problém s internetem

[korjin]

Dobrý den,
na ntb Acer Aspire SW5-011, W8.1, připojení přes WiFi, se vyskytl problém s připojením do internetu.
Spojení s wifi routerem je v pořádku, ping na 8.8.8.8 chodí, ping na www.seznam.cz chodí, tracert na google chodí, nslookup chodí..
nelze se ale připojit na žádné stránky, .cz, .org, .com...
připojení nejde ani na ip adresu stránek...
nemáte nějaký tip na vyzkoušení?
díky moc

[Rudy]

Zdravím!
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

[korjin]

tady:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-11-2016
Ran by Petra (administrator) on ACER (15-11-2016 21:10:07)
Running from D:\
Loaded Profiles: Petra (Available Profiles: Petra)
Platform: Microsoft Windows 8.1 (Update) (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Acer Incorporated) C:\Program Files\Acer\AOP Framework\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Acer Cloud Technology) C:\Program Files\Acer\AOP Framework\acer\ccd.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\AP\RtkNGUI.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Spotify Ltd) C:\Program Files\Spotify\Data\SpotifyWebHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe
(Acer Incorporated) C:\Program Files\Acer\AOP Framework\BackgroundAgent.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files\Acer\Live Updater\updater.exe


==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\windows\system32\DptfPolicyLpmServiceHelper.exe [73216 2013-12-30] (Intel Corporation)
HKLM\...\Run: [RtkNGUI] => C:\Program Files\Realtek\Audio\AP\RtkNGUI.exe [2912256 2014-05-26] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9099440 2016-10-31] (AVAST Software)
HKU\S-1-5-21-3749294601-1816942316-3229434055-1001\...\Run: [Spotify Web Helper] => C:\Program Files\Spotify\Data\SpotifyWebHelper.exe [1168896 2014-05-26] (Spotify Ltd)
HKU\S-1-5-21-3749294601-1816942316-3229434055-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6675672 2016-04-15] (Piriform Ltd)
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [292824 2014-03-08] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-09-18] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{B80FEE77-AD8B-49DA-A42B-9483D07E992C}: [NameServer] 77.234.40.79
Tcpip\..\Interfaces\{C18DF28A-F6FE-4AC2-9E93-E8A21D1AC06A}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-3749294601-1816942316-3229434055-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.cz/
HKU\S-1-5-21-3749294601-1816942316-3229434055-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3749294601-1816942316-3229434055-1001 -> DefaultScope {03896881-612B-4B78-AC2B-2D9882506CF3} URL =
SearchScopes: HKU\S-1-5-21-3749294601-1816942316-3229434055-1001 -> {03896881-612B-4B78-AC2B-2D9882506CF3} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-25] (AVAST Software)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-18]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-18]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-08-04] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR StartupUrls: Profile 1 -> "hxxp://www.seznam.cz/","hxxps://www.google.cz/"
CHR Profile: C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default [2016-11-15]
CHR Extension: (Docs) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-14]
CHR Extension: (Disk Google) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-14]
CHR Extension: (YouTube) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-14]
CHR Extension: (Gmail) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-14]
CHR Profile: C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Profile 1 [2016-11-15]
CHR Extension: (Dokumenty Google) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-21]
CHR Extension: (Disk Google) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-05]
CHR Extension: (Vyhledávání Google) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Avast Passwords) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2016-11-11]
CHR Extension: (Avast SafePrice) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-11-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-19]
CHR Extension: (Avast Online Security) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-11-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03]
CHR Extension: (Gmail) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-06]
CHR Extension: (Chrome Media Router) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-23]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-18] (AVAST Software)
S2 BcmBtRSupport; C:\windows\system32\BtwRSupportService.exe [1677016 2013-11-13] (Broadcom Corporation.)
R2 CCDMonitorService; C:\Program Files\Acer\AOP Framework\CCDMonitorService.exe [2267352 2016-08-15] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [2039536 2016-10-03] (Microsoft Corporation)
S3 cphs; C:\windows\system32\IntelCpHeciSvc.exe [279000 2014-01-06] (Intel Corporation)
R2 DptfParticipantProcessorService; C:\windows\system32\DptfParticipantProcessorService.exe [75264 2013-12-30] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\windows\system32\DptfPolicyCriticalService.exe [89088 2013-12-30] (Intel Corporation)
R2 DptfPolicyLpmService; C:\windows\system32\DptfPolicyLpmService.exe [82432 2013-12-30] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [456936 2014-05-22] (Acer Incorporate)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [450792 2014-05-26] (Acer Incorporate)
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [442088 2014-05-26] (Acer Incorporate)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5448976 2015-04-17] (TeamViewer GmbH)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [238848 2014-09-09] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [288128 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22192 2014-09-22] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswHwid; C:\windows\system32\drivers\aswHwid.sys [34008 2016-09-18] (AVAST Software)
R1 aswKbd; C:\windows\system32\drivers\aswKbd.sys [35096 2016-09-18] (AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [92256 2016-09-18] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [91232 2016-09-18] (AVAST Software)
R0 aswRvrt; C:\windows\system32\Drivers\aswRvrt.sys [60424 2016-09-18] (AVAST Software)
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [735488 2016-09-18] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [433768 2016-09-25] (AVAST Software)
R2 aswStm; C:\windows\system32\drivers\aswStm.sys [118664 2016-09-18] (AVAST Software)
S3 aswTap; C:\windows\system32\DRIVERS\aswTap.sys [38984 2016-04-30] (The OpenVPN Project)
R0 aswVmm; C:\windows\system32\Drivers\aswVmm.sys [224752 2016-10-13] (AVAST Software)
S3 AX88179; C:\windows\system32\DRIVERS\ax88179_178a.sys [60816 2013-07-08] (ASIX Electronics Corp.)
R3 BCMSDH43XX; C:\windows\system32\DRIVERS\bcmdhd63.sys [304344 2013-10-03] (Broadcom Corp)
R3 BthMini; C:\windows\System32\Drivers\BTHMINI.sys [24064 2013-08-22] (Microsoft Corporation)
S3 btwampfl; C:\windows\System32\drivers\btwampfl.sys [145112 2014-02-03] (Broadcom Corporation.)
R3 BtwSerialBus; C:\windows\System32\drivers\BtwSerialBus.sys [130776 2013-09-09] (Broadcom Corporation.)
R3 camera; C:\windows\system32\DRIVERS\camera.sys [401408 2013-12-30] (Intel Corporation)
R3 CM3218x; C:\windows\system32\DRIVERS\WUDFRd.sys [188416 2014-05-31] (Microsoft Corporation)
R3 CPLMACPI; C:\windows\system32\DRIVERS\CPLMACPI.sys [16488 2013-09-07] (Capella Microsystems, Inc.)
S3 DptfDevAmbient; C:\windows\System32\drivers\DptfDevAmbient.sys [36352 2013-12-30] (Intel Corporation)
S3 DptfDevDBPT; C:\windows\System32\drivers\DptfDevPower.sys [17408 2013-12-30] (Intel Corporation)
R3 DptfDevDisplay; C:\windows\System32\drivers\DptfDevDisplay.sys [19968 2013-12-30] (Intel Corporation)
R3 DptfDevGen; C:\windows\System32\drivers\DptfDevGen.sys [28160 2013-12-30] (Intel Corporation)
R3 DptfDevProc; C:\windows\System32\drivers\DptfDevProc.sys [72704 2013-12-30] (Intel Corporation)
R3 DptfManager; C:\windows\System32\drivers\DptfManager.sys [176640 2013-12-30] (Intel Corporation)
R3 GPIO; C:\windows\System32\drivers\iaiogpioe.sys [23552 2013-12-30] (Intel Corporation)
R3 GpioVirtual; C:\windows\System32\drivers\iaiogpiovirtual.sys [16896 2013-12-30] (Intel Corporation)
R3 iaioi2c; C:\windows\System32\drivers\iaioi2ce.sys [58368 2013-12-30] (Intel Corporation)
R3 iaiospi; C:\windows\System32\drivers\iaiospi.sys [53760 2013-12-30] (Intel Corporation)
R3 iaiouart; C:\windows\System32\drivers\iaiouart.sys [87552 2013-12-30] (Intel Corporation)
S3 intaud_WaveExtensible; C:\windows\system32\drivers\intelaud.sys [32664 2013-12-27] (Intel Corporation)
R3 IntelSST; C:\windows\system32\drivers\isstrtc.sys [254464 2013-12-30] (Intel(R) Corporation)
R3 INVN_MotionApps; C:\windows\system32\DRIVERS\WUDFRd.sys [188416 2014-05-31] (Microsoft Corporation)
R3 iwdbus; C:\windows\System32\drivers\iwdbus.sys [23448 2013-12-27] (Intel Corporation)
S0 Lm3554; C:\windows\System32\drivers\lm3554.sys [25088 2013-12-30] (Intel Corporation)
R3 LMDriver; C:\windows\System32\drivers\LMDriver.sys [18232 2014-05-26] (Acer Incorporated)
R0 MBI; C:\windows\System32\drivers\MBI.sys [21456 2013-12-30] (Intel Corporation)
R3 ov2722; C:\windows\System32\drivers\ov2722.sys [43520 2013-12-30] (Intel Corporation)
R3 PMIC; C:\windows\System32\drivers\PMIC.sys [48128 2013-12-30] (Intel Corporation)
R3 RadioShim; C:\windows\System32\drivers\RadioShim.sys [13112 2014-05-26] (Acer Incorporated)
R3 rtii2sac; C:\windows\system32\DRIVERS\rtii2sac.sys [167640 2014-02-11] (Realtek Semiconductor Corp.)
R3 SensorsServiceDriver; C:\windows\system32\DRIVERS\WUDFRd.sys [188416 2014-05-31] (Microsoft Corporation)
R3 SynRMIHID; C:\windows\System32\drivers\SynRMIHID.sys [36080 2014-02-19] (Synaptics Incorporated)
R3 TXEI; C:\windows\System32\drivers\TXEI.sys [76304 2013-12-30] (Intel Corporation)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [29688 2014-09-22] (Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [219968 2014-09-22] (Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [84800 2014-09-22] (Microsoft Corporation)
R3 WUDFSensorLP; C:\windows\system32\DRIVERS\WUDFRd.sys [188416 2014-05-31] (Microsoft Corporation)
R3 WUDFWpdMtp; C:\windows\system32\DRIVERS\WUDFRd.sys [188416 2014-05-31] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-15 21:09 - 2016-11-15 21:10 - 00000000 ____D C:\FRST
2016-11-14 19:52 - 2016-11-15 19:15 - 00000000 ____D C:\Users\Petra\Desktop\to ostatní
2016-11-14 19:51 - 2016-11-15 19:15 - 00000000 ____D C:\Users\Petra\Desktop\Přednášky
2016-11-14 19:35 - 2016-11-14 19:35 - 00002385 _____ C:\Users\Petra\Desktop\Marťan - Chrome.lnk
2016-11-10 10:30 - 2016-11-10 10:30 - 01059532 _____ C:\Users\Petra\Downloads\JO1493_20161101-new-nlh-brief-first-officers_04-Nov-2016.pdf
2016-11-10 10:25 - 2016-11-10 10:26 - 01049681 _____ C:\Users\Petra\Downloads\Guide to Webcruiter Norwegian Boeing 787 application.pdf
2016-11-08 22:48 - 2016-11-02 21:48 - 00315224 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2016-11-08 22:48 - 2016-11-02 15:00 - 00035840 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2016-11-08 22:48 - 2016-10-27 16:05 - 20304896 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-11-08 22:48 - 2016-10-27 15:16 - 00689664 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-11-08 22:48 - 2016-10-25 15:09 - 03475456 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-11-08 22:48 - 2016-10-22 18:35 - 00498688 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-11-08 22:48 - 2016-10-22 18:34 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2016-11-08 22:48 - 2016-10-22 18:27 - 02287616 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-11-08 22:48 - 2016-10-22 18:21 - 00663552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-11-08 22:48 - 2016-10-22 17:58 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-11-08 22:48 - 2016-10-22 17:57 - 00128000 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2016-11-08 22:48 - 2016-10-22 17:56 - 00279040 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-11-08 22:48 - 2016-10-22 17:51 - 00880640 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2016-11-08 22:48 - 2016-10-22 17:46 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-11-08 22:48 - 2016-10-22 17:45 - 00693248 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-11-08 22:48 - 2016-10-22 17:45 - 00330752 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-11-08 22:48 - 2016-10-22 17:44 - 04608000 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-11-08 22:48 - 2016-10-22 17:43 - 02055680 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-11-08 22:48 - 2016-10-22 17:30 - 13654016 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-11-08 22:48 - 2016-10-22 17:12 - 02444800 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-11-08 22:48 - 2016-10-22 17:09 - 01312256 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-11-08 22:48 - 2016-10-22 17:09 - 00710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-11-08 22:48 - 2016-10-13 20:06 - 01124376 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2016-11-08 22:48 - 2016-10-12 09:05 - 00279384 _____ (Microsoft Corporation) C:\windows\system32\Drivers\clfs.sys
2016-11-08 22:48 - 2016-10-11 21:21 - 00399776 _____ (Microsoft Corporation) C:\windows\system32\mfsvr.dll
2016-11-08 22:48 - 2016-10-11 18:30 - 00247296 _____ (Microsoft Corporation) C:\windows\system32\microsoft-windows-system-events.dll
2016-11-08 22:48 - 2016-10-11 17:55 - 00226816 _____ (Microsoft Corporation) C:\windows\system32\input.dll
2016-11-08 22:48 - 2016-10-10 22:17 - 00333656 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-11-08 22:48 - 2016-10-10 00:03 - 00410968 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vhdmp.sys
2016-11-08 22:48 - 2016-10-08 22:49 - 02410496 _____ (Microsoft Corporation) C:\windows\system32\MSVidCtl.dll
2016-11-08 22:48 - 2016-10-08 22:27 - 01117184 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-11-08 22:48 - 2016-10-08 22:21 - 00254464 _____ (Microsoft Corporation) C:\windows\system32\UIAnimation.dll
2016-11-08 22:48 - 2016-10-08 02:34 - 01212248 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2016-11-08 22:48 - 2016-10-04 21:21 - 00079360 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bowser.sys
2016-11-08 22:48 - 2016-10-04 21:08 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\olepro32.dll
2016-11-08 22:48 - 2016-10-04 21:08 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\asycfilt.dll
2016-11-08 22:48 - 2016-09-30 14:39 - 01185792 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2016-11-08 22:48 - 2016-09-09 23:18 - 00239960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2016-11-08 22:48 - 2016-09-09 15:09 - 00203776 _____ (Microsoft Corporation) C:\windows\system32\DafPrintProvider.dll
2016-11-08 22:48 - 2016-09-09 15:03 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
2016-11-08 22:48 - 2016-09-09 15:02 - 00067584 _____ (Microsoft Corporation) C:\windows\system32\iscsiwmi.dll
2016-11-08 22:48 - 2016-09-09 14:38 - 00446124 _____ C:\windows\system32\ApnDatabase.xml
2016-11-08 22:48 - 2016-09-03 18:21 - 00055296 _____ (Microsoft Corporation) C:\windows\system32\iscsidsc.dll
2016-11-08 22:48 - 2016-09-03 18:10 - 00116224 _____ (Microsoft Corporation) C:\windows\system32\iscsiexe.dll
2016-11-08 22:48 - 2016-09-03 16:58 - 00397824 _____ (Microsoft Corporation) C:\windows\system32\winspool.drv
2016-11-08 22:48 - 2016-09-03 16:53 - 00878080 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2016-11-08 22:48 - 2016-09-02 15:05 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\pdh.dll
2016-11-08 22:48 - 2016-09-01 15:31 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\SessEnv.dll
2016-11-08 22:48 - 2016-09-01 15:30 - 00315904 _____ (Microsoft Corporation) C:\windows\system32\vmrdvcore.dll
2016-11-08 22:48 - 2016-08-30 15:05 - 00078336 _____ (Microsoft Corporation) C:\windows\system32\dab.dll
2016-11-08 22:48 - 2016-08-30 03:18 - 00050688 _____ (Microsoft Corporation) C:\windows\system32\xolehlp.dll
2016-11-08 22:48 - 2016-08-30 03:03 - 00721920 _____ (Microsoft Corporation) C:\windows\system32\msdtcprx.dll
2016-11-08 22:48 - 2015-07-22 15:15 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll
2016-11-08 22:48 - 2014-10-29 02:58 - 00095744 _____ (Microsoft Corporation) C:\windows\system32\iscsiwmiv2.dll
2016-11-08 22:48 - 2014-10-29 02:58 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\iscsied.dll
2016-11-08 22:48 - 2014-10-29 02:53 - 00027136 _____ (Microsoft Corporation) C:\windows\system32\iscsium.dll
2016-11-08 22:48 - 2014-10-29 02:48 - 00147456 _____ (Microsoft Corporation) C:\windows\system32\iscsicli.exe
2016-11-08 22:48 - 2014-10-29 02:20 - 00067584 _____ (Microsoft Corporation) C:\windows\system32\rdvvmtransport.dll
2016-11-06 13:38 - 2016-11-06 13:38 - 00289280 _____ C:\Users\Petra\Downloads\Test_z_fyziky_–_telesa_a_latky.ppt
2016-11-01 16:52 - 2014-09-22 17:59 - 01442304 _____ C:\Users\Petra\Desktop\PRVNÍ POMOC.ppt
2016-10-23 16:27 - 2016-10-23 16:28 - 00190688 _____ C:\Users\Petra\Downloads\Sedm mytu o ceskych sestrach (2).pdf
2016-10-18 13:13 - 2016-10-18 13:13 - 00881163 _____ C:\Users\Petra\Downloads\Cenik_GLA_4_2016.pdf
2016-10-18 13:04 - 2016-10-18 13:05 - 01057873 _____ C:\Users\Petra\Downloads\Cenik_C_sedan_4_2016.pdf
2016-10-18 12:49 - 2016-10-18 12:49 - 00891121 _____ C:\Users\Petra\Downloads\Cenik_CLA-kupe_4_2016_fl.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-15 21:09 - 2014-05-25 21:47 - 00741472 _____ C:\windows\system32\perfh005.dat
2016-11-15 21:09 - 2014-05-25 21:47 - 00152460 _____ C:\windows\system32\perfc005.dat
2016-11-15 21:09 - 2014-04-10 02:58 - 01745984 _____ C:\windows\system32\PerfStringBackup.INI
2016-11-15 21:09 - 2013-08-22 07:21 - 00000000 ____D C:\windows\inf
2016-11-15 19:47 - 2013-08-22 09:17 - 00000000 ____D C:\windows\system32\NDF
2016-11-15 19:29 - 2014-08-06 09:39 - 00065024 ___SH C:\Users\Petra\Downloads\Thumbs.db
2016-11-15 19:25 - 2014-04-10 04:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-11-15 19:15 - 2014-08-05 17:04 - 00293888 ___SH C:\Users\Petra\Desktop\Thumbs.db
2016-11-15 18:13 - 2014-08-05 11:02 - 00000954 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-14 19:37 - 2015-03-04 16:09 - 00000000 ____D C:\windows\Minidump
2016-11-14 19:37 - 2014-09-12 16:27 - 00000000 ____D C:\Users\Petra\AppData\Local\CrashDumps
2016-11-10 18:52 - 2016-04-24 10:36 - 00000000 ____D C:\Users\Petra\Desktop\Mates složka
2016-11-10 09:04 - 2013-08-22 08:23 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-11-10 09:03 - 2013-08-22 08:22 - 00370416 _____ C:\windows\system32\FNTCACHE.DAT
2016-11-09 23:59 - 2013-08-22 07:13 - 00262144 ___SH C:\windows\system32\config\BBI
2016-11-09 23:58 - 2014-11-02 19:40 - 00000000 ____D C:\windows\system32\MRT
2016-11-09 23:58 - 2013-08-22 09:17 - 00000000 ___RD C:\windows\ToastData
2016-11-09 23:52 - 2014-11-02 19:40 - 138444440 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-11-09 22:56 - 2013-08-22 09:05 - 00000000 ____D C:\windows\CbsTemp
2016-11-06 14:14 - 2014-07-23 17:18 - 00000000 ____D C:\Users\Petra\AppData\Local\Packages
2016-11-05 11:31 - 2015-11-17 12:45 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-11-03 12:51 - 2014-08-05 11:03 - 00002165 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-03 12:51 - 2014-08-05 11:03 - 00002153 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-31 20:03 - 2014-08-05 11:02 - 00000000 ____D C:\Users\Petra\AppData\Local\Google
2016-10-24 22:54 - 2014-04-10 03:38 - 00828408 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2016-10-24 22:54 - 2014-04-10 03:38 - 00176632 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2016-10-20 15:01 - 2015-04-21 13:56 - 00000000 ____D C:\Program Files\TeamViewer
2016-10-19 06:48 - 2013-08-22 09:17 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-10-19 06:47 - 2014-08-04 17:36 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-10-16 12:06 - 2015-02-25 20:44 - 00000000 ____D C:\windows\system32\appraiser
2016-10-16 12:06 - 2014-11-02 20:16 - 00000000 ___SD C:\windows\system32\CompatTel
2016-10-16 11:07 - 2013-08-22 09:17 - 00000000 ____D C:\windows\AppReadiness

==================== Files in the root of some directories =======

2014-08-16 15:35 - 2014-08-16 15:35 - 0000000 _____ () C:\Users\Petra\AppData\Local\{1CCB37C9-985D-479D-BE2D-A96BB5FC60D8}
2014-08-17 16:34 - 2014-08-17 16:34 - 0000000 _____ () C:\Users\Petra\AppData\Local\{4CB8310E-60A2-4C2C-83B1-FA5F4A61D517}
2014-09-21 18:35 - 2014-09-21 18:35 - 0000000 _____ () C:\Users\Petra\AppData\Local\{9F6C9257-8403-41FE-A9B0-A242BAD6161D}
2014-08-19 15:38 - 2014-08-19 15:38 - 0000000 _____ () C:\Users\Petra\AppData\Local\{AA2AD641-4E25-4D11-B252-E4DB504BD3B6}
2014-09-05 13:10 - 2014-09-05 13:10 - 0000000 _____ () C:\Users\Petra\AppData\Local\{B30B585D-9F1C-4D77-A528-1561B593E1B9}

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-10-31 20:55

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 12-11-2016
Ran by Petra (15-11-2016 21:11:02)
Running from D:\
Microsoft Windows 8.1 (Update) (X86) (2014-07-23 16:18:13)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3749294601-1816942316-3229434055-500 - Administrator - Disabled)
Guest (S-1-5-21-3749294601-1816942316-3229434055-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3749294601-1816942316-3229434055-1003 - Limited - Enabled)
Petra (S-1-5-21-3749294601-1816942316-3229434055-1001 - Administrator - Enabled) => C:\Users\Petra

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

abDocs (HKLM\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.04.3001 - Acer Incorporated)
abMedia (HKLM\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.05.2004.3 - Acer Incorporated)
abPhoto (HKLM\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.08.2003.3 - Acer Incorporated)
Acer Docs Office AddIn (HKLM\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.01.2001 - Acer)
Acer Explorer Agent (HKLM\...\{20018169-434E-4242-BC65-EB21CF091D54}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8106 - Acer Incorporated)
Acer Portal (HKLM\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.04.2007 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3012 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{D6B57AF2-2406-49E4-B219-EAA8B0B9F3CF}) (Version: 6.00.8106 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.02.2003 - Acer Incorporated)
Acer UEIP App Monitor Plugin (HKLM\...\{D6CCDCA8-31C1-4A63-AED0-27A4CD43F332}) (Version: 1.02.3009 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{F89EF116-C406-4436-AC12-2FEF6A6F117C}) (Version: 1.02.3009 - Acer Incorporated)
Acer Video Player (HKLM\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2001.4 - Acer Incorporated)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
AOP Framework (HKLM\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.22.2000.2 - Acer Incorporated)
Avast Free Antivirus (HKLM\...\Avast) (Version: 12.3.2280 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.17 - Piriform)
Google Chrome (HKLM\...\Google Chrome) (Version: 54.0.2840.87 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.31.5 - Google Inc.) Hidden
Identity Card (HKLM\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8101 - Acer Incorporated)
Live Updater (HKLM\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8102 - Acer Incorporated)
Microsoft Office 2013 pro domácnosti - cs-cz (HKLM\...\HomeStudentRetail - cs-cz) (Version: 15.0.4867.1003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3749294601-1816942316-3229434055-1001\...\OneDriveSetup.exe) (Version: 17.3.6517.0809 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4867.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4867.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4867.1003 - Microsoft Corporation) Hidden
Realtek I2S Audio (HKLM\...\{89A448AA-3301-46AA-AFC3-34F2D7C670E8}) (Version: 0.7 - Realtek Semiconductor Corp.)
SafeZone Stable 1.51.2220.62 (Version: 1.51.2220.62 - Avast Software) Hidden
Spotify (HKLM\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
TeamViewer 10 (HKLM\...\TeamViewer) (Version: 10.0.41459 - TeamViewer)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3749294601-1816942316-3229434055-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Petra\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuthLib.dll ()

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1C350881-586E-4543-A4CD-25A8A3FCAFB3} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-05-26] (Acer Incorporate)
Task: {3568C7B4-A8DD-43FC-9E82-F9B0A5F26B7E} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-05-26] (Acer Incorporate)
Task: {3929FD41-45C3-4059-AF84-31F973D6F061} - System32\Tasks\ALUAgent => C:\Program Files\Acer\Live Updater\liveupdater_agent.exe [2016-07-06] ()
Task: {394D331F-CF05-4B07-AD2A-3F7E9992A008} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2016-11-09] (Microsoft Corporation)
Task: {40EB3AEB-136A-4593-ADD9-8CF8D1B53F60} - System32\Tasks\BacKGroundAgent => C:\Program Files\Acer\AOP Framework\BackgroundAgent.exe [2016-08-15] (Acer Incorporated)
Task: {4F5998F1-78F7-49A0-8B38-F48964805C5C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {5588BF4D-3783-43FE-8B8D-AF9EA199658E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-04-15] (Piriform Ltd)
Task: {558F4524-5ADF-46DB-9B78-A19D17A4C2A6} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-05-26] (Acer Incorporated)
Task: {6F77E02D-B3A1-4C5B-A728-F13FEBE8942D} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-02] (AVAST Software)
Task: {8E9A6D10-B676-479D-9D05-4C26F297041C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {A4A2BCF4-366A-4FB0-AAF6-E549EB839B8D} - System32\Tasks\AcerCloud => C:\Program Files\Acer\Acer Portal\acpanel_win.exe [2014-05-26] (Acer Incorporated)
Task: {AF852F9F-3332-46C7-8177-D858A1A50110} - System32\Tasks\SafeZone scheduled Autoupdate 1462442379 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)
Task: {C26FDF15-1769-4E27-93B3-E250AA8894B4} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2016-10-03] (Microsoft Corporation)
Task: {C6803E4E-8DD0-4E73-BA0D-88FD1B0A3092} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-09-18] (AVAST Software)
Task: {DC2AEB20-5B0A-4E74-A9BF-3718481FAFF6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {E30C5CF4-EED6-45C1-B042-A8CD065383E8} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2016-10-03] (Microsoft Corporation)
Task: {E9DB00D6-A5DA-4FF9-82F0-D6F6644FD0EB} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-05-22] (Acer Incorporate)
Task: {F4FCF11A-9091-4B47-855C-6FE56C1578E5} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-01-10] (TODO: <Company name>)
Task: {FA2AF1D2-62D9-49E8-B2F0-8EED43CEAB45} - System32\Tasks\ALU => C:\Program Files\Acer\Live Updater\updater.exe [2016-07-06] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Petra\Desktop\Marťan - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\Public\Desktop\Booking.com.lnk -> C:\Program Files\Booking.COM\StartURL.exe () -> hxxp://www.booking.com/index.html?aid=379334

==================== Loaded Modules (Whitelisted) ==============

2016-09-18 20:12 - 2016-09-18 20:12 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-09-18 20:13 - 2016-09-18 20:13 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-11-13 17:14 - 2016-11-13 17:14 - 03130832 _____ () C:\Program Files\AVAST Software\Avast\defs\16111300\algo.dll
2014-08-04 17:36 - 2016-05-24 07:21 - 00089792 _____ () C:\Program Files\Microsoft Office 15\ClientX86\ApiClient.dll
2016-08-24 09:56 - 2016-08-24 09:56 - 01383616 _____ () C:\Users\Petra\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\ClientTelemetry.dll
2016-06-24 13:30 - 2016-06-24 13:30 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-06-30 20:26 - 2014-06-30 20:26 - 00203008 _____ () C:\Program Files\Acer\abMedia\curllib.dll
2014-06-30 20:26 - 2014-06-30 20:26 - 00630528 _____ () C:\Program Files\Acer\abMedia\tag.dll
2014-06-30 20:26 - 2014-06-30 20:26 - 00654552 _____ () C:\Program Files\Acer\abMedia\sqlite3.dll
2014-06-30 20:26 - 2014-06-30 20:26 - 00119552 _____ () C:\Program Files\Acer\abMedia\OpenLDAP.dll
2016-09-04 19:17 - 2016-09-04 19:17 - 00015064 _____ () C:\windows\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2016-08-15 13:36 - 2016-08-15 13:36 - 00013016 _____ () C:\Program Files\Acer\AOP Framework\ServiceInterface.dll
2013-12-25 21:34 - 2014-05-26 00:02 - 00279296 _____ () C:\Program Files\Acer\AcerCloud Docs\libcurl.dll
2016-07-06 09:15 - 2016-07-06 09:15 - 04152736 _____ () C:\Program Files\Acer\Live Updater\updater.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaiospi.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 07:13 - 2013-08-22 07:13 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3749294601-1816942316-3229434055-1001\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\acer01.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{1285EBFA-2CF9-43BF-9436-3976E9F36DDA}] => (Allow) C:\Program Files\Spotify\spotify.exe
FirewallRules: [{F8101FE3-92F6-4944-8860-74114A5F4869}] => (Allow) C:\Program Files\Spotify\spotify.exe
FirewallRules: [{D892648C-C70C-4294-A71A-E24702A9D959}] => (Allow) C:\Program Files\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{8ED799AF-DCEE-4A5E-88FB-676581FDCD9B}] => (Allow) C:\Program Files\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{5E3D6926-AD60-4B55-BEEA-02F5BAA50AB0}] => (Allow) C:\Program Files\Acer\Acer Portal\ccd.exe
FirewallRules: [{54BE0FB7-887F-4E24-9859-5CC20A2181E6}] => (Allow) C:\Program Files\Acer\Acer Portal\ccd.exe
FirewallRules: [{9BB77AF3-F7C7-4DB2-A72F-C2C1DC3CF1BD}] => (Allow) C:\Program Files\Acer\Acer Portal\Sdd.exe
FirewallRules: [{59C71185-338E-4622-87E1-C6E64147E850}] => (Allow) C:\Program Files\Acer\Acer Portal\Sdd.exe
FirewallRules: [{C101C709-E5B2-49B2-B96F-EDBA840165DA}] => (Allow) C:\Program Files\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{560079A9-5574-4243-BE7A-FB9C2CC2FD25}] => (Allow) C:\Program Files\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{D853B3DA-F6AD-40B2-81E6-48BB5D1FD09B}] => (Allow) C:\Program Files\Acer\Acer Portal\ccd.exe
FirewallRules: [{3880CED6-70B9-41E9-BB1A-1710240BD691}] => (Allow) C:\Program Files\Acer\Acer Portal\ccd.exe
FirewallRules: [{431B24E6-AC79-4CBF-B9B6-5E21BE72E63B}] => (Allow) C:\Program Files\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{019A4CB4-967D-418A-821D-F9025FEE2776}] => (Allow) C:\Program Files\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{46B97A7A-9897-4481-AF60-B6D767E38519}] => (Allow) C:\Program Files\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{A593C5B3-B986-43BD-975F-B6C4D3BE3EC4}] => (Allow) C:\Program Files\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{BCFF53D0-CC99-499A-8444-42374A14BC9B}] => (Allow) C:\Program Files\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{08E4C708-420F-4795-8A10-EC80BF3A66E5}] => (Allow) C:\Program Files\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{1524A7B6-C07E-494B-81B8-E02C9C3DC643}] => (Allow) C:\Program Files\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{3208D9D0-BD72-4D3F-8E8C-DAFEA732553B}] => (Allow) C:\Program Files\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{93C7B93B-3E6D-4DDC-ACE0-209B3BBB8BA3}] => (Allow) C:\Program Files\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{4E7A8ECD-ED54-46E2-8705-CB86892D6541}] => (Allow) C:\Program Files\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{76A58059-D732-4C6B-9A08-6EFDCAA29063}] => (Allow) C:\Program Files\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{CFDE7040-250F-4830-AFC2-09717D4C3C50}] => (Allow) C:\Program Files\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{0072682D-C2E9-4302-A884-13BE4BAF7358}] => (Allow) C:\Program Files\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{120DD8EA-0256-41B4-9699-2B7A15328CF0}] => (Allow) C:\Program Files\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{F25617AC-2725-4DF4-BE94-34D5429614B9}] => (Allow) C:\Program Files\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{CA0FD2B1-6393-44BA-95BD-7EE5B34877DC}] => (Allow) C:\Program Files\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [TCP Query User{8521CE01-E234-462B-867C-5E5088C22B1B}C:\users\petra\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\petra\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{C96161E8-0C12-4857-B9F1-B6D7B0D8D316}C:\users\petra\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\petra\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{8657DAC4-8023-4397-B855-17E33C7FDE15}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{A910D161-5007-48B1-A3AA-2EC9240ACA37}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{0F30B144-CAEA-4093-B461-00A1B71DF458}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{67C0CEB5-65F2-4E62-AF39-10AC126EC739}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{DABDAE59-1C05-439A-A3EE-485019B1BC25}] => (Allow) C:\Program Files\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{26D455CE-FCEA-4561-BE6E-5A9241D2ADF6}] => (Allow) C:\Program Files\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{DA487092-3A21-4818-9BF7-BC1555E0913F}] => (Allow) C:\Program Files\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{89F153AA-39B2-47F4-B335-E3E74904A141}] => (Allow) C:\Program Files\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{68DF1FAE-B51E-464D-93A2-CCB8AF2F7A1B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============

Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/15/2016 07:51:03 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2007) (User: NT AUTHORITY)
Description: There was an error communicating to the Orion inference server

Error: (11/15/2016 07:29:52 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2007) (User: NT AUTHORITY)
Description: There was an error communicating to the Orion inference server

Error: (11/15/2016 07:29:07 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2007) (User: NT AUTHORITY)
Description: There was an error communicating to the Orion inference server

Error: (11/15/2016 06:55:13 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2007) (User: NT AUTHORITY)
Description: There was an error communicating to the Orion inference server

Error: (11/15/2016 06:50:39 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2007) (User: NT AUTHORITY)
Description: There was an error communicating to the Orion inference server

Error: (11/15/2016 06:42:32 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2007) (User: NT AUTHORITY)
Description: There was an error communicating to the Orion inference server

Error: (11/15/2016 06:20:40 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2007) (User: NT AUTHORITY)
Description: There was an error communicating to the Orion inference server

Error: (11/14/2016 07:27:58 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Problém zabránil odeslání dat programu Zlepšování softwaru a služeb na základě zkušeností uživatelů společnosti Microsoft, (chyba 80070005).

Error: (11/13/2016 06:32:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program iexplore.exe verze 11.0.9600.18124 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 950

Čas spuštění: 01d23dd3db2f709e

Čas ukončení: 15

Cesta k aplikaci: C:\Program Files\Internet Explorer\iexplore.exe

ID hlášení: 2bfeabf2-a9c7-11e6-9770-90489a5a9b46

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (11/13/2016 05:13:24 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Problém zabránil odeslání dat programu Zlepšování softwaru a služeb na základě zkušeností uživatelů společnosti Microsoft, (chyba 80070005).


System errors:
=============
Error: (11/11/2016 09:16:53 PM) (Source: DCOM) (EventID: 10010) (User: acer)
Description: Server Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.4 se v daném časovém limitu neregistroval u služby DCOM.

Error: (11/11/2016 09:16:53 PM) (Source: DCOM) (EventID: 10010) (User: acer)
Description: Server Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.2 se v daném časovém limitu neregistroval u služby DCOM.

Error: (11/10/2016 09:04:32 AM) (Source: Microsoft-Windows-Eventlog) (EventID: 30) (User: NT AUTHORITY)
Description: Služba protokolování událostí zjistila chybu (5) při povolení vydavatele {0BF2FB94-7B60-4B4D-9766-E82F658DF540} pro kanál Microsoft-Windows-Kernel-ShimEngine/Operational. Tato chyba neovlivní funkci kanálu, ale ovlivní možnost vydavatele odesílat události do tohoto kanálu. Jednou z běžných příčin této chyby je, že zprostředkovatel používá zabezpečení zprostředkovatele ETW a neudělil oprávnění k povolení pro identitu služby Event Log.

Error: (11/09/2016 10:54:40 PM) (Source: MTConfig) (EventID: 1) (User: )
Description: Pokus o konfiguraci vstupního režimu vícedotykového zařízení se nezdařil.

Error: (11/09/2016 10:54:40 PM) (Source: MTConfig) (EventID: 1) (User: )
Description: Pokus o konfiguraci vstupního režimu vícedotykového zařízení se nezdařil.

Error: (11/09/2016 10:54:40 PM) (Source: MTConfig) (EventID: 1) (User: )
Description: Pokus o konfiguraci vstupního režimu vícedotykového zařízení se nezdařil.

Error: (11/07/2016 04:35:54 PM) (Source: MTConfig) (EventID: 1) (User: )
Description: Pokus o konfiguraci vstupního režimu vícedotykového zařízení se nezdařil.

Error: (11/07/2016 04:35:54 PM) (Source: MTConfig) (EventID: 1) (User: )
Description: Pokus o konfiguraci vstupního režimu vícedotykového zařízení se nezdařil.

Error: (11/07/2016 04:35:54 PM) (Source: MTConfig) (EventID: 1) (User: )
Description: Pokus o konfiguraci vstupního režimu vícedotykového zařízení se nezdařil.

Error: (11/06/2016 01:48:53 PM) (Source: DCOM) (EventID: 10010) (User: acer)
Description: Server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} se v daném časovém limitu neregistroval u služby DCOM.


==================== Memory info ===========================

Processor: Intel(R) Atom(TM) CPU Z3745 @ 1.33GHz
Percentage of memory in use: 53%
Total physical RAM: 1931.36 MB
Available physical RAM: 898.64 MB
Total Virtual: 2699.36 MB
Available Virtual: 1221.65 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:21.9 GB) (Free:3.66 GB) NTFS
Drive d: (CANON_DC) (Removable) (Total:7.28 GB) (Free:7.28 GB) FAT32
Drive f: () (Removable) (Total:15.41 GB) (Free:15.41 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 29.1 GB) (Disk ID: 5860B3B4)

Partition: GPT.

========================================================
Disk: 1 (Size: 7.3 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 3 (Size: 15.4 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

[Rudy]

Teď spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[korjin]

# AdwCleaner v6.030 - Log soubor vytvořen 15/11/2016 na 22:11:36
# Aktualizováno dne 19/10/2016 z Malwarebytes
# Databáze : 2016-10-18.1 [Místní]
# Operační systém : Windows 8.1 (X86)
# Uživatelské jméno : Petra - ACER
# Beží od : C:\Users\Petra\Desktop\adwcleaner_6.030.exe
# Mod: Čištění
# Podpora : hxxps://www.malwarebytes.com/support



***** [ Služby ] *****



***** [ Adresáře ] *****

[-] Adresář smazán:C:\Program Files\Booking.com


***** [ Soubory ] *****

[-] Soubor smazán:C:\Users\Public\Desktop\Booking.com.lnk


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupce ] *****



***** [ Plánovač úloh ] *****



***** [ Registry ] *****



***** [ Prohlížeče ] *****



*************************

:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [900 Bajtů] - [15/11/2016 22:11:36]
C:\AdwCleaner\AdwCleaner[S0].txt - [1397 Bajtů] - [15/11/2016 22:10:48]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1047 Bajtů] ##########

[Rudy]

Dejte nový log FRST.

[korjin]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-11-2016
Ran by Petra (administrator) on ACER (15-11-2016 22:30:57)
Running from C:\Users\Petra\Desktop
Loaded Profiles: Petra (Available Profiles: Petra)
Platform: Microsoft Windows 8.1 (Update) (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(Acer Incorporated) C:\Program Files\Acer\AOP Framework\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\AP\RtkNGUI.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Spotify Ltd) C:\Program Files\Spotify\Data\SpotifyWebHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe
(Acer Incorporated) C:\Program Files\Acer\AOP Framework\BackgroundAgent.exe
(Acer Cloud Technology) C:\Program Files\Acer\AOP Framework\acer\ccd.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(TODO: <Company name>) C:\Program Files\Acer\User Experience Improvement Program\Plugin\AppMonitor\AppMonitorPlugIn.exe
Failed to access process -> AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe


==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\windows\system32\DptfPolicyLpmServiceHelper.exe [73216 2013-12-30] (Intel Corporation)
HKLM\...\Run: [RtkNGUI] => C:\Program Files\Realtek\Audio\AP\RtkNGUI.exe [2912256 2014-05-26] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9044392 2016-11-10] (AVAST Software)
HKU\S-1-5-21-3749294601-1816942316-3229434055-1001\...\Run: [Spotify Web Helper] => C:\Program Files\Spotify\Data\SpotifyWebHelper.exe [1168896 2014-05-26] (Spotify Ltd)
HKU\S-1-5-21-3749294601-1816942316-3229434055-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6675672 2016-04-15] (Piriform Ltd)
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [292824 2014-03-08] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-09-18] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{B80FEE77-AD8B-49DA-A42B-9483D07E992C}: [NameServer] 77.234.40.79
Tcpip\..\Interfaces\{C18DF28A-F6FE-4AC2-9E93-E8A21D1AC06A}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-3749294601-1816942316-3229434055-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.cz/
HKU\S-1-5-21-3749294601-1816942316-3229434055-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3749294601-1816942316-3229434055-1001 -> DefaultScope {03896881-612B-4B78-AC2B-2D9882506CF3} URL =
SearchScopes: HKU\S-1-5-21-3749294601-1816942316-3229434055-1001 -> {03896881-612B-4B78-AC2B-2D9882506CF3} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-25] (AVAST Software)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-18]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-18]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-08-04] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR StartupUrls: Profile 1 -> "hxxp://www.seznam.cz/","hxxps://www.google.cz/"
CHR Profile: C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default [2016-11-15]
CHR Extension: (Docs) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-14]
CHR Extension: (Disk Google) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-14]
CHR Extension: (YouTube) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-14]
CHR Extension: (Gmail) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-14]
CHR Profile: C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Profile 1 [2016-11-15]
CHR Extension: (Dokumenty Google) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-21]
CHR Extension: (Disk Google) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-05]
CHR Extension: (Vyhledávání Google) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Avast Passwords) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2016-11-11]
CHR Extension: (Avast SafePrice) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-11-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-19]
CHR Extension: (Avast Online Security) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-11-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03]
CHR Extension: (Gmail) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-06]
CHR Extension: (Chrome Media Router) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-23]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-18] (AVAST Software)
S2 BcmBtRSupport; C:\windows\system32\BtwRSupportService.exe [1677016 2013-11-13] (Broadcom Corporation.)
R2 CCDMonitorService; C:\Program Files\Acer\AOP Framework\CCDMonitorService.exe [2267352 2016-08-15] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [2039536 2016-10-03] (Microsoft Corporation)
S3 cphs; C:\windows\system32\IntelCpHeciSvc.exe [279000 2014-01-06] (Intel Corporation)
R2 DptfParticipantProcessorService; C:\windows\system32\DptfParticipantProcessorService.exe [75264 2013-12-30] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\windows\system32\DptfPolicyCriticalService.exe [89088 2013-12-30] (Intel Corporation)
R2 DptfPolicyLpmService; C:\windows\system32\DptfPolicyLpmService.exe [82432 2013-12-30] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [456936 2014-05-22] (Acer Incorporate)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [450792 2014-05-26] (Acer Incorporate)
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [442088 2014-05-26] (Acer Incorporate)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5448976 2015-04-17] (TeamViewer GmbH)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [238848 2014-09-09] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [288128 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22192 2014-09-22] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswHwid; C:\windows\system32\drivers\aswHwid.sys [34008 2016-09-18] (AVAST Software)
R1 aswKbd; C:\windows\system32\drivers\aswKbd.sys [35096 2016-09-18] (AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [92256 2016-09-18] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [91232 2016-09-18] (AVAST Software)
R0 aswRvrt; C:\windows\system32\Drivers\aswRvrt.sys [60424 2016-09-18] (AVAST Software)
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [735488 2016-09-18] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [433768 2016-09-25] (AVAST Software)
R2 aswStm; C:\windows\system32\drivers\aswStm.sys [118664 2016-09-18] (AVAST Software)
S3 aswTap; C:\windows\system32\DRIVERS\aswTap.sys [38984 2016-04-30] (The OpenVPN Project)
R0 aswVmm; C:\windows\system32\Drivers\aswVmm.sys [224752 2016-10-13] (AVAST Software)
S3 AX88179; C:\windows\system32\DRIVERS\ax88179_178a.sys [60816 2013-07-08] (ASIX Electronics Corp.)
R3 BCMSDH43XX; C:\windows\system32\DRIVERS\bcmdhd63.sys [304344 2013-10-03] (Broadcom Corp)
R3 BthMini; C:\windows\System32\Drivers\BTHMINI.sys [24064 2013-08-22] (Microsoft Corporation)
S3 btwampfl; C:\windows\System32\drivers\btwampfl.sys [145112 2014-02-03] (Broadcom Corporation.)
R3 BtwSerialBus; C:\windows\System32\drivers\BtwSerialBus.sys [130776 2013-09-09] (Broadcom Corporation.)
R3 camera; C:\windows\system32\DRIVERS\camera.sys [401408 2013-12-30] (Intel Corporation)
R3 CM3218x; C:\windows\system32\DRIVERS\WUDFRd.sys [188416 2014-05-31] (Microsoft Corporation)
R3 CPLMACPI; C:\windows\system32\DRIVERS\CPLMACPI.sys [16488 2013-09-07] (Capella Microsystems, Inc.)
S3 DptfDevAmbient; C:\windows\System32\drivers\DptfDevAmbient.sys [36352 2013-12-30] (Intel Corporation)
S3 DptfDevDBPT; C:\windows\System32\drivers\DptfDevPower.sys [17408 2013-12-30] (Intel Corporation)
R3 DptfDevDisplay; C:\windows\System32\drivers\DptfDevDisplay.sys [19968 2013-12-30] (Intel Corporation)
R3 DptfDevGen; C:\windows\System32\drivers\DptfDevGen.sys [28160 2013-12-30] (Intel Corporation)
R3 DptfDevProc; C:\windows\System32\drivers\DptfDevProc.sys [72704 2013-12-30] (Intel Corporation)
R3 DptfManager; C:\windows\System32\drivers\DptfManager.sys [176640 2013-12-30] (Intel Corporation)
R3 GPIO; C:\windows\System32\drivers\iaiogpioe.sys [23552 2013-12-30] (Intel Corporation)
R3 GpioVirtual; C:\windows\System32\drivers\iaiogpiovirtual.sys [16896 2013-12-30] (Intel Corporation)
R3 iaioi2c; C:\windows\System32\drivers\iaioi2ce.sys [58368 2013-12-30] (Intel Corporation)
R3 iaiospi; C:\windows\System32\drivers\iaiospi.sys [53760 2013-12-30] (Intel Corporation)
R3 iaiouart; C:\windows\System32\drivers\iaiouart.sys [87552 2013-12-30] (Intel Corporation)
S3 intaud_WaveExtensible; C:\windows\system32\drivers\intelaud.sys [32664 2013-12-27] (Intel Corporation)
R3 IntelSST; C:\windows\system32\drivers\isstrtc.sys [254464 2013-12-30] (Intel(R) Corporation)
R3 INVN_MotionApps; C:\windows\system32\DRIVERS\WUDFRd.sys [188416 2014-05-31] (Microsoft Corporation)
R3 iwdbus; C:\windows\System32\drivers\iwdbus.sys [23448 2013-12-27] (Intel Corporation)
S0 Lm3554; C:\windows\System32\drivers\lm3554.sys [25088 2013-12-30] (Intel Corporation)
R3 LMDriver; C:\windows\System32\drivers\LMDriver.sys [18232 2014-05-26] (Acer Incorporated)
R0 MBI; C:\windows\System32\drivers\MBI.sys [21456 2013-12-30] (Intel Corporation)
R3 ov2722; C:\windows\System32\drivers\ov2722.sys [43520 2013-12-30] (Intel Corporation)
R3 PMIC; C:\windows\System32\drivers\PMIC.sys [48128 2013-12-30] (Intel Corporation)
R3 RadioShim; C:\windows\System32\drivers\RadioShim.sys [13112 2014-05-26] (Acer Incorporated)
R3 rtii2sac; C:\windows\system32\DRIVERS\rtii2sac.sys [167640 2014-02-11] (Realtek Semiconductor Corp.)
R3 SensorsServiceDriver; C:\windows\system32\DRIVERS\WUDFRd.sys [188416 2014-05-31] (Microsoft Corporation)
R3 SynRMIHID; C:\windows\System32\drivers\SynRMIHID.sys [36080 2014-02-19] (Synaptics Incorporated)
R3 TXEI; C:\windows\System32\drivers\TXEI.sys [76304 2013-12-30] (Intel Corporation)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [29688 2014-09-22] (Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [219968 2014-09-22] (Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [84800 2014-09-22] (Microsoft Corporation)
R3 WUDFSensorLP; C:\windows\system32\DRIVERS\WUDFRd.sys [188416 2014-05-31] (Microsoft Corporation)
R3 WUDFWpdMtp; C:\windows\system32\DRIVERS\WUDFRd.sys [188416 2014-05-31] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-15 22:30 - 2016-11-15 22:31 - 00016666 _____ C:\Users\Petra\Desktop\FRST.txt
2016-11-15 22:30 - 2016-11-15 21:07 - 01760768 _____ (Farbar) C:\Users\Petra\Desktop\FRST.exe
2016-11-15 22:06 - 2016-11-15 22:11 - 00000000 ____D C:\AdwCleaner
2016-11-15 22:06 - 2016-11-15 22:04 - 03910208 _____ C:\Users\Petra\Desktop\adwcleaner_6.030.exe
2016-11-15 21:09 - 2016-11-15 22:30 - 00000000 ____D C:\FRST
2016-11-14 19:52 - 2016-11-15 19:15 - 00000000 ____D C:\Users\Petra\Desktop\to ostatní
2016-11-14 19:51 - 2016-11-15 19:15 - 00000000 ____D C:\Users\Petra\Desktop\Přednášky
2016-11-14 19:35 - 2016-11-14 19:35 - 00002385 _____ C:\Users\Petra\Desktop\Marťan - Chrome.lnk
2016-11-10 10:30 - 2016-11-10 10:30 - 01059532 _____ C:\Users\Petra\Downloads\JO1493_20161101-new-nlh-brief-first-officers_04-Nov-2016.pdf
2016-11-10 10:25 - 2016-11-10 10:26 - 01049681 _____ C:\Users\Petra\Downloads\Guide to Webcruiter Norwegian Boeing 787 application.pdf
2016-11-08 22:48 - 2016-11-02 21:48 - 00315224 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2016-11-08 22:48 - 2016-11-02 15:00 - 00035840 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2016-11-08 22:48 - 2016-10-27 16:05 - 20304896 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-11-08 22:48 - 2016-10-27 15:16 - 00689664 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-11-08 22:48 - 2016-10-25 15:09 - 03475456 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-11-08 22:48 - 2016-10-22 18:35 - 00498688 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-11-08 22:48 - 2016-10-22 18:34 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2016-11-08 22:48 - 2016-10-22 18:27 - 02287616 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-11-08 22:48 - 2016-10-22 18:21 - 00663552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-11-08 22:48 - 2016-10-22 17:58 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-11-08 22:48 - 2016-10-22 17:57 - 00128000 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2016-11-08 22:48 - 2016-10-22 17:56 - 00279040 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-11-08 22:48 - 2016-10-22 17:51 - 00880640 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2016-11-08 22:48 - 2016-10-22 17:46 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-11-08 22:48 - 2016-10-22 17:45 - 00693248 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-11-08 22:48 - 2016-10-22 17:45 - 00330752 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-11-08 22:48 - 2016-10-22 17:44 - 04608000 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-11-08 22:48 - 2016-10-22 17:43 - 02055680 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-11-08 22:48 - 2016-10-22 17:30 - 13654016 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-11-08 22:48 - 2016-10-22 17:12 - 02444800 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-11-08 22:48 - 2016-10-22 17:09 - 01312256 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-11-08 22:48 - 2016-10-22 17:09 - 00710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-11-08 22:48 - 2016-10-13 20:06 - 01124376 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2016-11-08 22:48 - 2016-10-12 09:05 - 00279384 _____ (Microsoft Corporation) C:\windows\system32\Drivers\clfs.sys
2016-11-08 22:48 - 2016-10-11 21:21 - 00399776 _____ (Microsoft Corporation) C:\windows\system32\mfsvr.dll
2016-11-08 22:48 - 2016-10-11 18:30 - 00247296 _____ (Microsoft Corporation) C:\windows\system32\microsoft-windows-system-events.dll
2016-11-08 22:48 - 2016-10-11 17:55 - 00226816 _____ (Microsoft Corporation) C:\windows\system32\input.dll
2016-11-08 22:48 - 2016-10-10 22:17 - 00333656 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-11-08 22:48 - 2016-10-10 00:03 - 00410968 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vhdmp.sys
2016-11-08 22:48 - 2016-10-08 22:49 - 02410496 _____ (Microsoft Corporation) C:\windows\system32\MSVidCtl.dll
2016-11-08 22:48 - 2016-10-08 22:27 - 01117184 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-11-08 22:48 - 2016-10-08 22:21 - 00254464 _____ (Microsoft Corporation) C:\windows\system32\UIAnimation.dll
2016-11-08 22:48 - 2016-10-08 02:34 - 01212248 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2016-11-08 22:48 - 2016-10-04 21:21 - 00079360 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bowser.sys
2016-11-08 22:48 - 2016-10-04 21:08 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\olepro32.dll
2016-11-08 22:48 - 2016-10-04 21:08 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\asycfilt.dll
2016-11-08 22:48 - 2016-09-30 14:39 - 01185792 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2016-11-08 22:48 - 2016-09-09 23:18 - 00239960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2016-11-08 22:48 - 2016-09-09 15:09 - 00203776 _____ (Microsoft Corporation) C:\windows\system32\DafPrintProvider.dll
2016-11-08 22:48 - 2016-09-09 15:03 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
2016-11-08 22:48 - 2016-09-09 15:02 - 00067584 _____ (Microsoft Corporation) C:\windows\system32\iscsiwmi.dll
2016-11-08 22:48 - 2016-09-09 14:38 - 00446124 _____ C:\windows\system32\ApnDatabase.xml
2016-11-08 22:48 - 2016-09-03 18:21 - 00055296 _____ (Microsoft Corporation) C:\windows\system32\iscsidsc.dll
2016-11-08 22:48 - 2016-09-03 18:10 - 00116224 _____ (Microsoft Corporation) C:\windows\system32\iscsiexe.dll
2016-11-08 22:48 - 2016-09-03 16:58 - 00397824 _____ (Microsoft Corporation) C:\windows\system32\winspool.drv
2016-11-08 22:48 - 2016-09-03 16:53 - 00878080 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2016-11-08 22:48 - 2016-09-02 15:05 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\pdh.dll
2016-11-08 22:48 - 2016-09-01 15:31 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\SessEnv.dll
2016-11-08 22:48 - 2016-09-01 15:30 - 00315904 _____ (Microsoft Corporation) C:\windows\system32\vmrdvcore.dll
2016-11-08 22:48 - 2016-08-30 15:05 - 00078336 _____ (Microsoft Corporation) C:\windows\system32\dab.dll
2016-11-08 22:48 - 2016-08-30 03:18 - 00050688 _____ (Microsoft Corporation) C:\windows\system32\xolehlp.dll
2016-11-08 22:48 - 2016-08-30 03:03 - 00721920 _____ (Microsoft Corporation) C:\windows\system32\msdtcprx.dll
2016-11-08 22:48 - 2015-07-22 15:15 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll
2016-11-08 22:48 - 2014-10-29 02:58 - 00095744 _____ (Microsoft Corporation) C:\windows\system32\iscsiwmiv2.dll
2016-11-08 22:48 - 2014-10-29 02:58 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\iscsied.dll
2016-11-08 22:48 - 2014-10-29 02:53 - 00027136 _____ (Microsoft Corporation) C:\windows\system32\iscsium.dll
2016-11-08 22:48 - 2014-10-29 02:48 - 00147456 _____ (Microsoft Corporation) C:\windows\system32\iscsicli.exe
2016-11-08 22:48 - 2014-10-29 02:20 - 00067584 _____ (Microsoft Corporation) C:\windows\system32\rdvvmtransport.dll
2016-11-06 13:38 - 2016-11-06 13:38 - 00289280 _____ C:\Users\Petra\Downloads\Test_z_fyziky_–_telesa_a_latky.ppt
2016-11-01 16:52 - 2014-09-22 17:59 - 01442304 _____ C:\Users\Petra\Desktop\PRVNÍ POMOC.ppt
2016-10-23 16:27 - 2016-10-23 16:28 - 00190688 _____ C:\Users\Petra\Downloads\Sedm mytu o ceskych sestrach (2).pdf
2016-10-18 13:13 - 2016-10-18 13:13 - 00881163 _____ C:\Users\Petra\Downloads\Cenik_GLA_4_2016.pdf
2016-10-18 13:04 - 2016-10-18 13:05 - 01057873 _____ C:\Users\Petra\Downloads\Cenik_C_sedan_4_2016.pdf
2016-10-18 12:49 - 2016-10-18 12:49 - 00891121 _____ C:\Users\Petra\Downloads\Cenik_CLA-kupe_4_2016_fl.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-15 22:17 - 2014-05-25 21:47 - 00741472 _____ C:\windows\system32\perfh005.dat
2016-11-15 22:17 - 2014-05-25 21:47 - 00152460 _____ C:\windows\system32\perfc005.dat
2016-11-15 22:17 - 2014-04-10 02:58 - 01745984 _____ C:\windows\system32\PerfStringBackup.INI
2016-11-15 22:17 - 2013-08-22 07:21 - 00000000 ____D C:\windows\inf
2016-11-15 22:12 - 2014-08-05 11:02 - 00000954 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-15 22:12 - 2013-08-22 08:23 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-11-15 22:12 - 2013-08-22 07:13 - 00262144 ___SH C:\windows\system32\config\BBI
2016-11-15 21:42 - 2016-04-24 10:36 - 00000000 ____D C:\Users\Petra\Desktop\Mates složka
2016-11-15 19:47 - 2013-08-22 09:17 - 00000000 ____D C:\windows\system32\NDF
2016-11-15 19:29 - 2014-08-06 09:39 - 00065024 ___SH C:\Users\Petra\Downloads\Thumbs.db
2016-11-15 19:25 - 2014-04-10 04:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-11-15 19:15 - 2014-08-05 17:04 - 00293888 ___SH C:\Users\Petra\Desktop\Thumbs.db
2016-11-14 19:37 - 2015-03-04 16:09 - 00000000 ____D C:\windows\Minidump
2016-11-14 19:37 - 2014-09-12 16:27 - 00000000 ____D C:\Users\Petra\AppData\Local\CrashDumps
2016-11-10 09:03 - 2013-08-22 08:22 - 00370416 _____ C:\windows\system32\FNTCACHE.DAT
2016-11-09 23:58 - 2014-11-02 19:40 - 00000000 ____D C:\windows\system32\MRT
2016-11-09 23:58 - 2013-08-22 09:17 - 00000000 ___RD C:\windows\ToastData
2016-11-09 23:52 - 2014-11-02 19:40 - 138444440 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-11-09 22:56 - 2013-08-22 09:05 - 00000000 ____D C:\windows\CbsTemp
2016-11-06 14:14 - 2014-07-23 17:18 - 00000000 ____D C:\Users\Petra\AppData\Local\Packages
2016-11-05 11:31 - 2015-11-17 12:45 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-11-03 12:51 - 2014-08-05 11:03 - 00002165 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-03 12:51 - 2014-08-05 11:03 - 00002153 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-31 20:03 - 2014-08-05 11:02 - 00000000 ____D C:\Users\Petra\AppData\Local\Google
2016-10-24 22:54 - 2014-04-10 03:38 - 00828408 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2016-10-24 22:54 - 2014-04-10 03:38 - 00176632 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2016-10-20 15:01 - 2015-04-21 13:56 - 00000000 ____D C:\Program Files\TeamViewer
2016-10-19 06:48 - 2013-08-22 09:17 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-10-19 06:47 - 2014-08-04 17:36 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-10-16 12:06 - 2015-02-25 20:44 - 00000000 ____D C:\windows\system32\appraiser
2016-10-16 12:06 - 2014-11-02 20:16 - 00000000 ___SD C:\windows\system32\CompatTel
2016-10-16 11:07 - 2013-08-22 09:17 - 00000000 ____D C:\windows\AppReadiness

==================== Files in the root of some directories =======

2014-08-16 15:35 - 2014-08-16 15:35 - 0000000 _____ () C:\Users\Petra\AppData\Local\{1CCB37C9-985D-479D-BE2D-A96BB5FC60D8}
2014-08-17 16:34 - 2014-08-17 16:34 - 0000000 _____ () C:\Users\Petra\AppData\Local\{4CB8310E-60A2-4C2C-83B1-FA5F4A61D517}
2014-09-21 18:35 - 2014-09-21 18:35 - 0000000 _____ () C:\Users\Petra\AppData\Local\{9F6C9257-8403-41FE-A9B0-A242BAD6161D}
2014-08-19 15:38 - 2014-08-19 15:38 - 0000000 _____ () C:\Users\Petra\AppData\Local\{AA2AD641-4E25-4D11-B252-E4DB504BD3B6}
2014-09-05 13:10 - 2014-09-05 13:10 - 0000000 _____ () C:\Users\Petra\AppData\Local\{B30B585D-9F1C-4D77-A528-1561B593E1B9}

Some files in TEMP:
====================
C:\Users\Petra\AppData\Local\Temp\libeay32.dll
C:\Users\Petra\AppData\Local\Temp\msvcr120.dll
C:\Users\Petra\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-10-31 20:55

==================== End of FRST.txt ============================


Additional scan result of Farbar Recovery Scan Tool (x86) Version: 12-11-2016
Ran by Petra (15-11-2016 22:31:49)
Running from C:\Users\Petra\Desktop
Microsoft Windows 8.1 (Update) (X86) (2014-07-23 16:18:13)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3749294601-1816942316-3229434055-500 - Administrator - Disabled)
Guest (S-1-5-21-3749294601-1816942316-3229434055-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3749294601-1816942316-3229434055-1003 - Limited - Enabled)
Petra (S-1-5-21-3749294601-1816942316-3229434055-1001 - Administrator - Enabled) => C:\Users\Petra

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

abDocs (HKLM\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.04.3001 - Acer Incorporated)
abMedia (HKLM\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.05.2004.3 - Acer Incorporated)
abPhoto (HKLM\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.08.2003.3 - Acer Incorporated)
Acer Docs Office AddIn (HKLM\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.01.2001 - Acer)
Acer Explorer Agent (HKLM\...\{20018169-434E-4242-BC65-EB21CF091D54}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8106 - Acer Incorporated)
Acer Portal (HKLM\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.04.2007 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3012 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{D6B57AF2-2406-49E4-B219-EAA8B0B9F3CF}) (Version: 6.00.8106 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.02.2003 - Acer Incorporated)
Acer UEIP App Monitor Plugin (HKLM\...\{D6CCDCA8-31C1-4A63-AED0-27A4CD43F332}) (Version: 1.02.3009 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{F89EF116-C406-4436-AC12-2FEF6A6F117C}) (Version: 1.02.3009 - Acer Incorporated)
Acer Video Player (HKLM\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2001.4 - Acer Incorporated)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
AOP Framework (HKLM\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.22.2000.2 - Acer Incorporated)
Avast Free Antivirus (HKLM\...\Avast) (Version: 12.3.2280 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.17 - Piriform)
Google Chrome (HKLM\...\Google Chrome) (Version: 54.0.2840.87 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.31.5 - Google Inc.) Hidden
Identity Card (HKLM\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8101 - Acer Incorporated)
Live Updater (HKLM\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8102 - Acer Incorporated)
Microsoft Office 2013 pro domácnosti - cs-cz (HKLM\...\HomeStudentRetail - cs-cz) (Version: 15.0.4867.1003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3749294601-1816942316-3229434055-1001\...\OneDriveSetup.exe) (Version: 17.3.6517.0809 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4867.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4867.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4867.1003 - Microsoft Corporation) Hidden
Realtek I2S Audio (HKLM\...\{89A448AA-3301-46AA-AFC3-34F2D7C670E8}) (Version: 0.7 - Realtek Semiconductor Corp.)
SafeZone Stable 1.51.2220.62 (Version: 1.51.2220.62 - Avast Software) Hidden
Spotify (HKLM\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
TeamViewer 10 (HKLM\...\TeamViewer) (Version: 10.0.41459 - TeamViewer)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3749294601-1816942316-3229434055-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Petra\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuthLib.dll ()

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1C350881-586E-4543-A4CD-25A8A3FCAFB3} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-05-26] (Acer Incorporate)
Task: {3568C7B4-A8DD-43FC-9E82-F9B0A5F26B7E} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-05-26] (Acer Incorporate)
Task: {3929FD41-45C3-4059-AF84-31F973D6F061} - System32\Tasks\ALUAgent => C:\Program Files\Acer\Live Updater\liveupdater_agent.exe [2016-07-06] ()
Task: {394D331F-CF05-4B07-AD2A-3F7E9992A008} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2016-11-09] (Microsoft Corporation)
Task: {40EB3AEB-136A-4593-ADD9-8CF8D1B53F60} - System32\Tasks\BacKGroundAgent => C:\Program Files\Acer\AOP Framework\BackgroundAgent.exe [2016-08-15] (Acer Incorporated)
Task: {4F5998F1-78F7-49A0-8B38-F48964805C5C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {5588BF4D-3783-43FE-8B8D-AF9EA199658E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-04-15] (Piriform Ltd)
Task: {558F4524-5ADF-46DB-9B78-A19D17A4C2A6} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-05-26] (Acer Incorporated)
Task: {6F77E02D-B3A1-4C5B-A728-F13FEBE8942D} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-02] (AVAST Software)
Task: {8E9A6D10-B676-479D-9D05-4C26F297041C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {A4A2BCF4-366A-4FB0-AAF6-E549EB839B8D} - System32\Tasks\AcerCloud => C:\Program Files\Acer\Acer Portal\acpanel_win.exe [2014-05-26] (Acer Incorporated)
Task: {AF852F9F-3332-46C7-8177-D858A1A50110} - System32\Tasks\SafeZone scheduled Autoupdate 1462442379 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)
Task: {C26FDF15-1769-4E27-93B3-E250AA8894B4} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2016-10-03] (Microsoft Corporation)
Task: {C6803E4E-8DD0-4E73-BA0D-88FD1B0A3092} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-09-18] (AVAST Software)
Task: {DC2AEB20-5B0A-4E74-A9BF-3718481FAFF6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {E30C5CF4-EED6-45C1-B042-A8CD065383E8} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2016-10-03] (Microsoft Corporation)
Task: {E9DB00D6-A5DA-4FF9-82F0-D6F6644FD0EB} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-05-22] (Acer Incorporate)
Task: {F4FCF11A-9091-4B47-855C-6FE56C1578E5} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-01-10] (TODO: <Company name>)
Task: {FA2AF1D2-62D9-49E8-B2F0-8EED43CEAB45} - System32\Tasks\ALU => C:\Program Files\Acer\Live Updater\updater.exe [2016-07-06] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Petra\Desktop\Marťan - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) ==============

2016-09-18 20:12 - 2016-09-18 20:12 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-11-13 17:14 - 2016-11-13 17:14 - 03130832 _____ () C:\Program Files\AVAST Software\Avast\defs\16111300\algo.dll
2016-09-18 20:13 - 2016-09-18 20:13 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2014-08-04 17:36 - 2016-05-24 07:21 - 00089792 _____ () C:\Program Files\Microsoft Office 15\ClientX86\ApiClient.dll
2016-06-24 13:30 - 2016-06-24 13:30 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-06-30 20:26 - 2014-06-30 20:26 - 00203008 _____ () C:\Program Files\Acer\abMedia\curllib.dll
2014-06-30 20:26 - 2014-06-30 20:26 - 00630528 _____ () C:\Program Files\Acer\abMedia\tag.dll
2014-06-30 20:26 - 2014-06-30 20:26 - 00654552 _____ () C:\Program Files\Acer\abMedia\sqlite3.dll
2014-06-30 20:26 - 2014-06-30 20:26 - 00119552 _____ () C:\Program Files\Acer\abMedia\OpenLDAP.dll
2016-09-04 19:17 - 2016-09-04 19:17 - 00015064 _____ () C:\windows\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2016-08-15 13:36 - 2016-08-15 13:36 - 00013016 _____ () C:\Program Files\Acer\AOP Framework\ServiceInterface.dll
2013-12-25 21:34 - 2014-05-26 00:02 - 00279296 _____ () C:\Program Files\Acer\AcerCloud Docs\libcurl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaiospi.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 07:13 - 2013-08-22 07:13 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3749294601-1816942316-3229434055-1001\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\acer01.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{1285EBFA-2CF9-43BF-9436-3976E9F36DDA}] => (Allow) C:\Program Files\Spotify\spotify.exe
FirewallRules: [{F8101FE3-92F6-4944-8860-74114A5F4869}] => (Allow) C:\Program Files\Spotify\spotify.exe
FirewallRules: [{D892648C-C70C-4294-A71A-E24702A9D959}] => (Allow) C:\Program Files\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{8ED799AF-DCEE-4A5E-88FB-676581FDCD9B}] => (Allow) C:\Program Files\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{5E3D6926-AD60-4B55-BEEA-02F5BAA50AB0}] => (Allow) C:\Program Files\Acer\Acer Portal\ccd.exe
FirewallRules: [{54BE0FB7-887F-4E24-9859-5CC20A2181E6}] => (Allow) C:\Program Files\Acer\Acer Portal\ccd.exe
FirewallRules: [{9BB77AF3-F7C7-4DB2-A72F-C2C1DC3CF1BD}] => (Allow) C:\Program Files\Acer\Acer Portal\Sdd.exe
FirewallRules: [{59C71185-338E-4622-87E1-C6E64147E850}] => (Allow) C:\Program Files\Acer\Acer Portal\Sdd.exe
FirewallRules: [{C101C709-E5B2-49B2-B96F-EDBA840165DA}] => (Allow) C:\Program Files\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{560079A9-5574-4243-BE7A-FB9C2CC2FD25}] => (Allow) C:\Program Files\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{D853B3DA-F6AD-40B2-81E6-48BB5D1FD09B}] => (Allow) C:\Program Files\Acer\Acer Portal\ccd.exe
FirewallRules: [{3880CED6-70B9-41E9-BB1A-1710240BD691}] => (Allow) C:\Program Files\Acer\Acer Portal\ccd.exe
FirewallRules: [{431B24E6-AC79-4CBF-B9B6-5E21BE72E63B}] => (Allow) C:\Program Files\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{019A4CB4-967D-418A-821D-F9025FEE2776}] => (Allow) C:\Program Files\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{46B97A7A-9897-4481-AF60-B6D767E38519}] => (Allow) C:\Program Files\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{A593C5B3-B986-43BD-975F-B6C4D3BE3EC4}] => (Allow) C:\Program Files\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{BCFF53D0-CC99-499A-8444-42374A14BC9B}] => (Allow) C:\Program Files\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{08E4C708-420F-4795-8A10-EC80BF3A66E5}] => (Allow) C:\Program Files\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{1524A7B6-C07E-494B-81B8-E02C9C3DC643}] => (Allow) C:\Program Files\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{3208D9D0-BD72-4D3F-8E8C-DAFEA732553B}] => (Allow) C:\Program Files\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{93C7B93B-3E6D-4DDC-ACE0-209B3BBB8BA3}] => (Allow) C:\Program Files\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{4E7A8ECD-ED54-46E2-8705-CB86892D6541}] => (Allow) C:\Program Files\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{76A58059-D732-4C6B-9A08-6EFDCAA29063}] => (Allow) C:\Program Files\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{CFDE7040-250F-4830-AFC2-09717D4C3C50}] => (Allow) C:\Program Files\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{0072682D-C2E9-4302-A884-13BE4BAF7358}] => (Allow) C:\Program Files\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{120DD8EA-0256-41B4-9699-2B7A15328CF0}] => (Allow) C:\Program Files\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{F25617AC-2725-4DF4-BE94-34D5429614B9}] => (Allow) C:\Program Files\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{CA0FD2B1-6393-44BA-95BD-7EE5B34877DC}] => (Allow) C:\Program Files\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [TCP Query User{8521CE01-E234-462B-867C-5E5088C22B1B}C:\users\petra\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\petra\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{C96161E8-0C12-4857-B9F1-B6D7B0D8D316}C:\users\petra\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\petra\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{8657DAC4-8023-4397-B855-17E33C7FDE15}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{A910D161-5007-48B1-A3AA-2EC9240ACA37}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{0F30B144-CAEA-4093-B461-00A1B71DF458}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{67C0CEB5-65F2-4E62-AF39-10AC126EC739}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{DABDAE59-1C05-439A-A3EE-485019B1BC25}] => (Allow) C:\Program Files\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{26D455CE-FCEA-4561-BE6E-5A9241D2ADF6}] => (Allow) C:\Program Files\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{DA487092-3A21-4818-9BF7-BC1555E0913F}] => (Allow) C:\Program Files\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{89F153AA-39B2-47F4-B335-E3E74904A141}] => (Allow) C:\Program Files\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{68DF1FAE-B51E-464D-93A2-CCB8AF2F7A1B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============

Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/15/2016 10:29:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AvastSvc.exe, verze: 12.3.3154.0, časové razítko: 0x57b5c39d
Název chybujícího modulu: ntdll.dll, verze: 6.3.9600.18438, časové razítko: 0x57ae4b64
Kód výjimky: 0xc0000374
Posun chyby: 0x000d13e2
ID chybujícího procesu: 0x580
Čas spuštění chybující aplikace: 0x01d23f84fbb4c7d0
Cesta k chybující aplikaci: C:\Program Files\AVAST Software\Avast\AvastSvc.exe
Cesta k chybujícímu modulu: C:\windows\SYSTEM32\ntdll.dll
ID zprávy: 869013f9-ab7a-11e6-9771-90489a5a9b46
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/15/2016 10:12:50 PM) (Source: DptfPolicyLpmService) (EventID: 1) (User: )
Description: Event-ID 1

Error: (11/15/2016 10:11:05 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Index nebyl inicializován.

Podrobnosti:
Zadaný objekt nebyl nalezen. Zadejte název existujícího objektu. (HRESULT : 0x80040d06) (0x80040d06)

Error: (11/15/2016 10:11:05 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Aplikace nebyla inicializována.

Kontext: aplikace Windows

Podrobnosti:
Zadaný objekt nebyl nalezen. Zadejte název existujícího objektu. (HRESULT : 0x80040d06) (0x80040d06)

Error: (11/15/2016 10:11:05 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Objekt indexovacího modulu nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Zadaný objekt nebyl nalezen. Zadejte název existujícího objektu. (HRESULT : 0x80040d06) (0x80040d06)

Error: (11/15/2016 10:11:05 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.TripoliIndexer> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Zadaný objekt nebyl nalezen. Zadejte název existujícího objektu. (HRESULT : 0x80040d06) (0x80040d06)

Error: (11/15/2016 10:11:05 PM) (Source: Windows Search Service) (EventID: 3057) (User: )
Description: Správce modulu plug-in <Search.TripoliIndexer> nebyl inicializován.

Kontext: aplikace Windows

Podrobnosti:
(HRESULT : 0x8e5e0210) (0x8e5e0210)

Error: (11/15/2016 10:11:05 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Služba Windows Search byla zastavena, protože došlo k problému s indexovacím modulem The catalog is corrupt.

Podrobnosti:
Katalog indexu obsahu je poškozený. 0xc0041801 (0xc0041801)

Error: (11/15/2016 10:11:05 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vyhledávací služby zjistila, že index {id=4810 - enduser\mssearch2\search\ytrip\common\util\jetutil.cpp (167)} obsahuje poškozené datové soubory. Služba se pokusí tyto potíže automaticky odstranit vytvořením nového indexu.

Podrobnosti:
0x8e5e0210 (0x8e5e0210)

Error: (11/15/2016 10:11:05 PM) (Source: ESENT) (EventID: 455) (User: )
Description: SearchIndexer (7896) Windows: Při otevírání souboru protokolu C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb00046.log došlo k chybě -1811 (0xfffff8ed).


System errors:
=============
Error: (11/15/2016 10:31:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avast Antivirus byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (11/15/2016 10:11:58 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\windows\System32\bcmihvsrv.dll

Error: (11/15/2016 10:11:58 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\windows\System32\bcmihvsrv.dll

Error: (11/15/2016 10:11:54 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\windows\System32\bcmihvsrv.dll

Error: (11/15/2016 10:11:49 PM) (Source: DCOM) (EventID: 10010) (User: acer)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.

Error: (11/15/2016 10:11:41 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující chybě:
Instance této služby je již spuštěna.

Error: (11/15/2016 10:11:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (11/15/2016 10:11:05 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Windows Search skončila s následující chybou specifickou pro službu:
%%2147749126

Error: (11/15/2016 10:11:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba User Experience Improvement Program byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/15/2016 10:11:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.


==================== Memory info ===========================

Processor: Intel(R) Atom(TM) CPU Z3745 @ 1.33GHz
Percentage of memory in use: 36%
Total physical RAM: 1931.36 MB
Available physical RAM: 1226.85 MB
Total Virtual: 2699.36 MB
Available Virtual: 1802.89 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:21.9 GB) (Free:3.76 GB) NTFS
Drive d: (CANON_DC) (Removable) (Total:7.28 GB) (Free:7.27 GB) FAT32
Drive f: () (Removable) (Total:15.41 GB) (Free:15.41 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 29.1 GB) (Disk ID: 5860B3B4)

Partition: GPT.

========================================================
Disk: 1 (Size: 7.3 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 3 (Size: 15.4 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3749294601-1816942316-3229434055-1001 -> DefaultScope {03896881-612B-4B78-AC2B-2D9882506CF3} URL =
SearchScopes: HKU\S-1-5-21-3749294601-1816942316-3229434055-1001 -> {03896881-612B-4B78-AC2B-2D9882506CF3} URL =
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
C:\windows\system32\ApnDatabase.xml
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Petra\AppData\Local\Temp
Task: {DC2AEB20-5B0A-4E74-A9BF-3718481FAFF6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.