
2019-01-30 21:09 - 2019-01-30 21:09 - 000000000 ____D C:\Program Files\Google
2019-01-30 21:08 - 2019-01-30 21:10 - 000000000 ____D C:\Users\Aspire\AppData\Local\Google
2019-01-30 21:07 - 2019-01-30 21:07 - 000002324 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-01-30 21:07 - 2019-01-30 21:07 - 000002283 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-01-30 21:02 - 2019-01-30 21:25 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-01-30 21:02 - 2019-01-30 21:25 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-01-30 21:01 - 2019-01-30 21:09 - 000000000 ____D C:\Program Files (x86)\Google
2019-01-30 20:59 - 2019-01-30 20:59 - 000000000 ____D C:\Users\Aspire\AppData\Roaming\AVAST Software
2019-01-30 20:59 - 2019-01-30 20:59 - 000000000 ____D C:\Users\Aspire\AppData\Local\CEF
2019-01-30 20:58 - 2019-01-30 20:58 - 000002099 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-01-30 20:58 - 2019-01-30 20:58 - 000000000 ____D C:\Users\Aspire\AppData\Local\AVAST Software
2019-01-30 20:58 - 2019-01-30 20:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2019-01-30 20:52 - 2019-01-30 20:52 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2019-01-30 20:51 - 2019-01-30 20:51 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-01-30 20:49 - 2019-01-30 20:51 - 000223056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-01-30 20:49 - 2019-01-30 20:51 - 000166792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-01-30 20:49 - 2019-01-30 20:47 - 000474648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-01-30 20:49 - 2019-01-30 20:47 - 000380144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-01-30 20:49 - 2019-01-30 20:47 - 000239808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-01-30 20:49 - 2019-01-30 20:47 - 000218056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-01-30 20:49 - 2019-01-30 20:47 - 000203488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-01-30 20:49 - 2019-01-30 20:47 - 000111992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-01-30 20:49 - 2019-01-30 20:47 - 000088144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-01-30 20:49 - 2019-01-30 20:47 - 000046584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2019-01-30 20:49 - 2019-01-30 20:47 - 000042488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-01-30 20:49 - 2019-01-30 20:46 - 001034056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-01-30 20:49 - 2019-01-30 20:46 - 000320888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblog.sys
2019-01-30 20:49 - 2019-01-30 20:46 - 000196264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-01-30 20:49 - 2019-01-30 20:46 - 000058160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-01-30 20:49 - 2019-01-30 20:46 - 000037304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-01-30 20:48 - 2019-01-30 20:48 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-01-30 20:48 - 2019-01-30 20:47 - 000361352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-01-30 20:44 - 2019-01-30 20:48 - 000000000 ____D C:\ProgramData\AVAST Software
2019-01-30 20:44 - 2019-01-30 20:44 - 000000000 ____D C:\Program Files\AVAST Software
2019-01-30 20:43 - 2019-01-30 20:43 - 007450264 _____ (AVAST Software) C:\Users\Aspire\Downloads\avast_free_antivirus_setup_online_l3a.exe

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-30 22:33 - 2016-02-17 18:34 - 000000000 ____D C:\Users\Aspire\AppData\Local\CrashDumps
2019-01-30 22:26 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\Inf
2019-01-30 22:14 - 2013-08-22 16:20 - 000000000 ____D C:\Windows\CbsTemp
2019-01-30 21:52 - 2015-12-03 18:01 - 000003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2649769328-1442576681-4040288438-1001
2019-01-30 21:50 - 2013-08-22 16:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-01-30 21:45 - 2014-06-24 23:17 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-01-30 21:29 - 2015-12-03 17:54 - 000000000 ____D C:\Users\Aspire\AppData\Local\SweetLabs App Platform
2019-01-30 20:39 - 2016-11-10 14:50 - 000000000 ____D C:\Program Files\McAfee
2019-01-30 20:38 - 2015-12-12 02:05 - 000003958 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{5ADC40AB-14AB-4317-9B8F-3D1A756ABBD7}
2019-01-30 19:49 - 2016-09-19 15:06 - 000000000 __RDO C:\Users\Aspire\OneDrive
2019-01-30 19:46 - 2014-06-24 23:04 - 000739924 _____ C:\Windows\system32\perfh005.dat
2019-01-30 19:46 - 2014-06-24 23:04 - 000151610 _____ C:\Windows\system32\perfc005.dat
2019-01-30 19:46 - 2014-03-18 10:47 - 001745984 _____ C:\Windows\system32\PerfStringBackup.INI

Some files in TEMP:
====================
2015-12-31 13:59 - 2015-12-31 13:59 - 000467968 _____ (Realtek Semiconductor Corp.) C:\Users\Aspire\AppData\Local\Temp\COMAP.EXE
2017-08-19 13:13 - 2017-08-19 13:14 - 063610200 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\oct14C.tmp.exe
2017-05-19 18:35 - 2017-05-22 14:08 - 064118864 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\oct1D38.tmp.exe
2015-12-03 17:59 - 2015-12-03 17:59 - 000002399 _____ () C:\Users\Aspire\AppData\Local\Temp\oct267E.tmp.exe
2016-07-25 08:15 - 2016-07-25 08:15 - 063953600 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\oct2F90.tmp.exe
2016-07-30 18:26 - 2016-07-30 18:26 - 063953128 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\oct3BB7.tmp.exe
2015-12-15 01:02 - 2015-12-15 01:02 - 063066872 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\oct52CC.tmp.exe
2018-01-22 14:41 - 2018-01-22 14:42 - 041424392 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\oct59ED.tmp.exe
2016-02-17 09:38 - 2016-02-17 09:39 - 063078856 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\oct6129.tmp.exe
2017-08-11 16:53 - 2017-08-11 16:57 - 063610592 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\oct6A8D.tmp.exe
2016-11-17 13:02 - 2016-11-17 13:06 - 064111920 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\oct7B2D.tmp.exe
2016-09-20 18:52 - 2016-09-20 18:53 - 064108904 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\oct8785.tmp.exe
2019-01-30 20:37 - 2019-01-30 20:38 - 044622200 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\octA35.tmp.exe
2017-12-07 19:11 - 2017-12-08 18:36 - 041373360 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\octA943.tmp.exe
2016-04-16 07:14 - 2016-04-16 07:15 - 063707840 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\octA9F8.tmp.exe
2018-03-17 13:11 - 2018-03-17 13:12 - 041561472 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\octAD0C.tmp.exe
2017-12-16 09:29 - 2017-12-16 09:29 - 041440856 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\octBC22.tmp.exe
2016-03-12 13:44 - 2016-03-12 13:45 - 063142648 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\octC8D8.tmp.exe
2015-12-12 03:46 - 2015-12-12 03:47 - 062903592 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\octD51A.tmp.exe
2017-10-07 12:49 - 2017-10-07 12:50 - 041565936 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\octEDD.tmp.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-10-15 18:04

==================== End of FRST.txt ============================

Ahoj

Odporucam odinstalovat McAfee WebAdvisor (zrejme nainstalovane neumyselne pri instalacii ineho programu, navyse je to zbytocnost, kedze je tam uz Avast).

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

• Uloz na plochu a ukonci vsetky programy
• Spusti AdwCleaner ako spravca
• Odsuhlas licencne podmienky
• Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
• Nechaj zaskrtnute vsetky nalezy
• Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
• Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
• Otvori sa log, jeho obsah sem skopiruj

# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build: 01-30-2019
# Database: 2019-01-25.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-31-2019
# Duration: 00:00:07
# OS: Windows 8.1 Connected
# Cleaned: 30
# Failed: 1


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\Public\Pokki
Deleted C:\Program Files\Booking.com
Not Deleted C:\Users\Aspire\AppData\Local\SweetLabs App Platform

***** [ Files ] *****

Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pokki Start Menu.lnk
Deleted C:\Users\Aspire\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Pokki Start Menu.lnk
Deleted C:\Users\Aspire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Start Menu.lnk
Deleted C:\Users\Aspire\Favorites\Booking.com.url
Deleted C:\Users\Public\Desktop\Booking.com.lnk
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
Deleted C:\Users\Aspire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\SweetLabs App Platform

***** [ Registry ] *****

Deleted HKCU\Software\SweetLabs App Platform
Deleted HKCU\Software\Classes\lnkfile\shell\pokki
Deleted HKCU\Software\Classes\Drive\shell\pokki
Deleted HKCU\Software\Classes\Directory\shell\pokki
Deleted HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Deleted HKCU\Software\Classes\pokki
Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\TBDEn|SBOEM2
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
Deleted HKLM\Software\Wow6432Node\Classes\AppID\OverlayIcon.DLL
Deleted HKLM\SOFTWARE\Classes\AppID\OverlayIcon.DLL
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{ADF1FA2A-6EAA-4A97-A55F-3C8B92843EF5}
Deleted HKLM\Software\Classes\TypeLib\{ADF1FA2A-6EAA-4A97-A55F-3C8B92843EF5}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{7BCA6879-A9F8-47DE-AE05-F5CE7EA3A474}
Deleted HKLM\Software\Classes\Interface\{7BCA6879-A9F8-47DE-AE05-F5CE7EA3A474}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1E6382CF-D98B-4776-BE28-63D33F295BCC}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SweetLabs App Platform
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\staticimgfarm.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ak.staticimgfarm.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\warthunder.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [4157 octets] - [31/01/2019 00:56:12]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Poprosim o obidva nove logy z FRST.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30.01.2019
Ran by Aspire (31-01-2019 17:18:27)
Running from C:\Users\Aspire\Desktop
Windows 8.1 Connected (X64) (2015-12-03 16:53:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2649769328-1442576681-4040288438-500 - Administrator - Disabled)
Aspire (S-1-5-21-2649769328-1442576681-4040288438-1001 - Administrator - Enabled) => C:\Users\Aspire
Guest (S-1-5-21-2649769328-1442576681-4040288438-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{C788B026-20BD-4E96-B698-533F1D6C5013}) (Version: 7.2.4 - Hewlett-Packard) Hidden
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.10.2002 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2001 - Acer Incorporated)
abMusic (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 3.01.2003.6 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 4.00.2001.1 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8105 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.12.2006 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8104 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3012 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8106 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.02.2003 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.01.3003 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.01.3003 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2001.4 - Acer Incorporated)
Adobe Reader XI (11.0.20) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.20 - Adobe Systems Incorporated)
Aloha TriPeaks (HKLM-x32\...\WTA-ab56ec5b-6fa4-4dfb-bd78-ceeace722f58) (Version: 2.2.0.98 - WildTangent) Hidden
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.25.2001.0 - Acer Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.1.2360 - AVAST Software)
Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
Cradle Of Egypt Collector's Edition (HKLM-x32\...\WTA-c69db588-ef65-4379-86e4-188dd0df1c9d) (Version: 2.2.0.110 - WildTangent) Hidden
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.3721 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3914.57 - CyberLink Corp.)
FOTOLAB CEWE fotosvet (HKLM-x32\...\FOTOLAB CEWE fotosvet) (Version: 6.1.5 - CEWE Stiftung u Co. KGaA)
Game Channels (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 9.2.0.11 - WildTangent, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.81 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (HKLM-x32\...\WTA-42b228cc-bd7b-4186-a616-f63c62029ec8) (Version: 2.2.0.110 - WildTangent) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8101 - Acer Incorporated)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated)
Luxor Evolved (HKLM-x32\...\WTA-64989219-8e08-458e-a1ec-b6526f1cae0d) (Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (HKLM-x32\...\WTA-225c38ea-1b45-4706-a184-d47b2af73567) (Version: 2.2.0.98 - WildTangent) Hidden
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.11126.20266 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\OneDriveSetup.exe) (Version: 18.240.1202.0004 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11126.20266 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11126.20266 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11126.20266 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.11126.20266 - Microsoft Corporation) Hidden
Peggle Nights (HKLM-x32\...\WTA-2986e38a-969a-4097-a644-39cc63a74389) (Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-44a97d0b-062e-4cc5-b3f9-6aca6fe37e30) (Version: 2.2.0.98 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.29 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21245 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7209 - Realtek Semiconductor Corp.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
The Chronicles of Emerland Solitaire (HKLM-x32\...\WTA-e97af41c-4dff-483b-9b8e-233af0e814c0) (Version: 3.0.2.32 - WildTangent) Hidden
Trinklit Supreme (HKLM-x32\...\WTA-1cd45dff-6ea5-42d7-8045-a335bae852a6) (Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer) (Version: 4.1.1.30 - WildTangent) Hidden
WildTangent ShortcutProvider (HKLM-x32\...\{80831F60-19D7-43B3-A60C-5CAF8C478DF6}) (Version: 4.5.0.160 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2649769328-1442576681-4040288438-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Aspire\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileCoAuthLib64.dll => No File
CustomCLSID: HKU\S-1-5-21-2649769328-1442576681-4040288438-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-30] (AVAST Software)
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvAppExt.dll [2014-02-26] (Qualcomm®Atheros®)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-30] (AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-30] (AVAST Software)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ShellContextExt.dll [2014-02-26] (Qualcomm®Atheros®)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2014-03-07] (Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\Windows\system32\igfxOSP.dll [2014-03-07] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-30] (AVAST Software)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0E3D8C1F-20BC-4577-84C3-2B3E0148A5C1} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-03-17] (Acer Incorporate)
Task: {165B1243-58EC-45DD-9CC8-8AD8D854B785} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-03-21] (Acer Incorporated)
Task: {247D4397-C93D-4EAD-8E50-03A8007C3044} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2019-01-02] (Microsoft Corporation)
Task: {566C560F-B1AA-4414-98A8-F044168EC987} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-03-22] (Acer Incorporate)
Task: {5B03D0FD-3F27-4E32-B560-E9B9717F9A2E} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-03-22] (Acer Incorporate)
Task: {6316AE17-1805-42EA-9A43-3FD5E42FE9D3} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2019-01-30] (Microsoft Corporation)
Task: {67A70410-051F-4079-89CD-7BBF63037EC6} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-03-19] (Acer Incorporated)
Task: {6CD970C7-7986-4651-85F0-F4113A2383C4} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-07-08] ()
Task: {75D5F4A7-F055-4633-BE9A-EE0D94D658D7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-01-30] (Google Inc.)
Task: {7DF07CC3-AD1F-4DDF-B004-DF37887F66FB} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-01-25] (TODO: <Company name>)
Task: {8557A9C5-037C-42AF-AED4-7B68546E667A} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2017-09-26] (Acer Incorporated)
Task: {90656965-7EB1-41B3-A764-A1D118438BFF} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2019-01-30] (Microsoft Corporation)
Task: {967374E2-40BA-48EB-80CC-B7080BE82C31} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2019-01-30] (AVAST Software)
Task: {99DD3051-4CD8-464B-94E5-602DA19F9FA9} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2019-01-30] (Microsoft Corporation)
Task: {A86A3A4E-49FC-45D3-A4A4-57C9D66CAE8D} - System32\Tasks\abDocsDllLoader => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [2017-09-28] ()
Task: {BE66E331-DB0F-4F10-B557-A4BCE9A8A010} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2019-01-30] (Microsoft Corporation)
Task: {C8D1584C-7261-4068-869E-1CA6AC5BF2AB} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {CC94D9A2-4750-44D7-9ADF-4E0846477447} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2019-01-02] (Microsoft Corporation)
Task: {F9479D42-2A76-476C-9917-91D3FC2F2141} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-01-30] (Google Inc.)
Task: {FC6A410C-BFFB-464C-9636-17639FF5EB06} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2019-01-30] (Microsoft Corporation)
Task: {FE681400-330C-4E5C-B916-1D31B03D5118} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2019-01-30] (AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2011-08-05 07:56 - 2011-08-05 07:56 - 000034304 _____ () C:\Windows\System32\sxr3xlm.dll
2014-06-24 23:13 - 2012-04-24 11:43 - 000254512 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2014-02-26 06:14 - 2014-02-26 06:14 - 000011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-02-26 06:11 - 2014-02-26 06:11 - 000086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2014-02-26 06:17 - 2014-02-26 06:17 - 000012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2014-04-21 11:37 - 2014-03-07 17:21 - 000080312 _____ () C:\Windows\system32\igfxexps.dll
2019-01-30 20:57 - 2019-01-30 20:57 - 093695912 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2019-01-30 20:47 - 2019-01-30 20:47 - 000667016 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2017-11-14 16:06 - 2017-11-14 16:06 - 000015136 _____ () C:\Windows\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2017-09-26 12:35 - 2017-09-26 12:35 - 000013088 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2017-09-26 12:34 - 2017-09-26 12:34 - 000277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Acer\Remote Files\
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\acer01.jpg
DNS Servers: 192.168.8.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{DE009EB0-F7C2-4C4C-B04F-F38E497FD23F}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{AC236072-FE1C-4CCF-95A2-F784C5EB3DF9}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{FC94B1E3-F4FA-477E-8BFF-8573F6A33E76}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp.)
FirewallRules: [{B80E5E2D-FB73-461C-B382-6483A8C39D99}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe (Spotify Ltd)
FirewallRules: [{B6CBC285-8BD2-4CDE-9C66-C743CD7241BA}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe (Spotify Ltd)
FirewallRules: [{B1FA4FBB-9410-47B3-AC8E-E7049FD8B5AE}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
FirewallRules: [{E1E72048-54DD-4259-AB55-AF8A4B011020}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
FirewallRules: [{E6A65797-BD19-4C1B-83EA-D8750C887EC8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe (CyberLink Corp.)
FirewallRules: [{DD220CF1-61F2-4E75-81B8-8BC965037195}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe No File
FirewallRules: [{0F6EF111-B06C-4596-B33E-571C3F3F3C81}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe No File
FirewallRules: [{980362F8-D8CE-4454-A42F-8008C3457AC9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe No File
FirewallRules: [{2D3A9B46-5FD9-45CD-A634-43B79B849550}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe (CyberLink Corp.)
FirewallRules: [{16EAE2FD-227D-4270-A1A3-729E043174CC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe (CyberLink Corp.)
FirewallRules: [{71D2231C-9AA8-4646-97CE-4EBD9999115A}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe No File
FirewallRules: [{967D939E-1305-4412-B466-CDB1871C210A}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe No File
FirewallRules: [{3B78E2AE-8D7C-4F8F-B7A6-B3F6BBC24BA8}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe No File
FirewallRules: [{07565A5C-739F-417E-B7FB-906F683C0404}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe No File
FirewallRules: [{F616D4AA-8DB3-4DD9-BA77-0FDEEA0F34D7}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe No File
FirewallRules: [{027100CC-40C8-4581-BBD7-8B483237D8E6}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe No File
FirewallRules: [{2B4F1FAB-D315-4AE1-AF2C-900896AF1651}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe No File
FirewallRules: [{99081A27-141B-4D12-9A4B-1C4450EC9944}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe No File
FirewallRules: [{68D9F4CF-B13C-4A79-8571-2F503AE3C9F8}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe No File
FirewallRules: [{E3831676-2D1E-4779-B300-D22AC7B64333}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe No File
FirewallRules: [{558414EB-3026-4355-AA98-DA1D26CA07CC}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe No File
FirewallRules: [{B5A3F2E0-DA8D-426E-BC7E-09D76BE107F1}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe No File
FirewallRules: [{ED89EBE0-B098-4245-9725-74E09C9DF3CC}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe No File
FirewallRules: [{1C02D183-D4A4-4149-802E-140172FC79EA}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe No File
FirewallRules: [{0A5B3B3A-036A-4F8A-82DF-99BB6EF149CD}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe No File
FirewallRules: [{731338CF-5054-4BE9-B708-98C5E67C226D}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe No File
FirewallRules: [{0A080567-12F4-46F9-9BA6-7F99FB2DB969}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe No File
FirewallRules: [{9391313B-7593-4A19-B6BE-C78BEAFE6DB1}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe No File
FirewallRules: [{ED9E485E-39E1-4053-AB80-3EC566DFAE49}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe No File
FirewallRules: [{9D3C9E54-8E17-4E65-AD8D-7DD1073C4A16}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe No File
FirewallRules: [{F760D05C-82C7-4EAA-951F-4D7CB91A8802}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe No File
FirewallRules: [{720D3DF2-867C-4583-8AB8-89B6DCFA1D47}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe No File
FirewallRules: [{3DFFCBAC-2FEC-4ADA-BD58-EAE2AD4CA97B}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe No File
FirewallRules: [{A9B37617-8054-4B30-98C4-2190B67438AF}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe No File
FirewallRules: [{3268E737-6640-4336-A9D2-5AD2F42C78CA}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (acer)
FirewallRules: [{854DAB08-6F6E-44AE-9D3D-F4306A275F19}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (acer)
FirewallRules: [{C1789D86-EE16-41C1-8F6A-91366C2B6B7F}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (acer)
FirewallRules: [{62A2A385-69AF-4F0A-8811-89E09656DCA8}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (acer)
FirewallRules: [{2764D0BD-4CCF-4A81-8289-AD8FB4ADA4DC}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
FirewallRules: [{66211DC7-64AF-4637-9965-E71A9103EC55}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
FirewallRules: [{10A31E13-74F5-43AD-B5B6-24267B54B2A3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
FirewallRules: [{0A48A9CD-36F9-4DD9-B23A-FB394FF41FCD}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
FirewallRules: [{8EC55915-BED6-42BC-99DD-352915FE5128}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
FirewallRules: [{47EC79A5-0270-411A-A1CB-D1E920F434CB}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
FirewallRules: [{5A9823B6-7079-4461-94E9-E006EA655C38}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
FirewallRules: [{5874400D-1358-4FEE-91CA-233562810154}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
FirewallRules: [{07235409-303C-452C-BDDF-1F55F494814A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
FirewallRules: [{890A5B8E-F0AB-44A6-806C-487078DB5B13}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
FirewallRules: [{AED33B4F-C2B1-4451-BBDB-8EA472039736}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
FirewallRules: [{7A2B87BB-B1F2-4813-B67E-A9C3C0DE5A4E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
FirewallRules: [{655934EA-9463-42DB-98DB-B9C5EB348D32}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
FirewallRules: [{5CF5960D-B8F0-4C25-81FA-AD3C3916BCB9}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe No File
FirewallRules: [{13D3CF31-77A6-4456-87A4-2CE5FC008200}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
FirewallRules: [{863D5CB5-0E10-4405-AFFF-C452A4E72298}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe No File
FirewallRules: [{A906B312-CCBF-4E77-8577-706CE5860BE6}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{1A1B70D4-09B2-42FE-902F-CAF4D30D594B}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{FB7765F9-2A45-42D4-9C35-1AD50C66F1C7}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{46E93DB6-60D6-4FAD-AF6D-729D14E38E1D}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{9102403D-03D5-43EB-A50F-352B855798B2}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{C83483DE-7C58-4A0D-BA6E-DD863EF9ED38}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{D47464F5-1217-4CA8-9630-F51F51CC9DAE}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{748F3D12-B58A-46AA-A5C5-EF8F2EF51373}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{57F859AA-ECF8-4549-8458-4DDA4512C0AE}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{27E9DAA2-12D9-4607-9465-426EA9F6A310}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{04BE9A16-1CA5-4975-AC06-911B6FE2EBDD}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{EB9671DF-B372-4D96-A64C-2EC8974220EA}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{802C366C-86D2-46BD-B996-00780BC48F83}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{BD87900E-76AA-41D1-8D19-DD6678C80F65}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{9FC376C2-15D9-4E51-8BB9-CBB8774AB015}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{1C24ED3B-E2C5-4199-8A0E-5CCC10D7D39E}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{698CE724-6755-4C81-8486-16238FA2258D}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{9018091E-9AEF-4C3C-A218-E957C98D10D2}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{87C89094-294E-431D-A456-504544859586}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{EAB9225F-D78D-4735-BF68-FBFC6D042ACD}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{B59640B5-BADD-467C-967D-3D2357484F14}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{D12C00B8-AD97-439C-B022-F50F5CE322E5}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{15CD5942-6503-4406-AAD1-4C4150C74E72}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{255B70A2-2A37-4711-823C-DF1026245B86}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{A97C8676-4A45-4C25-9D31-D081D51E0C90}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{2C7A8150-B6B9-429C-9533-CE5A30D8D118}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{46741D73-0112-4348-9645-10FEFD4F55FA}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{E68D59E8-208F-4329-943A-140848F1E730}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{A914637C-D135-46C6-A68A-693CE504C74D}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{D44E58AB-AB6D-4D45-A045-317834E9BB09}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{E7518BBF-E1CE-4751-B5BA-F09E49774457}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{7595E50C-B1F4-44C6-98F8-A6EBC559F50A}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{8F3F1232-3A04-4FBB-B2FE-EBA1185CD121}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{268B819D-A2A0-4DD7-965C-3116B6165412}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (acer)
FirewallRules: [{66D31253-A211-4DB6-AA45-41B0D1B38AF6}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{36221610-4696-436F-99AF-D85F2B1F717B}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (acer)
FirewallRules: [{18DF0D93-BBD3-47E5-BE29-A600ED567421}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{B0529176-5AA2-48E7-A471-E8B757FCD8BC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{4AE55323-2A8E-4E2E-ADA2-908E41694050}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation)
FirewallRules: [{CC048247-4341-477A-8840-8383E9CA365D}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{5613135C-D695-4B94-A49F-79EFAA109F16}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{3C086F63-E1B4-4B40-9D2E-88699C96A70A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

==================== Restore Points =========================

20-09-2018 09:59:40 Naplánovaný kontrolní bod
30-01-2019 19:50:44 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/30/2019 11:21:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_Audiosrv, verze: 6.3.9600.16384, časové razítko: 0x5215dfe3
Název chybujícího modulu: ntdll.dll, verze: 6.3.9600.17031, časové razítko: 0x530895af
Kód výjimky: 0xc000000d
Posun chyby: 0x0000000000102c50
ID chybujícího procesu: 0xb4c
Čas spuštění chybující aplikace: 0x01d4b8e9d32d4c81
Cesta k chybující aplikaci: C:\Windows\system32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: 58c69755-24dd-11e9-8274-f8a963a40627
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/30/2019 11:10:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: IEXPLORE.EXE, verze: 11.0.9600.17037, časové razítko: 0x5312c30a
Název chybujícího modulu: MSHTML.dll, verze: 11.0.9600.17037, časové razítko: 0x5312faa5
Kód výjimky: 0xc0000409
Posun chyby: 0x006a6e2b
ID chybujícího procesu: 0x8a0
Čas spuštění chybující aplikace: 0x01d4b8e7f4fee546
Cesta k chybující aplikaci: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\MSHTML.dll
ID zprávy: c9bfc419-24db-11e9-8273-f8a963a40627
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/30/2019 11:09:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_Audiosrv, verze: 6.3.9600.16384, časové razítko: 0x5215dfe3
Název chybujícího modulu: ntdll.dll, verze: 6.3.9600.17031, časové razítko: 0x530895af
Kód výjimky: 0xc000000d
Posun chyby: 0x0000000000102c50
ID chybujícího procesu: 0x78
Čas spuštění chybující aplikace: 0x01d4b8e81e5fd20b
Cesta k chybující aplikaci: C:\Windows\system32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: a4c1dcdd-24db-11e9-8273-f8a963a40627
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/30/2019 11:06:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_Audiosrv, verze: 6.3.9600.16384, časové razítko: 0x5215dfe3
Název chybujícího modulu: ntdll.dll, verze: 6.3.9600.17031, časové razítko: 0x530895af
Kód výjimky: 0xc000000d
Posun chyby: 0x0000000000102c50
ID chybujícího procesu: 0xb5c
Čas spuštění chybující aplikace: 0x01d4b8e7f898fee5
Cesta k chybující aplikaci: C:\Windows\system32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: 5a83acbe-24db-11e9-8273-f8a963a40627
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/18/2018 07:50:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_Audiosrv, verze: 6.3.9600.16384, časové razítko: 0x5215dfe3
Název chybujícího modulu: ntdll.dll, verze: 6.3.9600.17031, časové razítko: 0x530895af
Kód výjimky: 0xc000000d
Posun chyby: 0x0000000000102c50
ID chybujícího procesu: 0x67c
Čas spuštění chybující aplikace: 0x01d4671356a47e20
Cesta k chybující aplikaci: C:\Windows\system32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: be9c2cca-d306-11e8-8270-18cf5e5df793
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/18/2018 03:47:09 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Problém zabránil odeslání dat programu Zlepšování softwaru a služeb na základě zkušeností uživatelů společnosti Microsoft, (chyba 80070005).

Error: (10/18/2018 06:20:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1032

Error: (10/18/2018 06:20:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1032


System errors:
=============
Error: (01/31/2019 05:16:11 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Centrum zabezpečení, ale tato akce selhala kvůli následující chybě:
Instance této služby je již spuštěna.

Error: (01/31/2019 05:14:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Centrum zabezpečení byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (01/31/2019 05:14:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Podpora rozhraní NetBIOS nad protokolem TCP/IP byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 100 milisekund: Restartovat službu.

Error: (01/31/2019 05:14:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Protokol událostí systému Windows byla neočekávaně ukončena. Tento stav nastal již 3krát.

Error: (01/31/2019 05:14:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Klient DHCP byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 300000 milisekund: Restartovat službu.

Error: (01/31/2019 05:14:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Zvuk systému Windows byla neočekávaně ukončena. Tento stav nastal již 3krát.

Error: (01/31/2019 05:12:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Podpora rozhraní NetBIOS nad protokolem TCP/IP byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 100 milisekund: Restartovat službu.

Error: (01/31/2019 05:12:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Protokol událostí systému Windows byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.


Windows Defender:
===================================
Date: 2018-10-15 19:33:42.074
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {A69741D1-F1E5-4055-9F41-DAFDF4FC9BDB}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-10-15 19:26:08.344
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {E72DBE59-504F-4900-B8E7-515841D72090}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-10-15 19:19:46.028
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {CB87D61B-BD76-4881-9C10-9956D828169C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-09-23 19:04:40.194
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {85515849-A02C-4C3B-99A6-FE2BEA303696}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-09-23 18:37:35.070
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {91D13EDE-3D46-4060-9CD6-B0CEAF58FC1C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2016-09-17 18:50:10.748
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 106.0.0.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Systém kontroly sítě
Typ aktualizace: Úplné
Uživatel: Acer\Aspire
Aktuální verze modulu:
Předchozí verze modulu: 2.1.9700.0
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2016-09-17 18:50:10.732
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.155.266.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: Acer\Aspire
Aktuální verze modulu:
Předchozí verze modulu: 1.1.9700.0
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2016-09-17 18:50:10.732
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.155.266.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: Acer\Aspire
Aktuální verze modulu:
Předchozí verze modulu: 1.1.9700.0
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2016-09-17 18:50:10.639
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.155.266.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.9700.0
Kód chyby: 0x8024402c
Popis chyby ři zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2016-01-16 18:42:41.241
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.

CodeIntegrity:
===================================

Date: 2018-09-24 11:33:05.358
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-12-03 19:34:59.834
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-12-03 19:34:54.769
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-08-19 14:17:30.311
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-08-19 14:17:26.676
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-03-26 11:37:04.673
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-03-26 11:33:24.014
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-03-26 11:33:22.317
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Celeron(R) CPU N2830 @ 2.16GHz
Percentage of memory in use: 41%
Total physical RAM: 3979.2 MB
Available physical RAM: 2332.75 MB
Total Virtual: 4683.2 MB
Available Virtual: 3202.59 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:448.23 GB) (Free:383.33 GB) NTFS

\\?\Volume{259e6a77-7c87-4571-974a-e7fb6ab5b2b4}\ (Recovery) (Fixed) (Total:0.59 GB) (Free:0.3 GB) NTFS
\\?\Volume{43c7a754-4dc3-41a0-8f79-c89bc3e51fa7}\ (Push Button Reset) (Fixed) (Total:16.52 GB) (Free:2.21 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 33A1FD29)

Partition: GPT.

==================== End of Addition.txt ============================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30.01.2019
Ran by Aspire (administrator) on ACER (31-01-2019 17:16:36)
Running from C:\Users\Aspire\Desktop
Loaded Profiles: Aspire (Available Profiles: Aspire)
Platform: Windows 8.1 Connected (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Spotify Ltd) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17031_none_fa50b3979b1bcb4a\TiWorker.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\ielowutil.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-21] (Realtek Semiconductor)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1160408 2017-03-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-30] (AVAST Software)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-02-26] (Qualcomm®Atheros®)
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1168896 2014-06-24] (Spotify Ltd)
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\MountPoints2: {11655245-e665-11e7-826d-f8a963a40627} - "E:\autorun.exe"
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\MountPoints2: {11655257-e665-11e7-826d-f8a963a40627} - "E:\autorun.exe"
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\MountPoints2: {11655ae5-e665-11e7-826d-f8a963a40627} - "F:\autorun.exe"
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\MountPoints2: {11655aef-e665-11e7-826d-f8a963a40627} - "F:\autorun.exe"
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\MountPoints2: {d2454599-6bd1-11e8-826e-f8a963a40627} - "E:\autorun.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.81\Installer\chrmstp.exe [2019-01-30] (Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> c:\Program Files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll [2017-03-28] (Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-02-26] (Qualcomm®Atheros®)
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-02-26] (Qualcomm®Atheros®)
Startup: C:\Users\Aspire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2018-09-24]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{7F614279-92D1-4F8D-B3C2-211DDB11ACE6}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{ED7ADB51-15BE-4AAD-BC5D-0BF629C3CD5C}: [DhcpNameServer] 213.46.172.37 213.46.172.36

Internet Explorer:
==================
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKU\S-1-5-21-2649769328-1442576681-4040288438-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2649769328-1442576681-4040288438-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2649769328-1442576681-4040288438-1001 -> {F4BA8A93-AE01-453D-8A4E-B1FCFEAF52C2} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-01-30] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-01-30] (Google Inc.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2019-01-30] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-01-30] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2019-01-30] (Google Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll No File
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-30] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-30] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-30] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-30] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll No File

FireFox:
========
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-30] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-03-28] (Adobe Systems Inc.)

Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Profile: C:\Users\Aspire\AppData\Local\Google\Chrome\User Data\Default [2019-01-31]
CHR Extension: (Prezentace) - C:\Users\Aspire\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-01-30]
CHR Extension: (Dokumenty) - C:\Users\Aspire\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-01-30]
CHR Extension: (Disk Google) - C:\Users\Aspire\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-01-30]
CHR Extension: (YouTube) - C:\Users\Aspire\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-30]
CHR Extension: (Tabulky) - C:\Users\Aspire\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-01-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\Aspire\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-01-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Aspire\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-01-30]
CHR Extension: (Gmail) - C:\Users\Aspire\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-01-30]
CHR Extension: (Chrome Media Router) - C:\Users\Aspire\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-30]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7834368 2019-01-30] (AVAST Software)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-02-26] (Windows (R) Win 7 DDK provider) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357816 2019-01-30] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9619816 2019-01-04] (Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573544 2014-03-21] (Acer Incorporated)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-18] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [459496 2014-03-17] (Acer Incorporate)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [457960 2014-03-22] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-03-22] (Acer Incorporate)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [222952 2014-01-25] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37304 2019-01-30] (AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [203488 2019-01-30] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [223056 2019-01-30] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196264 2019-01-30] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320888 2019-01-30] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [58160 2019-01-30] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239808 2019-01-30] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46584 2019-01-30] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42488 2019-01-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [166792 2019-01-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111992 2019-01-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88144 2019-01-30] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1034056 2019-01-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [474648 2019-01-30] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [218056 2019-01-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380144 2019-01-30] (AVAST Software)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3888640 2014-02-14] (Qualcomm Atheros Communications, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-26] (Qualcomm Atheros)
S3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Intel Corporation)
R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [67584 2013-11-11] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [461528 2013-12-20] (Realsil Semiconductor Corporation)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-19] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-31 17:16 - 2019-01-31 17:17 - 000016973 _____ C:\Users\Aspire\Desktop\FRST.txt
2019-01-31 00:54 - 2019-01-31 00:56 - 000000000 ____D C:\AdwCleaner
2019-01-31 00:49 - 2019-01-31 00:49 - 007316688 _____ (Malwarebytes) C:\Users\Aspire\Desktop\adwcleaner_7.2.7.0.exe
2019-01-31 00:10 - 2015-07-30 15:04 - 000124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2019-01-31 00:10 - 2015-07-30 14:48 - 000103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2019-01-30 23:47 - 2015-10-13 16:59 - 000397224 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2019-01-30 23:47 - 2015-10-13 16:59 - 000340872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2019-01-30 23:47 - 2015-10-13 16:59 - 000137960 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-01-30 23:47 - 2015-10-13 16:59 - 000120376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-01-30 23:47 - 2015-10-13 16:59 - 000106952 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2019-01-30 23:47 - 2015-10-13 16:59 - 000091416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2019-01-30 23:47 - 2015-10-11 07:36 - 000561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2019-01-30 23:47 - 2015-10-11 07:36 - 000177496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-01-30 23:47 - 2015-10-10 19:40 - 000202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-01-30 23:47 - 2015-10-10 19:39 - 000401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-01-30 23:47 - 2015-10-10 19:07 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-01-30 23:47 - 2015-10-10 18:33 - 001441280 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-01-30 23:47 - 2015-10-10 18:27 - 000432640 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-01-30 23:47 - 2015-10-10 18:11 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-01-30 23:47 - 2015-10-10 17:45 - 000359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-01-30 23:47 - 2015-06-27 04:12 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-01-30 23:47 - 2015-03-09 03:02 - 000057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
2019-01-30 23:47 - 2014-10-29 03:51 - 000154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-01-30 23:47 - 2014-10-29 03:50 - 000736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-01-30 23:47 - 2014-10-29 03:06 - 000736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-01-30 23:47 - 2014-10-29 03:06 - 000154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-01-30 23:47 - 2014-10-29 02:57 - 000324608 _____ (Microsoft Corporation) C:\Windows\system32\BthHFSrv.dll
2019-01-30 23:46 - 2015-05-30 22:18 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2019-01-30 23:46 - 2015-05-30 20:36 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2019-01-30 23:46 - 2015-05-30 20:35 - 000911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-01-30 23:46 - 2014-12-08 20:42 - 000535640 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2019-01-30 23:46 - 2014-12-08 20:42 - 000531616 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2019-01-30 23:46 - 2014-12-08 20:42 - 000448792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2019-01-30 23:46 - 2014-12-08 20:42 - 000413248 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2019-01-30 23:46 - 2014-12-08 20:42 - 000372408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2019-01-30 23:46 - 2014-12-08 20:42 - 000108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2019-01-30 23:46 - 2014-12-08 20:42 - 000038264 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2019-01-30 23:46 - 2014-12-08 20:42 - 000033584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2019-01-30 23:46 - 2014-10-29 05:00 - 000465320 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2019-01-30 23:46 - 2014-10-29 05:00 - 000139984 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2019-01-30 23:46 - 2014-10-29 04:52 - 000500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-01-30 23:46 - 2014-10-29 04:52 - 000482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-01-30 23:46 - 2014-10-29 04:52 - 000394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2019-01-30 23:46 - 2014-10-29 04:52 - 000272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-01-30 23:46 - 2014-10-29 04:12 - 000413136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2019-01-30 23:46 - 2014-10-29 04:12 - 000136296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2019-01-30 23:46 - 2014-10-29 04:07 - 000424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-01-30 23:46 - 2014-10-29 04:07 - 000370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-01-30 23:46 - 2014-10-29 04:07 - 000344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2019-01-30 23:46 - 2014-10-29 02:59 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2019-01-30 23:45 - 2016-02-02 19:16 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys
2019-01-30 23:45 - 2015-12-02 16:04 - 000670208 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2019-01-30 23:45 - 2015-12-02 16:01 - 000561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2019-01-30 23:45 - 2015-11-05 09:59 - 000145408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2019-01-30 23:45 - 2015-09-29 13:24 - 000155480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2019-01-30 23:45 - 2015-05-07 17:47 - 000564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2019-01-30 23:45 - 2015-03-11 02:49 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2019-01-30 23:45 - 2015-03-11 02:09 - 000021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2019-01-30 23:45 - 2014-10-29 03:45 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2019-01-30 23:45 - 2014-10-29 03:42 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2019-01-30 23:45 - 2014-10-29 03:00 - 000642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2019-01-30 23:45 - 2014-10-29 03:00 - 000005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2019-01-30 23:45 - 2014-10-29 02:58 - 000014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2019-01-30 23:44 - 2014-12-09 02:50 - 000225280 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2019-01-30 23:44 - 2014-06-16 23:26 - 000779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2019-01-30 23:44 - 2014-06-16 23:24 - 000834048 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2019-01-30 23:44 - 2014-06-06 15:20 - 004190720 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-01-30 23:33 - 2016-02-06 19:08 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2019-01-30 23:33 - 2014-04-08 23:46 - 000086688 _____ (Microsoft Corporation) C:\Windows\system32\mrt_map.dll
2019-01-30 23:33 - 2014-04-08 23:46 - 000028320 _____ (Microsoft Corporation) C:\Windows\system32\mrt100.dll
2019-01-30 23:33 - 2014-04-08 19:54 - 000080032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt_map.dll
2019-01-30 23:33 - 2014-04-08 19:54 - 000026784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt100.dll
2019-01-30 23:32 - 2016-01-31 18:17 - 000779264 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeui.exe
2019-01-30 22:36 - 2019-01-31 17:16 - 000000000 ____D C:\FRST
2019-01-30 22:33 - 2019-01-30 22:35 - 002428928 _____ (Farbar) C:\Users\Aspire\Desktop\FRST64.exe
2019-01-30 21:47 - 2019-01-30 21:47 - 000002506 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-01-30 21:47 - 2019-01-30 21:47 - 000002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-01-30 21:47 - 2019-01-30 21:47 - 000002477 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-01-30 21:47 - 2019-01-30 21:47 - 000002472 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-01-30 21:47 - 2019-01-30 21:47 - 000002433 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-01-30 21:47 - 2019-01-30 21:47 - 000002398 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-01-30 21:47 - 2019-01-30 21:47 - 000002394 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-01-30 21:47 - 2019-01-30 21:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2019-01-30 21:09 - 2019-01-30 21:10 - 000000000 ____D C:\ProgramData\Google
2019-01-30 21:09 - 2019-01-30 21:09 - 000000000 ____D C:\Program Files\Google
2019-01-30 21:08 - 2019-01-30 21:10 - 000000000 ____D C:\Users\Aspire\AppData\Local\Google
2019-01-30 21:07 - 2019-01-30 21:07 - 000002324 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-01-30 21:07 - 2019-01-30 21:07 - 000002283 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-01-30 21:02 - 2019-01-30 21:25 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-01-30 21:02 - 2019-01-30 21:25 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-01-30 21:01 - 2019-01-30 21:09 - 000000000 ____D C:\Program Files (x86)\Google
2019-01-30 20:59 - 2019-01-30 20:59 - 000000000 ____D C:\Users\Aspire\AppData\Roaming\AVAST Software
2019-01-30 20:59 - 2019-01-30 20:59 - 000000000 ____D C:\Users\Aspire\AppData\Local\CEF
2019-01-30 20:58 - 2019-01-30 20:58 - 000002099 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-01-30 20:58 - 2019-01-30 20:58 - 000000000 ____D C:\Users\Aspire\AppData\Local\AVAST Software
2019-01-30 20:58 - 2019-01-30 20:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2019-01-30 20:52 - 2019-01-30 20:52 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2019-01-30 20:51 - 2019-01-31 17:05 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-01-30 20:49 - 2019-01-30 20:51 - 000223056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-01-30 20:49 - 2019-01-30 20:51 - 000166792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-01-30 20:49 - 2019-01-30 20:47 - 000474648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-01-30 20:49 - 2019-01-30 20:47 - 000380144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-01-30 20:49 - 2019-01-30 20:47 - 000239808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-01-30 20:49 - 2019-01-30 20:47 - 000218056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-01-30 20:49 - 2019-01-30 20:47 - 000203488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-01-30 20:49 - 2019-01-30 20:47 - 000111992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-01-30 20:49 - 2019-01-30 20:47 - 000088144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-01-30 20:49 - 2019-01-30 20:47 - 000046584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2019-01-30 20:49 - 2019-01-30 20:47 - 000042488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-01-30 20:49 - 2019-01-30 20:46 - 001034056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-01-30 20:49 - 2019-01-30 20:46 - 000320888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblog.sys
2019-01-30 20:49 - 2019-01-30 20:46 - 000196264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-01-30 20:49 - 2019-01-30 20:46 - 000058160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-01-30 20:49 - 2019-01-30 20:46 - 000037304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-01-30 20:48 - 2019-01-30 20:48 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-01-30 20:48 - 2019-01-30 20:47 - 000361352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-01-30 20:44 - 2019-01-30 20:48 - 000000000 ____D C:\ProgramData\AVAST Software
2019-01-30 20:44 - 2019-01-30 20:44 - 000000000 ____D C:\Program Files\AVAST Software
2019-01-30 20:43 - 2019-01-30 20:43 - 007450264 _____ (AVAST Software) C:\Users\Aspire\Downloads\avast_free_antivirus_setup_online_l3a.exe

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-31 17:16 - 2015-12-12 02:05 - 000003958 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{5ADC40AB-14AB-4317-9B8F-3D1A756ABBD7}
2019-01-31 17:15 - 2015-12-03 18:01 - 000003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2649769328-1442576681-4040288438-1001
2019-01-31 17:15 - 2013-08-22 16:20 - 000000000 ____D C:\Windows\CbsTemp
2019-01-31 17:11 - 2016-09-19 15:06 - 000000000 __RDO C:\Users\Aspire\OneDrive
2019-01-31 17:10 - 2013-08-22 15:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-01-31 00:52 - 2014-04-21 11:09 - 000000000 ____D C:\ProgramData\McAfee
2019-01-31 00:38 - 2015-12-03 17:54 - 000000000 ____D C:\Users\Aspire\AppData\Local\SweetLabs App Platform
2019-01-31 00:25 - 2013-08-22 15:44 - 000484904 _____ C:\Windows\system32\FNTCACHE.DAT
2019-01-31 00:25 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\Inf
2019-01-30 23:16 - 2013-08-22 14:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2019-01-30 23:13 - 2014-06-24 23:04 - 000739924 _____ C:\Windows\system32\perfh005.dat
2019-01-30 23:13 - 2014-06-24 23:04 - 000151610 _____ C:\Windows\system32\perfc005.dat
2019-01-30 23:13 - 2014-03-18 10:47 - 001745984 _____ C:\Windows\system32\PerfStringBackup.INI
2019-01-30 23:11 - 2014-04-21 11:06 - 000002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2019-01-30 23:10 - 2016-02-17 18:34 - 000000000 ____D C:\Users\Aspire\AppData\Local\CrashDumps
2019-01-30 23:01 - 2017-11-14 15:40 - 000003166 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2649769328-1442576681-4040288438-1001
2019-01-30 23:01 - 2017-11-13 18:07 - 000002333 _____ C:\Users\Aspire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive pro firmy.lnk
2019-01-30 23:00 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\system32\NDF
2019-01-30 21:50 - 2013-08-22 16:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-01-30 21:45 - 2014-06-24 23:17 - 000000000 ____D C:\Program Files (x86)\Microsoft Office

Some files in TEMP:
====================
2015-12-31 13:59 - 2015-12-31 13:59 - 000467968 _____ (Realtek Semiconductor Corp.) C:\Users\Aspire\AppData\Local\Temp\COMAP.EXE
2017-08-19 13:13 - 2017-08-19 13:14 - 063610200 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\oct14C.tmp.exe
2017-05-19 18:35 - 2017-05-22 14:08 - 064118864 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\oct1D38.tmp.exe
2015-12-03 17:59 - 2015-12-03 17:59 - 000002399 _____ () C:\Users\Aspire\AppData\Local\Temp\oct267E.tmp.exe
2016-07-25 08:15 - 2016-07-25 08:15 - 063953600 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\oct2F90.tmp.exe
2016-07-30 18:26 - 2016-07-30 18:26 - 063953128 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\oct3BB7.tmp.exe
2015-12-15 01:02 - 2015-12-15 01:02 - 063066872 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\oct52CC.tmp.exe
2018-01-22 14:41 - 2018-01-22 14:42 - 041424392 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\oct59ED.tmp.exe
2016-02-17 09:38 - 2016-02-17 09:39 - 063078856 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\oct6129.tmp.exe
2017-08-11 16:53 - 2017-08-11 16:57 - 063610592 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\oct6A8D.tmp.exe
2016-11-17 13:02 - 2016-11-17 13:06 - 064111920 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\oct7B2D.tmp.exe
2016-09-20 18:52 - 2016-09-20 18:53 - 064108904 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\oct8785.tmp.exe
2019-01-30 20:37 - 2019-01-30 20:38 - 044622200 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\octA35.tmp.exe
2017-12-07 19:11 - 2017-12-08 18:36 - 041373360 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\octA943.tmp.exe
2016-04-16 07:14 - 2016-04-16 07:15 - 063707840 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\octA9F8.tmp.exe
2018-03-17 13:11 - 2018-03-17 13:12 - 041561472 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\octAD0C.tmp.exe
2017-12-16 09:29 - 2017-12-16 09:29 - 041440856 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\octBC22.tmp.exe
2016-03-12 13:44 - 2016-03-12 13:45 - 063142648 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\octC8D8.tmp.exe
2015-12-12 03:46 - 2015-12-12 03:47 - 062903592 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\octD51A.tmp.exe
2017-10-07 12:49 - 2017-10-07 12:50 - 041565936 _____ (SweetLabs,Inc.) C:\Users\Aspire\AppData\Local\Temp\octEDD.tmp.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-01-30 23:28

==================== End of FRST.txt ============================

Este pred nasledujucim krokom odporucam odinstalovat aj "Google Toolbar for Internet Explorer", ak ho nepouzivas/nepotrebujes (zbytocny toolbar, zrejme tiez nainstalovany neumyselne).

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
  File: C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
  File: C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
  File: C:\Windows\System32\HPZinw12.dll
  File: C:\Windows\System32\HPZipm12.dll
  ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{18455581-E099-4BA8-BC6B-F34B2F06600C}
  ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11d4-9B18-009027A5CD4F}
  
  HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\MountPoints2: {11655245-e665-11e7-826d-f8a963a40627} - "E:\autorun.exe" 
  HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\MountPoints2: {11655257-e665-11e7-826d-f8a963a40627} - "E:\autorun.exe" 
  HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\MountPoints2: {11655ae5-e665-11e7-826d-f8a963a40627} - "F:\autorun.exe" 
  HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\MountPoints2: {11655aef-e665-11e7-826d-f8a963a40627} - "F:\autorun.exe" 
  HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\MountPoints2: {d2454599-6bd1-11e8-826e-f8a963a40627} - "E:\autorun.exe" 
  HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
  HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
  SearchScopes: HKU\S-1-5-21-2649769328-1442576681-4040288438-1001 -> {F4BA8A93-AE01-453D-8A4E-B1FCFEAF52C2} URL = 
  BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-01-30] (Google Inc.)
  BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2019-01-30] (Google Inc.)
  Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-01-30] (Google Inc.)
  Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2019-01-30] (Google Inc.)
  Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll No File
  Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll No File
  FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [No File]
  2019-01-31 00:52 - 2014-04-21 11:09 - 000000000 ____D C:\ProgramData\McAfee
  CustomCLSID: HKU\S-1-5-21-2649769328-1442576681-4040288438-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Aspire\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileCoAuthLib64.dll => No File
  ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
  HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
  HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
  C:\Program Files\Common Files\mcafee
  FirewallRules: [{DE009EB0-F7C2-4C4C-B04F-F38E497FD23F}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe No File
  FirewallRules: [{AC236072-FE1C-4CCF-95A2-F784C5EB3DF9}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe No File
  C:\Users\Aspire\AppData\Local\SweetLabs App Platform
  c:\PROGRA~1\mcafee
  c:\PROGRA~2\mcafee
  c:\PROGRA~3\mcafee
  
  Hosts:
  EmptyTemp:
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Fix result of Farbar Recovery Scan Tool (x64) Version: 30.01.2019
Ran by Aspire (01-02-2019 10:14:46) Run:1
Running from C:\Users\Aspire\Desktop
Loaded Profiles: Aspire (Available Profiles: Aspire)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
File: C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
File: C:\Windows\System32\HPZinw12.dll
File: C:\Windows\System32\HPZipm12.dll
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{18455581-E099-4BA8-BC6B-F34B2F06600C}
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11d4-9B18-009027A5CD4F}

HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\MountPoints2: {11655245-e665-11e7-826d-f8a963a40627} - "E:\autorun.exe"
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\MountPoints2: {11655257-e665-11e7-826d-f8a963a40627} - "E:\autorun.exe"
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\MountPoints2: {11655ae5-e665-11e7-826d-f8a963a40627} - "F:\autorun.exe"
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\MountPoints2: {11655aef-e665-11e7-826d-f8a963a40627} - "F:\autorun.exe"
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\...\MountPoints2: {d2454599-6bd1-11e8-826e-f8a963a40627} - "E:\autorun.exe"
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKU\S-1-5-21-2649769328-1442576681-4040288438-1001 -> {F4BA8A93-AE01-453D-8A4E-B1FCFEAF52C2} URL =
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-01-30] (Google Inc.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2019-01-30] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-01-30] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2019-01-30] (Google Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll No File
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [No File]
2019-01-31 00:52 - 2014-04-21 11:09 - 000000000 ____D C:\ProgramData\McAfee
CustomCLSID: HKU\S-1-5-21-2649769328-1442576681-4040288438-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Aspire\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileCoAuthLib64.dll => No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
C:\Program Files\Common Files\mcafee
FirewallRules: [{DE009EB0-F7C2-4C4C-B04F-F38E497FD23F}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{AC236072-FE1C-4CCF-95A2-F784C5EB3DF9}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe No File
C:\Users\Aspire\AppData\Local\SweetLabs App Platform
c:\PROGRA~1\mcafee
c:\PROGRA~2\mcafee
c:\PROGRA~3\mcafee

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 14
Average :
Sum : 752156437
Maximum :
Minimum :
Property : Length




========= End of Powershell: =========


========================= File: C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe ========================

C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
File not signed
MD5: BBF78A7D6F9BFF37927303ED2539FAB7
Creation and modification date: 2014-02-26 06:17 - 2014-02-26 06:17
Size: 000319104
Attributes: ----A
Company Name: Windows (R) Win 7 DDK provider
Internal Name: SETUPAPI.DLL
Original Name: SETUPAPI.DLL
Product: Windows (R) Win 7 DDK driver
Description: Windows Setup API
File Version: 6.2.9200.16384
Product Version: 6.2.9200.16384
Copyright: © Microsoft Corporation. All rights reserved.
VirusTotal: https://www.virustotal.com/file/b37b291 ... 545032211/

====== End of File: ======


========================= File: C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe ========================

C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
File not signed
MD5: 768DD5CB66952BC4A3BD474757AEE34F
Creation and modification date: 2013-07-02 04:08 - 2013-07-02 04:08
Size: 000733696
Attributes: ----A
Company Name: Intel(R) Corporation
Internal Name: HeciServer
Original Name: HeciServer.exe
Product: Intel(R) Capability Licensing Service Interface
Description: Intel(R) Capability Licensing Service Interface
File Version: 1.28.506.1 sys_sysscbld
Product Version: 1,28,506,1
Copyright: (C) Copyright Intel(R) Corporation
VirusTotal: https://www.virustotal.com/file/5a1f91f ... 548452971/

====== End of File: ======


========================= File: C:\Windows\System32\HPZinw12.dll ========================

C:\Windows\System32\HPZinw12.dll
File not signed
MD5: D4F51E88C71BF8F06EA1BE320B0BB75B
Creation and modification date: 2010-01-18 12:29 - 2010-01-18 12:29
Size: 000071680
Attributes: ----A
Company Name: Hewlett-Packard
Internal Name: Dot4Net
Original Name: Dot4Net.DLL
Product: Bidi User Mode
Description: Dot4Net Module
File Version: 12,2,5,51
Product Version: 12,2,5,51
Copyright: Copyright © 2006, 2007 Hewlett-Packard
VirusTotal: https://www.virustotal.com/file/abda528 ... 545985891/

====== End of File: ======


========================= File: C:\Windows\System32\HPZipm12.dll ========================

C:\Windows\System32\HPZipm12.dll
File not signed
MD5: 9A80707D8B6C1806531BFD7399B3CC76
Creation and modification date: 2010-01-18 12:29 - 2010-01-18 12:29
Size: 000089600
Attributes: ----A
Company Name: Hewlett-Packard
Internal Name: PmlDrv
Original Name: PmlDrv.DLL
Product: Bidi User Mode
Description: PmlDrv Module
File Version: 12,2,5,51
Product Version: 12,2,5,51
Copyright: Copyright © 2006, 2007 Hewlett-Packard
VirusTotal: https://www.virustotal.com/file/c9996a2 ... 539270422/

====== End of File: ======

================== ExportKey: ===================

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{18455581-E099-4BA8-BC6B-F34B2F06600C}]
"AuthorizedCDFPrefix"=""
"Comments"=""
"Contact"=""
"DisplayVersion"="1.0.0"
"HelpLink"=""
"HelpTelephone"=""
"InstallDate"="20190130"
"InstallLocation"="C:\Program Files (x86)\Google\Installers\"
"InstallSource"="C:\Program Files (x86)\Google\Google Toolbar\"
"ModifyPath"="MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}"
"Publisher"="Google Inc."
"Readme"=""
"Size"=""
"EstimatedSize"="45"
"SystemComponent"="1"
"UninstallString"="MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}"
"URLInfoAbout"=""
"URLUpdateInfo"=""
"VersionMajor"="1"
"VersionMinor"="0"
"WindowsInstaller"="1"
"Version"="16777216"
"Language"="1033"
"DisplayName"="Google Toolbar for Internet Explorer"

=== End of ExportKey ===
================== ExportKey: ===================

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11d4-9B18-009027A5CD4F}]
"DisplayName"="Google Toolbar for Internet Explorer"
"UninstallString"=""C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_8B0481A9A34D47CD.exe" /uninstall"
"NoModify"="1"
"NoRepair"="1"
"Publisher"="Google Inc."
"DisplayIcon"="C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_8B0481A9A34D47CD.exe"
"InstallLocation"="C:\Program Files (x86)\Google\Google Toolbar\"
"MajorVersion"="7"
"MinorVersion"="5"
"DisplayVersion"="7.5.8231.2252"

=== End of ExportKey ===
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{11655245-e665-11e7-826d-f8a963a40627} => removed successfully
HKLM\Software\Classes\CLSID\{11655245-e665-11e7-826d-f8a963a40627} => not found
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{11655257-e665-11e7-826d-f8a963a40627} => removed successfully
HKLM\Software\Classes\CLSID\{11655257-e665-11e7-826d-f8a963a40627} => not found
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{11655ae5-e665-11e7-826d-f8a963a40627} => removed successfully
HKLM\Software\Classes\CLSID\{11655ae5-e665-11e7-826d-f8a963a40627} => not found
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{11655aef-e665-11e7-826d-f8a963a40627} => removed successfully
HKLM\Software\Classes\CLSID\{11655aef-e665-11e7-826d-f8a963a40627} => not found
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d2454599-6bd1-11e8-826e-f8a963a40627} => removed successfully
HKLM\Software\Classes\CLSID\{d2454599-6bd1-11e8-826e-f8a963a40627} => not found
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F4BA8A93-AE01-453D-8A4E-B1FCFEAF52C2} => removed successfully
HKLM\Software\Classes\CLSID\{F4BA8A93-AE01-453D-8A4E-B1FCFEAF52C2} => not found
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => removed successfully
HKLM\Software\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => removed successfully
HKLM\Software\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => removed successfully
HKLM\Software\Classes\PROTOCOLS\Handler\dssrequest => removed successfully
HKLM\Software\Classes\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5} => removed successfully
HKLM\Software\Classes\PROTOCOLS\Handler\sacore => removed successfully
HKLM\Software\Classes\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5} => not found
HKLM\Software\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0 => removed successfully
C:\ProgramData\McAfee => moved successfully
HKU\S-1-5-21-2649769328-1442576681-4040288438-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5} => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => removed successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => removed successfully
C:\Program Files\Common Files\mcafee => moved successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DE009EB0-F7C2-4C4C-B04F-F38E497FD23F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AC236072-FE1C-4CCF-95A2-F784C5EB3DF9}" => removed successfully
C:\Users\Aspire\AppData\Local\SweetLabs App Platform => moved successfully
"c:\PROGRA~1\mcafee" => not found
"c:\PROGRA~2\mcafee" => not found
"c:\PROGRA~3\mcafee" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 96269802 B
Java, Flash, Steam htmlcache => 21274 B
Windows/system/drivers => 317028066 B
Edge => 0 B
Chrome => 36270499 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 10608 B
NetworkService => 1710348 B
Aspire => 5140987349 B

RecycleBin => 77918 B
EmptyTemp: => 5.2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 10:24:09 ====

Nastala nejaka zmena alebo su este s PC nejake problemy?

Plocha ma cca 700 MB, co sice nie je az tak vela, ale aj tak preventivne odporucam presunut vsetky subory a zlozky z plochy do dokumentov a na ploche nechat iba odkazy/zastupcov. Prilis velka velkost plochy moze sposobit spomalenie systemu.

NTB se znatelně zrychlil ale pořád nejdou zapnout některé služby (ovládání hlasitosti, síťové komponenty, aktualizace atd...)

Spusti kontrolu integrity systemovych suborov:

• Otvor Start, napis "cmd" (bez uvodzoviek), klikni pravym tlacitkom mysi na Prikazovy riadok a klikni na Spustit ako spravca
• Skopiruj a spusti prikaz:

  Kód: Vybrat vše

  DISM.exe /Online /Cleanup-image /Restorehealth

• Po dokonceni skopiruj a spusti druhy prikaz:

  Kód: Vybrat vše

  sfc /scannow

• Po dokonceni obidvoch prikazov skopiruj a spusti tento prikaz:

  Kód: Vybrat vše

  findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >> "%userprofile%\desktop\sfcdetails.txt" && copy %windir%\logs\dism\dism.log %userprofile%\desktop\dism.txt

• Na ploche sa vytvoria subory sfcdetails.txt a dism.txt, tieto subory zabal ho do archivu RAR alebo ZIP a posli ako prilohu k dalsiemu prispevku
• Restartuj PC a napis ako sa chova PC

Aktualizace zatím vypadají, že běží, ale služby ještě ne. Navíc sfc nechodí

sfc běží chtělo to restart

Pardon za zdrzanie.

Spusti este raz obidva prikazy a posli logy.

Ako to vyzera s PC?

Omlouvat se netřeba Jsem rád že mi někdo pomůže a stejně jsem teď neměl čas. PC vypadá, že je v cajku přeinstaloval jsem ovladače, které byly na službě závislé (zvuk, wifi, net atd.) a vypadá, že vše běhá jak má. Logy zašlu jen co se dokončí.

Zasílám slíbený log