Pomalý PC - havěť nebo pomalý HDD?

[Rossano]

Ahoj, mám tady počítač, který je pro práci skoro už rozumně nepoužitelný. Zajímalo by mě, zda je to tím, že je disk plný havěti (SW problém) anebo je to samotným diskem - že je pomalý, neb má 5.400 otáček a 8MB cache (HW problém). AdwCleaner jsem už použil, nemazal jsem jen položky patřící pseudoutilitě Advanced System Care... A taky jsem si všimnul, že je tam spousta ACER bloatwaru až běda.

***

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
Ran by Veronika (administrator) on ACER-V (24-03-2017 20:51:12)
Running from C:\Users\Veronika\Desktop
Loaded Profiles: Veronika (Available Profiles: Veronika)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Luis Cobian, CobianSoft) C:\Program Files (x86)\Cobian Backup 11\cbService.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(SoftPerfect Research) C:\Program Files\NetWorx\networx.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe
(Luis Cobian, CobianSoft) C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(TODO: <Company name>) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NetWorx] => C:\Program Files\NetWorx\networx.exe [5296848 2014-03-12] (SoftPerfect Research)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2771576 2015-12-16] (NVIDIA Corporation)
HKLM-x32\...\Run: [Cobian Backup 11 interface] => C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe [4407808 2013-03-07] (Luis Cobian, CobianSoft)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-14] (AVAST Software)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [27308304 2017-03-06] (Dropbox, Inc.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-02-26] (Qualcomm®Atheros®)
HKU\S-1-5-21-1388351895-3938886245-2789613742-1002\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1168896 2014-07-30] (Spotify Ltd)
HKU\S-1-5-21-1388351895-3938886245-2789613742-1002\...\Run: [ShowBatteryBar] => C:\Program Files\BatteryBar\ShowBatteryBar.exe [89600 2014-09-19] ()
HKU\S-1-5-21-1388351895-3938886245-2789613742-1002\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-1388351895-3938886245-2789613742-1002\...\MountPoints2: {41d700c8-56b9-11e5-826b-f8a963dcd16a} - "C:\Windows\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL F:\Common_Handset_USB_Driver.exe
HKU\S-1-5-21-1388351895-3938886245-2789613742-1002\...\MountPoints2: {5ee63059-01b4-11e7-82a2-f8a963dcd16a} - "E:\autorun.exe"
HKU\S-1-5-21-1388351895-3938886245-2789613742-1002\...\MountPoints2: {6303830c-a9d5-11e6-82a0-f8a963dcd16a} - "C:\Windows\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL E:\Common_Handset_USB_Driver.exe
HKU\S-1-5-21-1388351895-3938886245-2789613742-1002\...\MountPoints2: {ea5e9d2e-5657-11e6-8298-f8a963dcd16a} - "E:\autorun.exe"
HKU\S-1-5-21-1388351895-3938886245-2789613742-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\SysWOW64\NEONCL~1.SCR [480256 2004-10-29] (Pavel Chmelař)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-14] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-14] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 89.101.251.229 89.101.251.228
Tcpip\..\Interfaces\{7C4E68AE-33AC-4716-9FAF-BA9F1AAD04E8}: [DhcpNameServer] 10.100.100.1 10.100.100.6
Tcpip\..\Interfaces\{AFF9FADA-FD78-4FFF-A0A5-5A1038ADD669}: [DhcpNameServer] 89.101.251.229 89.101.251.228

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1388351895-3938886245-2789613742-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-1388351895-3938886245-2789613742-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=en-ww
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1388351895-3938886245-2789613742-1002 -> DefaultScope {EF04F02D-93F0-437D-8062-8E0B9E9D289F} URL =
SearchScopes: HKU\S-1-5-21-1388351895-3938886245-2789613742-1002 -> {EF04F02D-93F0-437D-8062-8E0B9E9D289F} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-03-14] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-03-14] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll No File

FireFox:
========
FF DefaultProfile: e1xd6m8g.default
FF ProfilePath: C:\Users\Veronika\AppData\Roaming\Mozilla\Firefox\Profiles\e1xd6m8g.default [2017-03-24]
FF Homepage: Mozilla\Firefox\Profiles\e1xd6m8g.default -> about:home
FF Session Restore: Mozilla\Firefox\Profiles\e1xd6m8g.default -> is enabled.
FF Extension: (Roomy Bookmarks Toolbar) - C:\Users\Veronika\AppData\Roaming\Mozilla\Firefox\Profiles\e1xd6m8g.default\Extensions\ALone-live@ya.ru.xpi [2016-01-26]
FF Extension: (Bing Search) - C:\Users\Veronika\AppData\Roaming\Mozilla\Firefox\Profiles\e1xd6m8g.default\Extensions\bingsearch.full@microsoft.com.xpi [2016-02-19]
FF Extension: (Pocket) - C:\Users\Veronika\AppData\Roaming\Mozilla\Firefox\Profiles\e1xd6m8g.default\Extensions\isreaditlater@ideashower.com [2015-05-30]
FF Extension: (Navigate Up) - C:\Users\Veronika\AppData\Roaming\Mozilla\Firefox\Profiles\e1xd6m8g.default\Extensions\navigateup@DW-dev.xpi [2016-08-09]
FF Extension: (Flagfox) - C:\Users\Veronika\AppData\Roaming\Mozilla\Firefox\Profiles\e1xd6m8g.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2016-12-16]
FF Extension: (Video DownloadHelper) - C:\Users\Veronika\AppData\Roaming\Mozilla\Firefox\Profiles\e1xd6m8g.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-10-11]
FF Extension: (Pearl Crescent Page Saver) - C:\Users\Veronika\AppData\Roaming\Mozilla\Firefox\Profiles\e1xd6m8g.default\Extensions\{c151d79e-e61b-4a90-a887-5a46d38fba99}.xpi [2016-07-30]
FF Extension: (Adblock Plus) - C:\Users\Veronika\AppData\Roaming\Mozilla\Firefox\Profiles\e1xd6m8g.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-24]
FF Extension: (Tab Mix Plus) - C:\Users\Veronika\AppData\Roaming\Mozilla\Firefox\Profiles\e1xd6m8g.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2016-10-28]
FF SearchPlugin: C:\Users\Veronika\AppData\Roaming\Mozilla\Firefox\Profiles\e1xd6m8g.default\searchplugins\bing-.xml [2016-02-20]
FF SearchPlugin: C:\Users\Veronika\AppData\Roaming\Mozilla\Firefox\Profiles\e1xd6m8g.default\searchplugins\sfd.xml [2015-04-30]
FF SearchPlugin: C:\Users\Veronika\AppData\Roaming\Mozilla\Firefox\Profiles\e1xd6m8g.default\searchplugins\vyhledvn-vide-ve-slub-youtube.xml [2015-04-30]
FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-12-29]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-12-29]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-14] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-29] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-07-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Veronika\AppData\Local\Google\Chrome\User Data\Default [2017-03-24]
CHR Extension: (YouTube) - C:\Users\Veronika\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-07]
CHR Extension: (Vyhledávání Google) - C:\Users\Veronika\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Avast SafePrice) - C:\Users\Veronika\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-03-20]
CHR Extension: (Avast Online Security) - C:\Users\Veronika\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-03-04]
CHR Extension: (Skype) - C:\Users\Veronika\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-03-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Veronika\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-10]
CHR Extension: (Gmail) - C:\Users\Veronika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-07]
CHR Extension: (Chrome Media Router) - C:\Users\Veronika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-23]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService10; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [462624 2016-12-12] (IObit)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7147320 2017-03-14] (AVAST Software s.r.o.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-02-26] (Windows (R) Win 7 DDK provider) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-14] (AVAST Software)
S3 cbVSCService11; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584 2013-03-07] (CobianSoft, Luis Cobian) [File not signed]
S3 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe [2797312 2014-01-17] (Acer Incorporated)
R2 CobianBackup11; C:\Program Files (x86)\Cobian Backup 11\cbService.exe [1131008 2013-03-07] (Luis Cobian, CobianSoft) [File not signed]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-12] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-12] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [46408 2017-01-21] (Dropbox, Inc.)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [235008 2013-07-16] (TODO: <Company name>) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2000-01-01] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [455912 2014-12-30] (Acer Incorporate)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [457960 2014-03-22] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-03-22] (Acer Incorporate)
S2 SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [10752 2016-01-26] () [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [222952 2014-01-25] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S3 Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [309272 2017-03-14] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [189768 2017-03-14] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334600 2017-03-14] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [48528 2017-03-14] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-03-14] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [32088 2017-03-14] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [126600 2017-03-14] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [100640 2017-03-14] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-03-14] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [993608 2017-03-14] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [548928 2017-03-21] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162528 2017-03-14] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [337592 2017-03-14] (AVAST Software)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3888640 2014-02-14] (Qualcomm Atheros Communications, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-26] (Qualcomm Atheros)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [120312 2014-06-10] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R1 networx; C:\Windows\System32\drivers\networx.sys [59384 2014-03-11] (NetFilterSDK.com)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [506072 2016-01-19] (Realsil Semiconductor Corporation)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-19] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 clwvd7; \SystemRoot\system32\DRIVERS\clwvd7.sys [X]
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 IntcAzAudAddService; \SystemRoot\system32\drivers\RTKVHD64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-24 20:51 - 2017-03-24 20:51 - 00026353 _____ C:\Users\Veronika\Desktop\FRST.txt
2017-03-24 20:51 - 2017-03-24 20:51 - 00000000 ____D C:\FRST
2017-03-24 20:46 - 2017-03-24 20:46 - 00000952 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-03-24 20:46 - 2017-03-24 20:46 - 00000940 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-03-24 20:46 - 2017-03-24 20:46 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-03-24 20:46 - 2017-03-24 20:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-24 20:42 - 2017-03-24 20:42 - 02424832 _____ (Farbar) C:\Users\Veronika\Desktop\FRST64.exe
2017-03-24 20:39 - 2017-03-24 20:39 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-03-24 20:25 - 2017-03-24 20:25 - 00003888 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1469171794
2017-03-24 19:51 - 2017-03-24 19:51 - 04031440 _____ C:\Users\Veronika\Downloads\adwcleaner_6.044.exe
2017-03-24 19:41 - 2017-03-24 19:41 - 97546240 _____ C:\Windows\system32\config\software.iobit
2017-03-24 19:41 - 2017-03-24 19:41 - 00266240 _____ C:\Windows\system32\config\default.iobit
2017-03-24 19:41 - 2017-03-24 19:41 - 00028672 _____ C:\Windows\system32\config\security.iobit
2017-03-24 19:41 - 2017-03-24 19:41 - 00028672 _____ C:\Windows\system32\config\sam.iobit
2017-03-24 19:34 - 2017-03-24 19:49 - 00000000 ____D C:\ProgramData\ProductData
2017-03-24 19:34 - 2017-03-24 19:36 - 00002290 _____ C:\Users\Public\Desktop\Advanced SystemCare 10.lnk
2017-03-24 19:34 - 2017-03-24 19:34 - 00002828 _____ C:\Windows\System32\Tasks\ASC10_SkipUac_Veronika
2017-03-24 19:34 - 2017-03-24 19:34 - 00000000 ____D C:\Windows\Tasks\ImCleanDisabled
2017-03-24 19:34 - 2017-03-24 19:34 - 00000000 ____D C:\Users\Veronika\AppData\LocalLow\IObit
2017-03-24 19:34 - 2017-03-24 19:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
2017-03-24 19:34 - 2017-03-24 19:34 - 00000000 ____D C:\ProgramData\{74E9F814-C737-42CC-B721-DBBC4059367A}
2017-03-24 19:33 - 2017-03-24 20:26 - 00000000 ____D C:\ProgramData\IObit
2017-03-24 19:33 - 2017-03-24 19:56 - 00000000 ____D C:\Program Files (x86)\IObit
2017-03-24 19:33 - 2017-03-24 19:50 - 00000000 ____D C:\Users\Veronika\AppData\Roaming\IObit
2017-03-24 19:32 - 2017-03-24 19:32 - 41756576 _____ (IObit ) C:\Users\Veronika\Downloads\advanced-systemcare-setup.exe
2017-03-22 20:55 - 2017-03-22 20:55 - 00283074 _____ C:\Users\Veronika\Desktop\Výpis z účtu za rok 2016 - příjmy i výdaje.pdf
2017-03-22 20:51 - 2017-03-22 20:51 - 00188098 _____ C:\Users\Veronika\Desktop\Odchozí platby za rok 2016 z mbank.pdf
2017-03-22 20:50 - 2017-03-22 20:50 - 00186826 _____ C:\Users\Veronika\Desktop\Příchozí platby za rok 2016 - mbank.pdf
2017-03-21 14:18 - 2017-03-21 14:18 - 08293376 _____ C:\Users\Veronika\Downloads\2017_Janička-Luhačovice.pps
2017-03-16 23:22 - 2017-03-16 23:23 - 08907474 _____ C:\Users\Veronika\Downloads\Re- Doplácení za lekce.zip
2017-03-15 18:24 - 2017-03-15 18:24 - 00002747 _____ C:\Users\Public\Desktop\Skype.lnk
2017-03-15 18:24 - 2017-03-15 18:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-03-14 17:06 - 2017-03-14 17:06 - 00003914 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-03-14 17:06 - 2017-03-14 17:04 - 00334600 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-03-14 17:06 - 2017-03-14 17:04 - 00309272 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-03-14 17:06 - 2017-03-14 17:04 - 00189768 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-03-14 17:06 - 2017-03-14 17:04 - 00048528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-03-14 17:05 - 2017-03-14 17:05 - 00398408 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-03-09 20:04 - 2017-03-09 20:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-03-07 22:05 - 2017-03-07 22:05 - 00291529 _____ C:\Users\Veronika\Desktop\Výdělek nz skener.pdf
2017-03-06 21:50 - 2017-03-06 21:50 - 00046184 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-03-02 13:52 - 2017-03-02 13:52 - 00005644 _____ C:\Users\Veronika\Desktop\Prehled-reklam - nové návrhy.txt
2017-03-02 12:34 - 2017-03-02 12:34 - 00009962 _____ C:\Users\Veronika\Desktop\Prehled-uspesnych-reklam.ods
2017-03-01 19:37 - 2017-03-02 13:57 - 00004226 _____ C:\Users\Veronika\Desktop\Prehled-reklam.csv
2017-02-26 18:33 - 2017-02-26 18:33 - 00378138 _____ C:\Users\Veronika\Downloads\BoardingCard_138976839_EIN_BRQ.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-24 20:47 - 2016-12-22 09:14 - 00000000 ____D C:\Users\Veronika\AppData\LocalLow\Mozilla
2017-03-24 20:45 - 2014-07-30 10:05 - 00739924 _____ C:\Windows\system32\perfh005.dat
2017-03-24 20:45 - 2014-07-30 10:05 - 00151610 _____ C:\Windows\system32\perfc005.dat
2017-03-24 20:45 - 2014-03-18 11:03 - 01745984 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-24 20:45 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2017-03-24 20:44 - 2014-07-30 10:55 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1388351895-3938886245-2789613742-1002
2017-03-24 20:43 - 2015-10-09 21:57 - 02413568 ___SH C:\Users\Veronika\Downloads\Thumbs.db
2017-03-24 20:40 - 2017-01-19 18:48 - 00000000 ___RD C:\Users\Veronika\Dropbox
2017-03-24 20:38 - 2017-01-12 13:51 - 00000922 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-03-24 20:38 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-24 20:37 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-03-24 20:36 - 2016-01-26 19:54 - 00000000 ____D C:\AdwCleaner
2017-03-24 20:24 - 2016-07-22 08:16 - 00001063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-03-24 20:23 - 2016-09-02 22:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-24 20:20 - 2015-04-29 22:19 - 00000000 ____D C:\Users\Veronika\AppData\Roaming\Skype
2017-03-24 20:11 - 2015-10-01 12:24 - 00000000 ____D C:\ProgramData\Nero
2017-03-24 20:05 - 2015-09-26 21:00 - 00000000 ____D C:\ProgramData\Norton
2017-03-24 20:01 - 2015-04-30 22:12 - 00000000 ___HD C:\Program Files (x86)\InstallJammer Registry
2017-03-24 19:56 - 2017-01-12 13:51 - 00000926 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-03-24 19:39 - 2015-06-26 08:19 - 00004478 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-03-24 19:39 - 2014-07-30 10:09 - 00003338 _____ C:\Windows\System32\Tasks\AcerCloud
2017-03-24 19:27 - 2015-05-03 13:52 - 00007637 _____ C:\Users\Veronika\AppData\Local\resmon.resmoncfg
2017-03-24 19:18 - 2015-04-30 19:21 - 00000000 ____D C:\Users\Veronika\AppData\Roaming\vlc
2017-03-23 21:05 - 2015-05-03 15:02 - 03845120 ___SH C:\Users\Veronika\Desktop\Thumbs.db
2017-03-22 16:55 - 2016-03-07 12:55 - 00019466 _____ C:\Users\Veronika\Desktop\SOCHAŘSKÁ DÍLNA - SIMONA KRAUSOVÁ.xlsx
2017-03-21 23:56 - 2017-01-05 10:43 - 00000000 ____D C:\Users\Veronika\Desktop\SAM
2017-03-21 17:06 - 2015-05-03 15:34 - 00548928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2017-03-21 14:02 - 2016-03-07 12:55 - 00015077 _____ C:\Users\Veronika\Desktop\GRAFICKÁ DÍLNA - JULIANA CHOMOVÁ.xlsx
2017-03-21 11:54 - 2015-06-19 20:52 - 00037235 _____ C:\Users\Veronika\Desktop\Klasicka olejomalba rozvrh.xlsx
2017-03-20 12:06 - 2016-01-29 23:07 - 00000000 ____D C:\Users\Veronika\Desktop\BOXTEL - WORKSHOPS AND COURSES
2017-03-19 22:21 - 2015-07-18 23:26 - 00024985 _____ C:\Users\Veronika\Desktop\OD tužky ke štětci - Páteční program.xlsx
2017-03-19 19:28 - 2015-05-19 09:14 - 00000000 ____D C:\Users\Veronika\Downloads\PopcornTime
2017-03-17 00:05 - 2016-01-13 13:41 - 00015616 _____ C:\Users\Veronika\Desktop\MALBA, aneb od Vodovek k Oleji - Lucka N..xlsx
2017-03-16 10:56 - 2015-05-03 14:07 - 00000000 ____D C:\Users\Veronika\Desktop\FILM
2017-03-15 21:50 - 2016-03-14 13:25 - 00000000 ____D C:\Users\Veronika\Desktop\PORTRÉT
2017-03-15 18:24 - 2015-04-29 22:19 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-03-15 18:24 - 2015-04-29 22:19 - 00000000 ____D C:\ProgramData\Skype
2017-03-15 18:23 - 2015-09-26 21:01 - 00000000 ____D C:\ProgramData\Package Cache
2017-03-15 12:07 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2017-03-15 10:50 - 2015-04-29 23:56 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-03-15 09:59 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-15 09:59 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2017-03-14 17:12 - 2015-04-29 23:40 - 00004372 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-03-14 17:12 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-03-14 17:12 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\Macromed
2017-03-14 17:06 - 2015-05-03 15:34 - 00337592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2017-03-14 17:05 - 2016-07-12 09:06 - 00032088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-03-14 17:05 - 2015-05-03 15:34 - 00993608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-03-14 17:05 - 2015-05-03 15:34 - 00547904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.148950758123404
2017-03-14 17:05 - 2015-05-03 15:34 - 00337592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys.148950758256206
2017-03-14 17:05 - 2015-05-03 15:34 - 00162528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-03-14 17:05 - 2015-05-03 15:34 - 00126600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-03-14 17:05 - 2015-05-03 15:34 - 00100640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-03-14 17:05 - 2015-05-03 15:34 - 00075704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-03-14 17:05 - 2015-05-03 15:34 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-03-10 09:24 - 2017-01-12 13:51 - 00000000 ____D C:\Users\Veronika\AppData\Local\Dropbox
2017-03-09 20:05 - 2017-01-12 13:51 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-03-09 15:21 - 2016-09-09 20:45 - 00016285 _____ C:\Users\Veronika\Desktop\Rozvrhy pro tisk.xlsx
2017-03-04 18:07 - 2016-05-23 11:29 - 00000000 ____D C:\Users\Veronika\AppData\Roaming\dvdcss
2017-03-02 11:33 - 2015-07-17 09:55 - 00021849 _____ C:\Users\Veronika\Desktop\ČT černobílá kresba - ateliér montmartre.xlsx

==================== Files in the root of some directories =======

2015-05-03 13:52 - 2017-03-24 19:27 - 0007637 _____ () C:\Users\Veronika\AppData\Local\resmon.resmoncfg
2014-07-30 09:35 - 2014-07-30 09:35 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
2016-01-26 21:23 - 2016-01-26 21:24 - 0142848 _____ () C:\Users\Veronika\AppData\Local\Temp\appupdater.exe
2016-02-19 11:09 - 2016-02-19 11:09 - 0144008 _____ (© 2015 Microsoft Corporation) C:\Users\Veronika\AppData\Local\Temp\BingSvc.exe
2016-02-19 11:09 - 2016-02-19 11:09 - 1118360 _____ (© 2015 Microsoft Corporation) C:\Users\Veronika\AppData\Local\Temp\BSvcProcessor.exe
2016-02-19 11:09 - 2016-02-19 11:09 - 0170128 _____ (© 2015 Microsoft Corporation) C:\Users\Veronika\AppData\Local\Temp\BSvcUpdater.exe
2016-10-29 12:08 - 2016-10-29 12:09 - 50563233 _____ (Popcorn Time ) C:\Users\Veronika\AppData\Local\Temp\setup_4DCD.exe
2016-02-14 18:05 - 2017-02-13 09:37 - 43677152 _____ (Skype Technologies S.A.) C:\Users\Veronika\AppData\Local\Temp\SkypeSetup.exe
2017-03-15 18:21 - 2017-03-15 18:21 - 14456872 _____ (Microsoft Corporation) C:\Users\Veronika\AppData\Local\Temp\vc_redist.x86.exe
2016-01-26 23:13 - 2016-01-26 23:13 - 0033792 _____ () C:\Users\Veronika\AppData\Local\Temp\wmgxgyx0.dll
2017-01-04 09:54 - 2017-01-04 09:54 - 0033792 _____ () C:\Users\Veronika\AppData\Local\Temp\ynaqkrzb.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-03-17 09:38

==================== End of FRST.txt ============================

[Rudy]

Zdravím!
Doporučuji AdvancedSystemCare rovněž odinstalovat. Tento optimizer občas vidí problém i tam, kde není a laik si jím snadno může poškodit systém. Spusťte tuto utlitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

[Rossano]

Provedl jsem tedy odinstalaci Advanced System Care, potom jsem provedl SCAN a CLEAN pomocí AdwCleaneru. Níže je log.
Pozn.: Přiložil jsem níže první log z včerejšího cleanu, který jsem získal ještě předtím, než jsem sem napsal.

# AdwCleaner v6.044 - Log vytvořen 25/03/2017 v 16:31:27
# Aktualizováno dne 28/02/2017 z Malwarebytes
# Databáze : 2017-03-23.2 [Místní]
# Operační systém : Windows 8.1 (X64)
# Uživatelské jméno : Veronika - ACER-V
# Spuštěno z : C:\AdwCleaner\adwcleaner_6.044.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****



***** [ Složky ] *****

[-] Složka smazána: C:\Users\Veronika\AppData\LocalLow\IObit\Advanced SystemCare
[-] Složka smazána: C:\ProgramData\IObit\ASCDownloader
[#] Složka smazána po restartu: C:\ProgramData\Application Data\IObit\ASCDownloader
[-] Složka smazána: C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
[-] Složka smazána: C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare


***** [ Soubory ] *****

[-] Soubor smazán: C:\Users\Veronika\AppData\Roaming\Mozilla\Firefox\Profiles\e1xd6m8g.default\invalidprefs.js


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupci ] *****



***** [ Naplánované úlohy ] *****



***** [ Registry ] *****

[-] Klíč smazán: HKLM\SOFTWARE\IOBIT\ASC


***** [ Prohlížeče ] *****

[-] Firefox předvolby vyčištěny: "browser.search.hiddenOneOffs" - "Slunečnice"


*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [5769 Bajty] - [26/01/2016 19:57:38]
C:\AdwCleaner\AdwCleaner[C2].txt - [5053 Bajty] - [24/03/2017 20:36:48]
C:\AdwCleaner\AdwCleaner[C3].txt - [1592 Bajty] - [25/03/2017 16:31:27]
C:\AdwCleaner\AdwCleaner[S1].txt - [5489 Bajty] - [26/01/2016 19:54:44]
C:\AdwCleaner\AdwCleaner[S2].txt - [6155 Bajty] - [24/03/2017 19:53:33]
C:\AdwCleaner\AdwCleaner[S3].txt - [4802 Bajty] - [24/03/2017 20:30:50]
C:\AdwCleaner\AdwCleaner[S4].txt - [2742 Bajty] - [25/03/2017 14:18:29]
C:\AdwCleaner\AdwCleaner[S5].txt - [2279 Bajty] - [25/03/2017 15:40:26]
C:\AdwCleaner\AdwCleaner[S6].txt - [2352 Bajty] - [25/03/2017 16:30:29]

########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [2103 Bajty] ##########


****************************************** PŮVODNÍ LOG ******************************************

# AdwCleaner v6.044 - Log vytvořen 24/03/2017 v 20:36:48
# Aktualizováno dne 28/02/2017 z Malwarebytes
# Databáze : 2017-03-23.2 [Místní]
# Operační systém : Windows 8.1 (X64)
# Uživatelské jméno : Veronika - ACER-V
# Spuštěno z : C:\Users\Veronika\Downloads\adwcleaner_6.044.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****

[-] Služba smazána: swdumon
[-] Služba smazána: Update service


***** [ Složky ] *****

[!] Složku nelze smazat:C:\Users\Veronika\AppData\LocalLow\IObit\Advanced SystemCare
[!] Složku nelze smazat:C:\Users\Veronika\AppData\Roaming\IObit\Advanced SystemCare
[-] Složka smazána: C:\Program Files\Booking.com
[-] Složka smazána: C:\ProgramData\SlimWare Utilities, Inc
[!] Složku nelze smazat:C:\ProgramData\IObit\ASCDownloader
[!] Složku nelze smazat:C:\ProgramData\IObit\Advanced SystemCare
[#] Složka smazána po restartu: C:\ProgramData\Application Data\SlimWare Utilities, Inc
[!] Složku nelze smazat:C:\ProgramData\Application Data\IObit\ASCDownloader
[!] Složku nelze smazat:C:\ProgramData\Application Data\IObit\Advanced SystemCare
[-] Složka smazána: C:\Users\Public\Documents\Downloaded Installers
[!] Složku nelze smazat:C:\Program Files (x86)\IObit\Advanced SystemCare
[!] Složku nelze smazat:C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
[!] Složku nelze smazat:C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
[-] Složka smazána: C:\Users\Default User\AppData\Local\Pokki
[#] Složka smazána po restartu: C:\Users\Default\AppData\Local\Pokki
[-] Složka smazána: C:\Users\Public\Pokki
[-] Složka smazána: C:\Users\Veronika\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd


***** [ Soubory ] *****

[-] Soubor smazán: C:\Windows\SysNative\drivers\swdumon.sys


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupci ] *****



***** [ Naplánované úlohy ] *****

[-] Úloha smazána: Software Update Application


***** [ Registry ] *****

[!] Klíč nelze smazat:HKLM\SOFTWARE\Classes\ASCExtMenu.CExtMenu
[!] Klíč nelze smazat:HKLM\SOFTWARE\Classes\ASCExtMenu.CExtMenu.1
[!] Klíč nelze smazat:[x64] HKLM\SOFTWARE\Classes\ASCExtMenu.CExtMenu
[!] Klíč nelze smazat:[x64] HKLM\SOFTWARE\Classes\ASCExtMenu.CExtMenu.1
[!] Klíč nelze smazat:HKLM\SOFTWARE\IOBIT\ASC
[-] Klíč smazán: HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
[-] Klíč smazán: HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
[-] Klíč smazán: HKU\S-1-5-21-1388351895-3938886245-2789613742-1002\Software\Conduit
[-] Klíč smazán: HKU\S-1-5-21-1388351895-3938886245-2789613742-1002\Software\SweetLabs App Platform
[#] Klíč smazán po restartu: HKCU\Software\Conduit
[#] Klíč smazán po restartu: HKCU\Software\SweetLabs App Platform
[-] Klíč smazán: HKLM\SOFTWARE\SLIMWARE UTILITIES, INC.
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
[#] Klíč smazán po restartu: [x64] HKCU\Software\Conduit
[#] Klíč smazán po restartu: [x64] HKCU\Software\SweetLabs App Platform
[-] Hodnota smazána: HKU\S-1-5-21-1388351895-3938886245-2789613742-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Pokki]
[-] Klíč smazán: HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
[-] Klíč smazán: HKLM\SOFTWARE\CLASSES\DRIVE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
[-] Klíč smazán: HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
[-] Klíč smazán: HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
[#] Klíč smazán po restartu: [x64] HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd


***** [ Prohlížeče ] *****

[-] [C:\Users\Veronika\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Smazáno: homepage-web.com
[-] [C:\Users\Veronika\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Smazáno: mycam.en.softonic.com
[-] [C:\Users\Veronika\AppData\Local\Google\Chrome\User Data\Default] [extension] Smazáno: fcfenmboojpjinhpgggodefccipikbpd


*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [5769 Bajty] - [26/01/2016 19:57:38]
C:\AdwCleaner\AdwCleaner[C2].txt - [4654 Bajty] - [24/03/2017 20:36:48]
C:\AdwCleaner\AdwCleaner[S1].txt - [5489 Bajty] - [26/01/2016 19:54:44]
C:\AdwCleaner\AdwCleaner[S2].txt - [6155 Bajty] - [24/03/2017 19:53:33]
C:\AdwCleaner\AdwCleaner[S3].txt - [4802 Bajty] - [24/03/2017 20:30:50]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [4946 Bajty] ##########

[Rudy]

OK. Dejte nový log FRST.

[Rossano]

Tady je:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
Ran by Veronika (administrator) on ACER-V (25-03-2017 21:32:09)
Running from C:\Users\Veronika\Desktop
Loaded Profiles: Veronika (Available Profiles: Veronika)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Luis Cobian, CobianSoft) C:\Program Files (x86)\Cobian Backup 11\cbService.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(SoftPerfect Research) C:\Program Files\NetWorx\networx.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Luis Cobian, CobianSoft) C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(VideoLAN) C:\Program Files\VideoLAN\VLC\vlc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
() C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
() C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
() C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
Failed to access process -> explorer.exe
() C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NetWorx] => C:\Program Files\NetWorx\networx.exe [5296848 2014-03-12] (SoftPerfect Research)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2771576 2015-12-16] (NVIDIA Corporation)
HKLM-x32\...\Run: [Cobian Backup 11 interface] => C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe [4407808 2013-03-07] (Luis Cobian, CobianSoft)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-14] (AVAST Software)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [28065728 2017-03-21] (Dropbox, Inc.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-02-26] (Qualcomm®Atheros®)
HKU\S-1-5-21-1388351895-3938886245-2789613742-1002\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1168896 2014-07-30] (Spotify Ltd)
HKU\S-1-5-21-1388351895-3938886245-2789613742-1002\...\Run: [ShowBatteryBar] => C:\Program Files\BatteryBar\ShowBatteryBar.exe [89600 2014-09-19] ()
HKU\S-1-5-21-1388351895-3938886245-2789613742-1002\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-1388351895-3938886245-2789613742-1002\...\MountPoints2: {41d700c8-56b9-11e5-826b-f8a963dcd16a} - "C:\Windows\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL F:\Common_Handset_USB_Driver.exe
HKU\S-1-5-21-1388351895-3938886245-2789613742-1002\...\MountPoints2: {5ee63059-01b4-11e7-82a2-f8a963dcd16a} - "E:\autorun.exe"
HKU\S-1-5-21-1388351895-3938886245-2789613742-1002\...\MountPoints2: {6303830c-a9d5-11e6-82a0-f8a963dcd16a} - "C:\Windows\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL E:\Common_Handset_USB_Driver.exe
HKU\S-1-5-21-1388351895-3938886245-2789613742-1002\...\MountPoints2: {ea5e9d2e-5657-11e6-8298-f8a963dcd16a} - "E:\autorun.exe"
HKU\S-1-5-21-1388351895-3938886245-2789613742-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\SysWOW64\NEONCL~1.SCR [480256 2004-10-29] (Pavel Chmelař)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-14] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-14] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-03-21] (Dropbox, Inc.)
Startup: C:\Users\Veronika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\aluagent.lnk [2017-03-25]
ShortcutTarget: aluagent.lnk -> C:\ProgramData\Acer\Acer Updater\aluagent.exe (Acer Incorporated)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 89.101.251.229 89.101.251.228
Tcpip\..\Interfaces\{7C4E68AE-33AC-4716-9FAF-BA9F1AAD04E8}: [DhcpNameServer] 10.100.100.1 10.100.100.6
Tcpip\..\Interfaces\{AFF9FADA-FD78-4FFF-A0A5-5A1038ADD669}: [DhcpNameServer] 89.101.251.229 89.101.251.228

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1388351895-3938886245-2789613742-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-1388351895-3938886245-2789613742-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=en-ww
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1388351895-3938886245-2789613742-1002 -> DefaultScope {EF04F02D-93F0-437D-8062-8E0B9E9D289F} URL =
SearchScopes: HKU\S-1-5-21-1388351895-3938886245-2789613742-1002 -> {EF04F02D-93F0-437D-8062-8E0B9E9D289F} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - No File

FireFox:
========
FF DefaultProfile: e1xd6m8g.default
FF ProfilePath: C:\Users\Veronika\AppData\Roaming\Mozilla\Firefox\Profiles\e1xd6m8g.default [2017-03-25]
FF Homepage: Mozilla\Firefox\Profiles\e1xd6m8g.default -> about:home
FF Session Restore: Mozilla\Firefox\Profiles\e1xd6m8g.default -> is enabled.
FF Extension: (Roomy Bookmarks Toolbar) - C:\Users\Veronika\AppData\Roaming\Mozilla\Firefox\Profiles\e1xd6m8g.default\Extensions\ALone-live@ya.ru.xpi [2017-03-25]
FF Extension: (Bing Search) - C:\Users\Veronika\AppData\Roaming\Mozilla\Firefox\Profiles\e1xd6m8g.default\Extensions\bingsearch.full@microsoft.com.xpi [2016-02-19]
FF Extension: (Pocket) - C:\Users\Veronika\AppData\Roaming\Mozilla\Firefox\Profiles\e1xd6m8g.default\Extensions\isreaditlater@ideashower.com [2015-05-30]
FF Extension: (Navigate Up) - C:\Users\Veronika\AppData\Roaming\Mozilla\Firefox\Profiles\e1xd6m8g.default\Extensions\navigateup@DW-dev.xpi [2016-08-09]
FF Extension: (Flagfox) - C:\Users\Veronika\AppData\Roaming\Mozilla\Firefox\Profiles\e1xd6m8g.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2017-03-24]
FF Extension: (Video DownloadHelper) - C:\Users\Veronika\AppData\Roaming\Mozilla\Firefox\Profiles\e1xd6m8g.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-03-24]
FF Extension: (Pearl Crescent Page Saver) - C:\Users\Veronika\AppData\Roaming\Mozilla\Firefox\Profiles\e1xd6m8g.default\Extensions\{c151d79e-e61b-4a90-a887-5a46d38fba99}.xpi [2017-03-25]
FF Extension: (Adblock Plus) - C:\Users\Veronika\AppData\Roaming\Mozilla\Firefox\Profiles\e1xd6m8g.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-24]
FF Extension: (Tab Mix Plus) - C:\Users\Veronika\AppData\Roaming\Mozilla\Firefox\Profiles\e1xd6m8g.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2017-03-25]
FF SearchPlugin: C:\Users\Veronika\AppData\Roaming\Mozilla\Firefox\Profiles\e1xd6m8g.default\searchplugins\bing-.xml [2016-02-20]
FF SearchPlugin: C:\Users\Veronika\AppData\Roaming\Mozilla\Firefox\Profiles\e1xd6m8g.default\searchplugins\sfd.xml [2015-04-30]
FF SearchPlugin: C:\Users\Veronika\AppData\Roaming\Mozilla\Firefox\Profiles\e1xd6m8g.default\searchplugins\vyhledvn-vide-ve-slub-youtube.xml [2015-04-30]
FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-14] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Veronika\AppData\Local\Google\Chrome\User Data\Default [2017-03-25]
CHR Extension: (YouTube) - C:\Users\Veronika\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-07]
CHR Extension: (Vyhledávání Google) - C:\Users\Veronika\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Skype) - C:\Users\Veronika\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-03-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Veronika\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-10]
CHR Extension: (Gmail) - C:\Users\Veronika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-07]
CHR Extension: (Chrome Media Router) - C:\Users\Veronika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-23]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-02-26] (Windows (R) Win 7 DDK provider) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-14] (AVAST Software)
S3 cbVSCService11; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584 2013-03-07] (CobianSoft, Luis Cobian) [File not signed]
R2 CobianBackup11; C:\Program Files (x86)\Cobian Backup 11\cbService.exe [1131008 2013-03-07] (Luis Cobian, CobianSoft) [File not signed]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-12] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-12] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [46408 2017-03-11] (Dropbox, Inc.)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2000-01-01] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [455912 2014-12-30] (Acer Incorporate)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [457960 2014-03-22] (Acer Incorporate)
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-03-22] (Acer Incorporate)
S2 SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [10752 2016-01-26] () [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-03-14] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [126600 2017-03-14] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [100640 2017-03-14] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-03-14] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [993608 2017-03-14] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [548928 2017-03-21] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162528 2017-03-14] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [337592 2017-03-14] (AVAST Software)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3888640 2014-02-14] (Qualcomm Atheros Communications, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-26] (Qualcomm Atheros)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [120312 2014-06-10] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R1 networx; C:\Windows\System32\drivers\networx.sys [59384 2014-03-11] (NetFilterSDK.com)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [506072 2016-01-19] (Realsil Semiconductor Corporation)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-19] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 clwvd7; \SystemRoot\system32\DRIVERS\clwvd7.sys [X]
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 IntcAzAudAddService; \SystemRoot\system32\drivers\RTKVHD64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-25 21:32 - 2017-03-25 21:32 - 00025410 _____ C:\Users\Veronika\Desktop\FRST.txt
2017-03-25 17:52 - 2011-02-12 12:25 - 945991680 _____ C:\Users\Veronika\Desktop\Harry Potter and the Half-Blood Prince-aXXo.avi
2017-03-25 16:22 - 2017-03-25 16:24 - 00000000 ____D C:\Users\Veronika\Documents\AIDA64 Reports
2017-03-25 15:28 - 2017-03-25 15:28 - 00000000 ____D C:\ProgramData\BlueStacks
2017-03-25 15:14 - 2017-03-25 15:14 - 00000000 ____D C:\Windows\System32\Tasks\AcerExplorerAgent
2017-03-24 21:46 - 2017-03-24 21:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-03-24 20:51 - 2017-03-25 21:32 - 00000000 ____D C:\FRST
2017-03-24 20:46 - 2017-03-24 20:46 - 00000952 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-03-24 20:46 - 2017-03-24 20:46 - 00000940 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-03-24 20:46 - 2017-03-24 20:46 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-03-24 20:46 - 2017-03-24 20:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-24 20:42 - 2017-03-24 20:42 - 02424832 _____ (Farbar) C:\Users\Veronika\Desktop\FRST64.exe
2017-03-24 19:41 - 2017-03-24 19:41 - 97546240 _____ C:\Windows\system32\config\software.iobit
2017-03-24 19:41 - 2017-03-24 19:41 - 00266240 _____ C:\Windows\system32\config\default.iobit
2017-03-24 19:41 - 2017-03-24 19:41 - 00028672 _____ C:\Windows\system32\config\security.iobit
2017-03-24 19:41 - 2017-03-24 19:41 - 00028672 _____ C:\Windows\system32\config\sam.iobit
2017-03-24 19:34 - 2017-03-25 16:31 - 00000000 ____D C:\Users\Veronika\AppData\LocalLow\IObit
2017-03-24 19:34 - 2017-03-24 19:49 - 00000000 ____D C:\ProgramData\ProductData
2017-03-24 19:34 - 2017-03-24 19:34 - 00000000 ____D C:\Windows\Tasks\ImCleanDisabled
2017-03-24 19:34 - 2017-03-24 19:34 - 00000000 ____D C:\ProgramData\{74E9F814-C737-42CC-B721-DBBC4059367A}
2017-03-24 19:33 - 2017-03-25 16:31 - 00000000 ____D C:\ProgramData\IObit
2017-03-24 19:33 - 2017-03-25 14:30 - 00000000 ____D C:\Users\Veronika\AppData\Roaming\IObit
2017-03-24 19:33 - 2017-03-25 14:28 - 00000000 ____D C:\Program Files (x86)\IObit
2017-03-22 20:55 - 2017-03-22 20:55 - 00283074 _____ C:\Users\Veronika\Desktop\Výpis z účtu za rok 2016 - příjmy i výdaje.pdf
2017-03-22 20:51 - 2017-03-22 20:51 - 00188098 _____ C:\Users\Veronika\Desktop\Odchozí platby za rok 2016 z mbank.pdf
2017-03-22 20:50 - 2017-03-22 20:50 - 00186826 _____ C:\Users\Veronika\Desktop\Příchozí platby za rok 2016 - mbank.pdf
2017-03-21 14:18 - 2017-03-21 14:18 - 08293376 _____ C:\Users\Veronika\Downloads\2017_Janička-Luhačovice.pps
2017-03-16 23:22 - 2017-03-16 23:23 - 08907474 _____ C:\Users\Veronika\Downloads\Re- Doplácení za lekce.zip
2017-03-15 18:24 - 2017-03-15 18:24 - 00002747 _____ C:\Users\Public\Desktop\Skype.lnk
2017-03-15 18:24 - 2017-03-15 18:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-03-14 17:06 - 2017-03-14 17:06 - 00003914 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-03-14 17:05 - 2017-03-14 17:05 - 00398408 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-03-11 00:17 - 2017-03-11 00:17 - 00046408 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-03-11 00:17 - 2017-03-11 00:17 - 00045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-03-11 00:17 - 2017-03-11 00:17 - 00045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-03-11 00:17 - 2017-03-11 00:17 - 00045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-03-07 22:05 - 2017-03-07 22:05 - 00291529 _____ C:\Users\Veronika\Desktop\Výdělek nz skener.pdf
2017-03-02 13:52 - 2017-03-02 13:52 - 00005644 _____ C:\Users\Veronika\Desktop\Prehled-reklam - nové návrhy.txt
2017-03-02 12:34 - 2017-03-02 12:34 - 00009962 _____ C:\Users\Veronika\Desktop\Prehled-uspesnych-reklam.ods
2017-03-01 19:37 - 2017-03-02 13:57 - 00004226 _____ C:\Users\Veronika\Desktop\Prehled-reklam.csv
2017-02-26 18:33 - 2017-02-26 18:33 - 00378138 _____ C:\Users\Veronika\Downloads\BoardingCard_138976839_EIN_BRQ.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-25 21:30 - 2015-04-29 22:19 - 00000000 ____D C:\Users\Veronika\AppData\Roaming\Skype
2017-03-25 20:56 - 2017-01-12 13:51 - 00000926 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-03-25 17:53 - 2015-05-03 15:02 - 03847168 ___SH C:\Users\Veronika\Desktop\Thumbs.db
2017-03-25 17:03 - 2014-07-30 10:55 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1388351895-3938886245-2789613742-1002
2017-03-25 16:45 - 2015-05-03 13:52 - 00007637 _____ C:\Users\Veronika\AppData\Local\resmon.resmoncfg
2017-03-25 16:40 - 2014-07-30 10:05 - 00739924 _____ C:\Windows\system32\perfh005.dat
2017-03-25 16:40 - 2014-07-30 10:05 - 00151610 _____ C:\Windows\system32\perfc005.dat
2017-03-25 16:40 - 2014-03-18 11:03 - 01745984 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-25 16:40 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2017-03-25 16:35 - 2017-01-19 18:48 - 00000000 ___RD C:\Users\Veronika\Dropbox
2017-03-25 16:33 - 2017-01-12 13:51 - 00000922 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-03-25 16:33 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-25 16:32 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-03-25 16:31 - 2016-01-26 19:54 - 00000000 ____D C:\AdwCleaner
2017-03-25 16:22 - 2015-04-29 22:53 - 00000000 ____D C:\Program Files (x86)\AIDA64 Extreme
2017-03-25 16:19 - 2016-12-22 09:14 - 00000000 ____D C:\Users\Veronika\AppData\LocalLow\Mozilla
2017-03-25 15:34 - 2014-07-30 10:48 - 00000000 ____D C:\Users\Veronika
2017-03-25 15:33 - 2014-05-16 09:02 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2017-03-25 15:31 - 2014-07-30 16:08 - 00000000 ____D C:\Users\Veronika\AppData\Roaming\WildTangent
2017-03-25 15:31 - 2014-05-16 09:03 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-03-25 15:31 - 2014-05-16 09:02 - 00000000 ____D C:\ProgramData\WildTangent
2017-03-25 15:23 - 2014-07-30 16:11 - 00000000 ____D C:\Users\Veronika\AppData\Local\Acer
2017-03-25 15:23 - 2014-07-30 09:59 - 00000000 ____D C:\ProgramData\OEM
2017-03-25 15:23 - 2014-07-30 09:54 - 00000000 ____D C:\Program Files\Acer
2017-03-25 15:23 - 2014-05-16 09:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2017-03-25 15:22 - 2014-07-30 10:51 - 00000000 ____D C:\Users\Veronika\AppData\Local\clear.fi
2017-03-25 15:21 - 2014-05-16 09:02 - 00000000 ____D C:\ProgramData\Acer
2017-03-25 15:21 - 2014-05-16 09:02 - 00000000 ____D C:\Program Files (x86)\Acer
2017-03-25 15:19 - 2014-07-30 16:12 - 00000000 ____D C:\Users\Public\OEM
2017-03-25 15:10 - 2014-05-16 09:02 - 00004402 _____ C:\Windows\System32\Tasks\ALUAgent
2017-03-25 15:10 - 2014-05-16 09:02 - 00003628 _____ C:\Windows\System32\Tasks\ALU
2017-03-25 15:00 - 2015-05-03 14:03 - 00000000 ____D C:\Users\Public\Documents\Richie service
2017-03-25 14:56 - 2015-04-30 22:45 - 00000000 ____D C:\Program Files (x86)\Sysinternals utilities
2017-03-25 14:49 - 2015-04-30 22:04 - 00000000 ____D C:\ProgramData\AVAST Software
2017-03-25 14:15 - 2015-04-30 19:21 - 00000000 ____D C:\Users\Veronika\AppData\Roaming\vlc
2017-03-25 14:14 - 2016-12-29 17:09 - 00000000 ____D C:\Windows\Minidump
2017-03-25 14:14 - 2015-04-30 21:53 - 00000000 ___DC C:\Users\Veronika\AppData\Local\MigWiz
2017-03-25 14:09 - 2015-04-29 22:22 - 00000000 ____D C:\Users\Veronika\AppData\Roaming\CyberLink
2017-03-25 14:09 - 2014-07-30 09:59 - 00000000 ____D C:\ProgramData\CyberLink
2017-03-25 14:05 - 2015-04-29 22:22 - 00000000 ____D C:\Users\Veronika\Documents\CyberLink
2017-03-25 14:05 - 2015-04-29 22:21 - 00000000 ____D C:\Users\Veronika\AppData\Local\CyberLink
2017-03-25 14:05 - 2014-07-30 09:34 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-03-24 21:47 - 2017-01-12 13:51 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-03-24 21:16 - 2015-05-19 09:14 - 00000000 ____D C:\Users\Veronika\Downloads\PopcornTime
2017-03-24 21:15 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2017-03-24 21:01 - 2015-10-09 21:57 - 02413568 ___SH C:\Users\Veronika\Downloads\Thumbs.db
2017-03-24 20:23 - 2016-09-02 22:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-24 20:11 - 2015-10-01 12:24 - 00000000 ____D C:\ProgramData\Nero
2017-03-24 20:05 - 2015-09-26 21:00 - 00000000 ____D C:\ProgramData\Norton
2017-03-24 20:01 - 2015-04-30 22:12 - 00000000 ___HD C:\Program Files (x86)\InstallJammer Registry
2017-03-24 19:39 - 2015-06-26 08:19 - 00004478 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-03-22 16:55 - 2016-03-07 12:55 - 00019466 _____ C:\Users\Veronika\Desktop\SOCHAŘSKÁ DÍLNA - SIMONA KRAUSOVÁ.xlsx
2017-03-21 23:56 - 2017-01-05 10:43 - 00000000 ____D C:\Users\Veronika\Desktop\SAM
2017-03-21 17:06 - 2015-05-03 15:34 - 00548928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2017-03-21 14:02 - 2016-03-07 12:55 - 00015077 _____ C:\Users\Veronika\Desktop\GRAFICKÁ DÍLNA - JULIANA CHOMOVÁ.xlsx
2017-03-21 11:54 - 2015-06-19 20:52 - 00037235 _____ C:\Users\Veronika\Desktop\Klasicka olejomalba rozvrh.xlsx
2017-03-20 12:06 - 2016-01-29 23:07 - 00000000 ____D C:\Users\Veronika\Desktop\BOXTEL - WORKSHOPS AND COURSES
2017-03-19 22:21 - 2015-07-18 23:26 - 00024985 _____ C:\Users\Veronika\Desktop\OD tužky ke štětci - Páteční program.xlsx
2017-03-17 00:05 - 2016-01-13 13:41 - 00015616 _____ C:\Users\Veronika\Desktop\MALBA, aneb od Vodovek k Oleji - Lucka N..xlsx
2017-03-16 10:56 - 2015-05-03 14:07 - 00000000 ____D C:\Users\Veronika\Desktop\FILM
2017-03-15 21:50 - 2016-03-14 13:25 - 00000000 ____D C:\Users\Veronika\Desktop\PORTRÉT
2017-03-15 18:24 - 2015-04-29 22:19 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-03-15 18:24 - 2015-04-29 22:19 - 00000000 ____D C:\ProgramData\Skype
2017-03-15 18:23 - 2015-09-26 21:01 - 00000000 ____D C:\ProgramData\Package Cache
2017-03-15 12:07 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2017-03-15 10:50 - 2015-04-29 23:56 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-03-15 09:59 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-14 17:12 - 2015-04-29 23:40 - 00004372 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-03-14 17:12 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-03-14 17:12 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\Macromed
2017-03-14 17:06 - 2015-05-03 15:34 - 00337592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2017-03-14 17:05 - 2015-05-03 15:34 - 00993608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-03-14 17:05 - 2015-05-03 15:34 - 00547904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.148950758123404
2017-03-14 17:05 - 2015-05-03 15:34 - 00337592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys.148950758256206
2017-03-14 17:05 - 2015-05-03 15:34 - 00162528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-03-14 17:05 - 2015-05-03 15:34 - 00126600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-03-14 17:05 - 2015-05-03 15:34 - 00100640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-03-14 17:05 - 2015-05-03 15:34 - 00075704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-03-14 17:05 - 2015-05-03 15:34 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-03-10 09:24 - 2017-01-12 13:51 - 00000000 ____D C:\Users\Veronika\AppData\Local\Dropbox
2017-03-09 15:21 - 2016-09-09 20:45 - 00016285 _____ C:\Users\Veronika\Desktop\Rozvrhy pro tisk.xlsx
2017-03-04 18:07 - 2016-05-23 11:29 - 00000000 ____D C:\Users\Veronika\AppData\Roaming\dvdcss
2017-03-02 11:33 - 2015-07-17 09:55 - 00021849 _____ C:\Users\Veronika\Desktop\ČT černobílá kresba - ateliér montmartre.xlsx

==================== Files in the root of some directories =======

2015-05-03 13:52 - 2017-03-25 16:45 - 0007637 _____ () C:\Users\Veronika\AppData\Local\resmon.resmoncfg
2014-07-30 09:35 - 2014-07-30 09:35 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
2017-03-25 15:11 - 2013-12-25 21:34 - 3832576 _____ (Acer Incorporated) C:\Users\Veronika\AppData\Local\Temp\AcerDocsSetup.exe
2017-03-25 15:21 - 2014-01-17 02:09 - 1328384 _____ (Acer Incorporated) C:\Users\Veronika\AppData\Local\Temp\AcerPortalSetup.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-03-25 17:03

==================== End of FRST.txt ============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKU\S-1-5-21-1388351895-3938886245-2789613742-1002\...\MountPoints2: {41d700c8-56b9-11e5-826b-f8a963dcd16a} - "C:\Windows\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL F:\Common_Handset_USB_Driver.exe
HKU\S-1-5-21-1388351895-3938886245-2789613742-1002\...\MountPoints2: {5ee63059-01b4-11e7-82a2-f8a963dcd16a} - "E:\autorun.exe"
HKU\S-1-5-21-1388351895-3938886245-2789613742-1002\...\MountPoints2: {6303830c-a9d5-11e6-82a0-f8a963dcd16a} - "C:\Windows\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL E:\Common_Handset_USB_Driver.exe
HKU\S-1-5-21-1388351895-3938886245-2789613742-1002\...\MountPoints2: {ea5e9d2e-5657-11e6-8298-f8a963dcd16a} - "E:\autorun.exe"
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1388351895-3938886245-2789613742-1002 -> DefaultScope {EF04F02D-93F0-437D-8062-8E0B9E9D289F} URL =
SearchScopes: HKU\S-1-5-21-1388351895-3938886245-2789613742-1002 -> {EF04F02D-93F0-437D-8062-8E0B9E9D289F} URL =
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - No File
C:\ProgramData\DP45977C.lfl

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.