Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-11-2016
Ran by Petra (administrator) on ACER (15-11-2016 22:30:57)
Running from C:\Users\Petra\Desktop
Loaded Profiles: Petra (Available Profiles: Petra)
Platform: Microsoft Windows 8.1 (Update) (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(Acer Incorporated) C:\Program Files\Acer\AOP Framework\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\AP\RtkNGUI.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Spotify Ltd) C:\Program Files\Spotify\Data\SpotifyWebHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe
(Acer Incorporated) C:\Program Files\Acer\AOP Framework\BackgroundAgent.exe
(Acer Cloud Technology) C:\Program Files\Acer\AOP Framework\acer\ccd.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(TODO: <Company name>) C:\Program Files\Acer\User Experience Improvement Program\Plugin\AppMonitor\AppMonitorPlugIn.exe
Failed to access process -> AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\windows\system32\DptfPolicyLpmServiceHelper.exe [73216 2013-12-30] (Intel Corporation)
HKLM\...\Run: [RtkNGUI] => C:\Program Files\Realtek\Audio\AP\RtkNGUI.exe [2912256 2014-05-26] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9044392 2016-11-10] (AVAST Software)
HKU\S-1-5-21-3749294601-1816942316-3229434055-1001\...\Run: [Spotify Web Helper] => C:\Program Files\Spotify\Data\SpotifyWebHelper.exe [1168896 2014-05-26] (Spotify Ltd)
HKU\S-1-5-21-3749294601-1816942316-3229434055-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6675672 2016-04-15] (Piriform Ltd)
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [292824 2014-03-08] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-09-18] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{B80FEE77-AD8B-49DA-A42B-9483D07E992C}: [NameServer] 77.234.40.79
Tcpip\..\Interfaces\{C18DF28A-F6FE-4AC2-9E93-E8A21D1AC06A}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-3749294601-1816942316-3229434055-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://
www.google.cz/
HKU\S-1-5-21-3749294601-1816942316-3229434055-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3749294601-1816942316-3229434055-1001 -> DefaultScope {03896881-612B-4B78-AC2B-2D9882506CF3} URL =
SearchScopes: HKU\S-1-5-21-3749294601-1816942316-3229434055-1001 -> {03896881-612B-4B78-AC2B-2D9882506CF3} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-25] (AVAST Software)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [
wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-18]
FF HKLM\...\Firefox\Extensions: [
sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-18]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-08-04] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR StartupUrls: Profile 1 -> "hxxp://
www.seznam.cz/","hxxps://www.google.cz/"
CHR Profile: C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default [2016-11-15]
CHR Extension: (Docs) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-14]
CHR Extension: (Disk Google) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-14]
CHR Extension: (YouTube) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-14]
CHR Extension: (Gmail) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-14]
CHR Profile: C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Profile 1 [2016-11-15]
CHR Extension: (Dokumenty Google) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-21]
CHR Extension: (Disk Google) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-05]
CHR Extension: (Vyhledávání Google) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Avast Passwords) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2016-11-11]
CHR Extension: (Avast SafePrice) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-11-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-19]
CHR Extension: (Avast Online Security) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-11-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03]
CHR Extension: (Gmail) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-06]
CHR Extension: (Chrome Media Router) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-23]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-18] (AVAST Software)
S2 BcmBtRSupport; C:\windows\system32\BtwRSupportService.exe [1677016 2013-11-13] (Broadcom Corporation.)
R2 CCDMonitorService; C:\Program Files\Acer\AOP Framework\CCDMonitorService.exe [2267352 2016-08-15] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [2039536 2016-10-03] (Microsoft Corporation)
S3 cphs; C:\windows\system32\IntelCpHeciSvc.exe [279000 2014-01-06] (Intel Corporation)
R2 DptfParticipantProcessorService; C:\windows\system32\DptfParticipantProcessorService.exe [75264 2013-12-30] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\windows\system32\DptfPolicyCriticalService.exe [89088 2013-12-30] (Intel Corporation)
R2 DptfPolicyLpmService; C:\windows\system32\DptfPolicyLpmService.exe [82432 2013-12-30] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [456936 2014-05-22] (Acer Incorporate)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [450792 2014-05-26] (Acer Incorporate)
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [442088 2014-05-26] (Acer Incorporate)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5448976 2015-04-17] (TeamViewer GmbH)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [238848 2014-09-09] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [288128 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22192 2014-09-22] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswHwid; C:\windows\system32\drivers\aswHwid.sys [34008 2016-09-18] (AVAST Software)
R1 aswKbd; C:\windows\system32\drivers\aswKbd.sys [35096 2016-09-18] (AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [92256 2016-09-18] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [91232 2016-09-18] (AVAST Software)
R0 aswRvrt; C:\windows\system32\Drivers\aswRvrt.sys [60424 2016-09-18] (AVAST Software)
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [735488 2016-09-18] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [433768 2016-09-25] (AVAST Software)
R2 aswStm; C:\windows\system32\drivers\aswStm.sys [118664 2016-09-18] (AVAST Software)
S3 aswTap; C:\windows\system32\DRIVERS\aswTap.sys [38984 2016-04-30] (The OpenVPN Project)
R0 aswVmm; C:\windows\system32\Drivers\aswVmm.sys [224752 2016-10-13] (AVAST Software)
S3 AX88179; C:\windows\system32\DRIVERS\ax88179_178a.sys [60816 2013-07-08] (ASIX Electronics Corp.)
R3 BCMSDH43XX; C:\windows\system32\DRIVERS\bcmdhd63.sys [304344 2013-10-03] (Broadcom Corp)
R3 BthMini; C:\windows\System32\Drivers\BTHMINI.sys [24064 2013-08-22] (Microsoft Corporation)
S3 btwampfl; C:\windows\System32\drivers\btwampfl.sys [145112 2014-02-03] (Broadcom Corporation.)
R3 BtwSerialBus; C:\windows\System32\drivers\BtwSerialBus.sys [130776 2013-09-09] (Broadcom Corporation.)
R3 camera; C:\windows\system32\DRIVERS\camera.sys [401408 2013-12-30] (Intel Corporation)
R3 CM3218x; C:\windows\system32\DRIVERS\WUDFRd.sys [188416 2014-05-31] (Microsoft Corporation)
R3 CPLMACPI; C:\windows\system32\DRIVERS\CPLMACPI.sys [16488 2013-09-07] (Capella Microsystems, Inc.)
S3 DptfDevAmbient; C:\windows\System32\drivers\DptfDevAmbient.sys [36352 2013-12-30] (Intel Corporation)
S3 DptfDevDBPT; C:\windows\System32\drivers\DptfDevPower.sys [17408 2013-12-30] (Intel Corporation)
R3 DptfDevDisplay; C:\windows\System32\drivers\DptfDevDisplay.sys [19968 2013-12-30] (Intel Corporation)
R3 DptfDevGen; C:\windows\System32\drivers\DptfDevGen.sys [28160 2013-12-30] (Intel Corporation)
R3 DptfDevProc; C:\windows\System32\drivers\DptfDevProc.sys [72704 2013-12-30] (Intel Corporation)
R3 DptfManager; C:\windows\System32\drivers\DptfManager.sys [176640 2013-12-30] (Intel Corporation)
R3 GPIO; C:\windows\System32\drivers\iaiogpioe.sys [23552 2013-12-30] (Intel Corporation)
R3 GpioVirtual; C:\windows\System32\drivers\iaiogpiovirtual.sys [16896 2013-12-30] (Intel Corporation)
R3 iaioi2c; C:\windows\System32\drivers\iaioi2ce.sys [58368 2013-12-30] (Intel Corporation)
R3 iaiospi; C:\windows\System32\drivers\iaiospi.sys [53760 2013-12-30] (Intel Corporation)
R3 iaiouart; C:\windows\System32\drivers\iaiouart.sys [87552 2013-12-30] (Intel Corporation)
S3 intaud_WaveExtensible; C:\windows\system32\drivers\intelaud.sys [32664 2013-12-27] (Intel Corporation)
R3 IntelSST; C:\windows\system32\drivers\isstrtc.sys [254464 2013-12-30] (Intel(R) Corporation)
R3 INVN_MotionApps; C:\windows\system32\DRIVERS\WUDFRd.sys [188416 2014-05-31] (Microsoft Corporation)
R3 iwdbus; C:\windows\System32\drivers\iwdbus.sys [23448 2013-12-27] (Intel Corporation)
S0 Lm3554; C:\windows\System32\drivers\lm3554.sys [25088 2013-12-30] (Intel Corporation)
R3 LMDriver; C:\windows\System32\drivers\LMDriver.sys [18232 2014-05-26] (Acer Incorporated)
R0 MBI; C:\windows\System32\drivers\MBI.sys [21456 2013-12-30] (Intel Corporation)
R3 ov2722; C:\windows\System32\drivers\ov2722.sys [43520 2013-12-30] (Intel Corporation)
R3 PMIC; C:\windows\System32\drivers\PMIC.sys [48128 2013-12-30] (Intel Corporation)
R3 RadioShim; C:\windows\System32\drivers\RadioShim.sys [13112 2014-05-26] (Acer Incorporated)
R3 rtii2sac; C:\windows\system32\DRIVERS\rtii2sac.sys [167640 2014-02-11] (Realtek Semiconductor Corp.)
R3 SensorsServiceDriver; C:\windows\system32\DRIVERS\WUDFRd.sys [188416 2014-05-31] (Microsoft Corporation)
R3 SynRMIHID; C:\windows\System32\drivers\SynRMIHID.sys [36080 2014-02-19] (Synaptics Incorporated)
R3 TXEI; C:\windows\System32\drivers\TXEI.sys [76304 2013-12-30] (Intel Corporation)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [29688 2014-09-22] (Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [219968 2014-09-22] (Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [84800 2014-09-22] (Microsoft Corporation)
R3 WUDFSensorLP; C:\windows\system32\DRIVERS\WUDFRd.sys [188416 2014-05-31] (Microsoft Corporation)
R3 WUDFWpdMtp; C:\windows\system32\DRIVERS\WUDFRd.sys [188416 2014-05-31] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-11-15 22:30 - 2016-11-15 22:31 - 00016666 _____ C:\Users\Petra\Desktop\FRST.txt
2016-11-15 22:30 - 2016-11-15 21:07 - 01760768 _____ (Farbar) C:\Users\Petra\Desktop\FRST.exe
2016-11-15 22:06 - 2016-11-15 22:11 - 00000000 ____D C:\AdwCleaner
2016-11-15 22:06 - 2016-11-15 22:04 - 03910208 _____ C:\Users\Petra\Desktop\adwcleaner_6.030.exe
2016-11-15 21:09 - 2016-11-15 22:30 - 00000000 ____D C:\FRST
2016-11-14 19:52 - 2016-11-15 19:15 - 00000000 ____D C:\Users\Petra\Desktop\to ostatní
2016-11-14 19:51 - 2016-11-15 19:15 - 00000000 ____D C:\Users\Petra\Desktop\Přednášky
2016-11-14 19:35 - 2016-11-14 19:35 - 00002385 _____ C:\Users\Petra\Desktop\Marťan - Chrome.lnk
2016-11-10 10:30 - 2016-11-10 10:30 - 01059532 _____ C:\Users\Petra\Downloads\JO1493_20161101-new-nlh-brief-first-officers_04-Nov-2016.pdf
2016-11-10 10:25 - 2016-11-10 10:26 - 01049681 _____ C:\Users\Petra\Downloads\Guide to Webcruiter Norwegian Boeing 787 application.pdf
2016-11-08 22:48 - 2016-11-02 21:48 - 00315224 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2016-11-08 22:48 - 2016-11-02 15:00 - 00035840 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2016-11-08 22:48 - 2016-10-27 16:05 - 20304896 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-11-08 22:48 - 2016-10-27 15:16 - 00689664 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-11-08 22:48 - 2016-10-25 15:09 - 03475456 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-11-08 22:48 - 2016-10-22 18:35 - 00498688 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-11-08 22:48 - 2016-10-22 18:34 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2016-11-08 22:48 - 2016-10-22 18:27 - 02287616 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-11-08 22:48 - 2016-10-22 18:21 - 00663552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-11-08 22:48 - 2016-10-22 17:58 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-11-08 22:48 - 2016-10-22 17:57 - 00128000 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2016-11-08 22:48 - 2016-10-22 17:56 - 00279040 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-11-08 22:48 - 2016-10-22 17:51 - 00880640 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2016-11-08 22:48 - 2016-10-22 17:46 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-11-08 22:48 - 2016-10-22 17:45 - 00693248 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-11-08 22:48 - 2016-10-22 17:45 - 00330752 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-11-08 22:48 - 2016-10-22 17:44 - 04608000 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-11-08 22:48 - 2016-10-22 17:43 - 02055680 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-11-08 22:48 - 2016-10-22 17:30 - 13654016 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-11-08 22:48 - 2016-10-22 17:12 - 02444800 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-11-08 22:48 - 2016-10-22 17:09 - 01312256 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-11-08 22:48 - 2016-10-22 17:09 - 00710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-11-08 22:48 - 2016-10-13 20:06 - 01124376 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2016-11-08 22:48 - 2016-10-12 09:05 - 00279384 _____ (Microsoft Corporation) C:\windows\system32\Drivers\clfs.sys
2016-11-08 22:48 - 2016-10-11 21:21 - 00399776 _____ (Microsoft Corporation) C:\windows\system32\mfsvr.dll
2016-11-08 22:48 - 2016-10-11 18:30 - 00247296 _____ (Microsoft Corporation) C:\windows\system32\microsoft-windows-system-events.dll
2016-11-08 22:48 - 2016-10-11 17:55 - 00226816 _____ (Microsoft Corporation) C:\windows\system32\input.dll
2016-11-08 22:48 - 2016-10-10 22:17 - 00333656 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-11-08 22:48 - 2016-10-10 00:03 - 00410968 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vhdmp.sys
2016-11-08 22:48 - 2016-10-08 22:49 - 02410496 _____ (Microsoft Corporation) C:\windows\system32\MSVidCtl.dll
2016-11-08 22:48 - 2016-10-08 22:27 - 01117184 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-11-08 22:48 - 2016-10-08 22:21 - 00254464 _____ (Microsoft Corporation) C:\windows\system32\UIAnimation.dll
2016-11-08 22:48 - 2016-10-08 02:34 - 01212248 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2016-11-08 22:48 - 2016-10-04 21:21 - 00079360 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bowser.sys
2016-11-08 22:48 - 2016-10-04 21:08 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\olepro32.dll
2016-11-08 22:48 - 2016-10-04 21:08 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\asycfilt.dll
2016-11-08 22:48 - 2016-09-30 14:39 - 01185792 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2016-11-08 22:48 - 2016-09-09 23:18 - 00239960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2016-11-08 22:48 - 2016-09-09 15:09 - 00203776 _____ (Microsoft Corporation) C:\windows\system32\DafPrintProvider.dll
2016-11-08 22:48 - 2016-09-09 15:03 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
2016-11-08 22:48 - 2016-09-09 15:02 - 00067584 _____ (Microsoft Corporation) C:\windows\system32\iscsiwmi.dll
2016-11-08 22:48 - 2016-09-09 14:38 - 00446124 _____ C:\windows\system32\ApnDatabase.xml
2016-11-08 22:48 - 2016-09-03 18:21 - 00055296 _____ (Microsoft Corporation) C:\windows\system32\iscsidsc.dll
2016-11-08 22:48 - 2016-09-03 18:10 - 00116224 _____ (Microsoft Corporation) C:\windows\system32\iscsiexe.dll
2016-11-08 22:48 - 2016-09-03 16:58 - 00397824 _____ (Microsoft Corporation) C:\windows\system32\winspool.drv
2016-11-08 22:48 - 2016-09-03 16:53 - 00878080 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2016-11-08 22:48 - 2016-09-02 15:05 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\pdh.dll
2016-11-08 22:48 - 2016-09-01 15:31 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\SessEnv.dll
2016-11-08 22:48 - 2016-09-01 15:30 - 00315904 _____ (Microsoft Corporation) C:\windows\system32\vmrdvcore.dll
2016-11-08 22:48 - 2016-08-30 15:05 - 00078336 _____ (Microsoft Corporation) C:\windows\system32\dab.dll
2016-11-08 22:48 - 2016-08-30 03:18 - 00050688 _____ (Microsoft Corporation) C:\windows\system32\xolehlp.dll
2016-11-08 22:48 - 2016-08-30 03:03 - 00721920 _____ (Microsoft Corporation) C:\windows\system32\msdtcprx.dll
2016-11-08 22:48 - 2015-07-22 15:15 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll
2016-11-08 22:48 - 2014-10-29 02:58 - 00095744 _____ (Microsoft Corporation) C:\windows\system32\iscsiwmiv2.dll
2016-11-08 22:48 - 2014-10-29 02:58 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\iscsied.dll
2016-11-08 22:48 - 2014-10-29 02:53 - 00027136 _____ (Microsoft Corporation) C:\windows\system32\iscsium.dll
2016-11-08 22:48 - 2014-10-29 02:48 - 00147456 _____ (Microsoft Corporation) C:\windows\system32\iscsicli.exe
2016-11-08 22:48 - 2014-10-29 02:20 - 00067584 _____ (Microsoft Corporation) C:\windows\system32\rdvvmtransport.dll
2016-11-06 13:38 - 2016-11-06 13:38 - 00289280 _____ C:\Users\Petra\Downloads\Test_z_fyziky_–_telesa_a_latky.ppt
2016-11-01 16:52 - 2014-09-22 17:59 - 01442304 _____ C:\Users\Petra\Desktop\PRVNÍ POMOC.ppt
2016-10-23 16:27 - 2016-10-23 16:28 - 00190688 _____ C:\Users\Petra\Downloads\Sedm mytu o ceskych sestrach (2).pdf
2016-10-18 13:13 - 2016-10-18 13:13 - 00881163 _____ C:\Users\Petra\Downloads\Cenik_GLA_4_2016.pdf
2016-10-18 13:04 - 2016-10-18 13:05 - 01057873 _____ C:\Users\Petra\Downloads\Cenik_C_sedan_4_2016.pdf
2016-10-18 12:49 - 2016-10-18 12:49 - 00891121 _____ C:\Users\Petra\Downloads\Cenik_CLA-kupe_4_2016_fl.pdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-11-15 22:17 - 2014-05-25 21:47 - 00741472 _____ C:\windows\system32\perfh005.dat
2016-11-15 22:17 - 2014-05-25 21:47 - 00152460 _____ C:\windows\system32\perfc005.dat
2016-11-15 22:17 - 2014-04-10 02:58 - 01745984 _____ C:\windows\system32\PerfStringBackup.INI
2016-11-15 22:17 - 2013-08-22 07:21 - 00000000 ____D C:\windows\inf
2016-11-15 22:12 - 2014-08-05 11:02 - 00000954 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-15 22:12 - 2013-08-22 08:23 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-11-15 22:12 - 2013-08-22 07:13 - 00262144 ___SH C:\windows\system32\config\BBI
2016-11-15 21:42 - 2016-04-24 10:36 - 00000000 ____D C:\Users\Petra\Desktop\Mates složka
2016-11-15 19:47 - 2013-08-22 09:17 - 00000000 ____D C:\windows\system32\NDF
2016-11-15 19:29 - 2014-08-06 09:39 - 00065024 ___SH C:\Users\Petra\Downloads\Thumbs.db
2016-11-15 19:25 - 2014-04-10 04:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-11-15 19:15 - 2014-08-05 17:04 - 00293888 ___SH C:\Users\Petra\Desktop\Thumbs.db
2016-11-14 19:37 - 2015-03-04 16:09 - 00000000 ____D C:\windows\Minidump
2016-11-14 19:37 - 2014-09-12 16:27 - 00000000 ____D C:\Users\Petra\AppData\Local\CrashDumps
2016-11-10 09:03 - 2013-08-22 08:22 - 00370416 _____ C:\windows\system32\FNTCACHE.DAT
2016-11-09 23:58 - 2014-11-02 19:40 - 00000000 ____D C:\windows\system32\MRT
2016-11-09 23:58 - 2013-08-22 09:17 - 00000000 ___RD C:\windows\ToastData
2016-11-09 23:52 - 2014-11-02 19:40 - 138444440 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-11-09 22:56 - 2013-08-22 09:05 - 00000000 ____D C:\windows\CbsTemp
2016-11-06 14:14 - 2014-07-23 17:18 - 00000000 ____D C:\Users\Petra\AppData\Local\Packages
2016-11-05 11:31 - 2015-11-17 12:45 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-11-03 12:51 - 2014-08-05 11:03 - 00002165 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-03 12:51 - 2014-08-05 11:03 - 00002153 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-31 20:03 - 2014-08-05 11:02 - 00000000 ____D C:\Users\Petra\AppData\Local\Google
2016-10-24 22:54 - 2014-04-10 03:38 - 00828408 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2016-10-24 22:54 - 2014-04-10 03:38 - 00176632 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2016-10-20 15:01 - 2015-04-21 13:56 - 00000000 ____D C:\Program Files\TeamViewer
2016-10-19 06:48 - 2013-08-22 09:17 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-10-19 06:47 - 2014-08-04 17:36 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-10-16 12:06 - 2015-02-25 20:44 - 00000000 ____D C:\windows\system32\appraiser
2016-10-16 12:06 - 2014-11-02 20:16 - 00000000 ___SD C:\windows\system32\CompatTel
2016-10-16 11:07 - 2013-08-22 09:17 - 00000000 ____D C:\windows\AppReadiness
==================== Files in the root of some directories =======
2014-08-16 15:35 - 2014-08-16 15:35 - 0000000 _____ () C:\Users\Petra\AppData\Local\{1CCB37C9-985D-479D-BE2D-A96BB5FC60D8}
2014-08-17 16:34 - 2014-08-17 16:34 - 0000000 _____ () C:\Users\Petra\AppData\Local\{4CB8310E-60A2-4C2C-83B1-FA5F4A61D517}
2014-09-21 18:35 - 2014-09-21 18:35 - 0000000 _____ () C:\Users\Petra\AppData\Local\{9F6C9257-8403-41FE-A9B0-A242BAD6161D}
2014-08-19 15:38 - 2014-08-19 15:38 - 0000000 _____ () C:\Users\Petra\AppData\Local\{AA2AD641-4E25-4D11-B252-E4DB504BD3B6}
2014-09-05 13:10 - 2014-09-05 13:10 - 0000000 _____ () C:\Users\Petra\AppData\Local\{B30B585D-9F1C-4D77-A528-1561B593E1B9}
Some files in TEMP:
====================
C:\Users\Petra\AppData\Local\Temp\libeay32.dll
C:\Users\Petra\AppData\Local\Temp\msvcr120.dll
C:\Users\Petra\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-10-31 20:55
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 12-11-2016
Ran by Petra (15-11-2016 22:31:49)
Running from C:\Users\Petra\Desktop
Microsoft Windows 8.1 (Update) (X86) (2014-07-23 16:18:13)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3749294601-1816942316-3229434055-500 - Administrator - Disabled)
Guest (S-1-5-21-3749294601-1816942316-3229434055-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3749294601-1816942316-3229434055-1003 - Limited - Enabled)
Petra (S-1-5-21-3749294601-1816942316-3229434055-1001 - Administrator - Enabled) => C:\Users\Petra
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
abDocs (HKLM\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.04.3001 - Acer Incorporated)
abMedia (HKLM\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.05.2004.3 - Acer Incorporated)
abPhoto (HKLM\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.08.2003.3 - Acer Incorporated)
Acer Docs Office AddIn (HKLM\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.01.2001 - Acer)
Acer Explorer Agent (HKLM\...\{20018169-434E-4242-BC65-EB21CF091D54}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8106 - Acer Incorporated)
Acer Portal (HKLM\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.04.2007 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3012 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{D6B57AF2-2406-49E4-B219-EAA8B0B9F3CF}) (Version: 6.00.8106 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.02.2003 - Acer Incorporated)
Acer UEIP App Monitor Plugin (HKLM\...\{D6CCDCA8-31C1-4A63-AED0-27A4CD43F332}) (Version: 1.02.3009 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{F89EF116-C406-4436-AC12-2FEF6A6F117C}) (Version: 1.02.3009 - Acer Incorporated)
Acer Video Player (HKLM\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2001.4 - Acer Incorporated)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
AOP Framework (HKLM\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.22.2000.2 - Acer Incorporated)
Avast Free Antivirus (HKLM\...\Avast) (Version: 12.3.2280 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.17 - Piriform)
Google Chrome (HKLM\...\Google Chrome) (Version: 54.0.2840.87 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.31.5 - Google Inc.) Hidden
Identity Card (HKLM\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8101 - Acer Incorporated)
Live Updater (HKLM\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8102 - Acer Incorporated)
Microsoft Office 2013 pro domácnosti - cs-cz (HKLM\...\HomeStudentRetail - cs-cz) (Version: 15.0.4867.1003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3749294601-1816942316-3229434055-1001\...\OneDriveSetup.exe) (Version: 17.3.6517.0809 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4867.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4867.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4867.1003 - Microsoft Corporation) Hidden
Realtek I2S Audio (HKLM\...\{89A448AA-3301-46AA-AFC3-34F2D7C670E8}) (Version: 0.7 - Realtek Semiconductor Corp.)
SafeZone Stable 1.51.2220.62 (Version: 1.51.2220.62 - Avast Software) Hidden
Spotify (HKLM\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
TeamViewer 10 (HKLM\...\TeamViewer) (Version: 10.0.41459 - TeamViewer)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3749294601-1816942316-3229434055-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Petra\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuthLib.dll ()
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1C350881-586E-4543-A4CD-25A8A3FCAFB3} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-05-26] (Acer Incorporate)
Task: {3568C7B4-A8DD-43FC-9E82-F9B0A5F26B7E} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-05-26] (Acer Incorporate)
Task: {3929FD41-45C3-4059-AF84-31F973D6F061} - System32\Tasks\ALUAgent => C:\Program Files\Acer\Live Updater\liveupdater_agent.exe [2016-07-06] ()
Task: {394D331F-CF05-4B07-AD2A-3F7E9992A008} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2016-11-09] (Microsoft Corporation)
Task: {40EB3AEB-136A-4593-ADD9-8CF8D1B53F60} - System32\Tasks\BacKGroundAgent => C:\Program Files\Acer\AOP Framework\BackgroundAgent.exe [2016-08-15] (Acer Incorporated)
Task: {4F5998F1-78F7-49A0-8B38-F48964805C5C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {5588BF4D-3783-43FE-8B8D-AF9EA199658E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-04-15] (Piriform Ltd)
Task: {558F4524-5ADF-46DB-9B78-A19D17A4C2A6} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-05-26] (Acer Incorporated)
Task: {6F77E02D-B3A1-4C5B-A728-F13FEBE8942D} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-02] (AVAST Software)
Task: {8E9A6D10-B676-479D-9D05-4C26F297041C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {A4A2BCF4-366A-4FB0-AAF6-E549EB839B8D} - System32\Tasks\AcerCloud => C:\Program Files\Acer\Acer Portal\acpanel_win.exe [2014-05-26] (Acer Incorporated)
Task: {AF852F9F-3332-46C7-8177-D858A1A50110} - System32\Tasks\SafeZone scheduled Autoupdate 1462442379 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)
Task: {C26FDF15-1769-4E27-93B3-E250AA8894B4} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2016-10-03] (Microsoft Corporation)
Task: {C6803E4E-8DD0-4E73-BA0D-88FD1B0A3092} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-09-18] (AVAST Software)
Task: {DC2AEB20-5B0A-4E74-A9BF-3718481FAFF6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {E30C5CF4-EED6-45C1-B042-A8CD065383E8} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2016-10-03] (Microsoft Corporation)
Task: {E9DB00D6-A5DA-4FF9-82F0-D6F6644FD0EB} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-05-22] (Acer Incorporate)
Task: {F4FCF11A-9091-4B47-855C-6FE56C1578E5} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-01-10] (TODO: <Company name>)
Task: {FA2AF1D2-62D9-49E8-B2F0-8EED43CEAB45} - System32\Tasks\ALU => C:\Program Files\Acer\Live Updater\updater.exe [2016-07-06] ()
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Petra\Desktop\Marťan - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
==================== Loaded Modules (Whitelisted) ==============
2016-09-18 20:12 - 2016-09-18 20:12 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-11-13 17:14 - 2016-11-13 17:14 - 03130832 _____ () C:\Program Files\AVAST Software\Avast\defs\16111300\algo.dll
2016-09-18 20:13 - 2016-09-18 20:13 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2014-08-04 17:36 - 2016-05-24 07:21 - 00089792 _____ () C:\Program Files\Microsoft Office 15\ClientX86\ApiClient.dll
2016-06-24 13:30 - 2016-06-24 13:30 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-06-30 20:26 - 2014-06-30 20:26 - 00203008 _____ () C:\Program Files\Acer\abMedia\curllib.dll
2014-06-30 20:26 - 2014-06-30 20:26 - 00630528 _____ () C:\Program Files\Acer\abMedia\tag.dll
2014-06-30 20:26 - 2014-06-30 20:26 - 00654552 _____ () C:\Program Files\Acer\abMedia\sqlite3.dll
2014-06-30 20:26 - 2014-06-30 20:26 - 00119552 _____ () C:\Program Files\Acer\abMedia\OpenLDAP.dll
2016-09-04 19:17 - 2016-09-04 19:17 - 00015064 _____ () C:\windows\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2016-08-15 13:36 - 2016-08-15 13:36 - 00013016 _____ () C:\Program Files\Acer\AOP Framework\ServiceInterface.dll
2013-12-25 21:34 - 2014-05-26 00:02 - 00279296 _____ () C:\Program Files\Acer\AcerCloud Docs\libcurl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaiospi.sys => ""="Driver"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 07:13 - 2013-08-22 07:13 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3749294601-1816942316-3229434055-1001\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\acer01.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{1285EBFA-2CF9-43BF-9436-3976E9F36DDA}] => (Allow) C:\Program Files\Spotify\spotify.exe
FirewallRules: [{F8101FE3-92F6-4944-8860-74114A5F4869}] => (Allow) C:\Program Files\Spotify\spotify.exe
FirewallRules: [{D892648C-C70C-4294-A71A-E24702A9D959}] => (Allow) C:\Program Files\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{8ED799AF-DCEE-4A5E-88FB-676581FDCD9B}] => (Allow) C:\Program Files\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{5E3D6926-AD60-4B55-BEEA-02F5BAA50AB0}] => (Allow) C:\Program Files\Acer\Acer Portal\ccd.exe
FirewallRules: [{54BE0FB7-887F-4E24-9859-5CC20A2181E6}] => (Allow) C:\Program Files\Acer\Acer Portal\ccd.exe
FirewallRules: [{9BB77AF3-F7C7-4DB2-A72F-C2C1DC3CF1BD}] => (Allow) C:\Program Files\Acer\Acer Portal\Sdd.exe
FirewallRules: [{59C71185-338E-4622-87E1-C6E64147E850}] => (Allow) C:\Program Files\Acer\Acer Portal\Sdd.exe
FirewallRules: [{C101C709-E5B2-49B2-B96F-EDBA840165DA}] => (Allow) C:\Program Files\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{560079A9-5574-4243-BE7A-FB9C2CC2FD25}] => (Allow) C:\Program Files\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{D853B3DA-F6AD-40B2-81E6-48BB5D1FD09B}] => (Allow) C:\Program Files\Acer\Acer Portal\ccd.exe
FirewallRules: [{3880CED6-70B9-41E9-BB1A-1710240BD691}] => (Allow) C:\Program Files\Acer\Acer Portal\ccd.exe
FirewallRules: [{431B24E6-AC79-4CBF-B9B6-5E21BE72E63B}] => (Allow) C:\Program Files\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{019A4CB4-967D-418A-821D-F9025FEE2776}] => (Allow) C:\Program Files\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{46B97A7A-9897-4481-AF60-B6D767E38519}] => (Allow) C:\Program Files\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{A593C5B3-B986-43BD-975F-B6C4D3BE3EC4}] => (Allow) C:\Program Files\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{BCFF53D0-CC99-499A-8444-42374A14BC9B}] => (Allow) C:\Program Files\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{08E4C708-420F-4795-8A10-EC80BF3A66E5}] => (Allow) C:\Program Files\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{1524A7B6-C07E-494B-81B8-E02C9C3DC643}] => (Allow) C:\Program Files\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{3208D9D0-BD72-4D3F-8E8C-DAFEA732553B}] => (Allow) C:\Program Files\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{93C7B93B-3E6D-4DDC-ACE0-209B3BBB8BA3}] => (Allow) C:\Program Files\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{4E7A8ECD-ED54-46E2-8705-CB86892D6541}] => (Allow) C:\Program Files\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{76A58059-D732-4C6B-9A08-6EFDCAA29063}] => (Allow) C:\Program Files\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{CFDE7040-250F-4830-AFC2-09717D4C3C50}] => (Allow) C:\Program Files\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{0072682D-C2E9-4302-A884-13BE4BAF7358}] => (Allow) C:\Program Files\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{120DD8EA-0256-41B4-9699-2B7A15328CF0}] => (Allow) C:\Program Files\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{F25617AC-2725-4DF4-BE94-34D5429614B9}] => (Allow) C:\Program Files\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{CA0FD2B1-6393-44BA-95BD-7EE5B34877DC}] => (Allow) C:\Program Files\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [TCP Query User{8521CE01-E234-462B-867C-5E5088C22B1B}C:\users\petra\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\petra\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{C96161E8-0C12-4857-B9F1-B6D7B0D8D316}C:\users\petra\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\petra\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{8657DAC4-8023-4397-B855-17E33C7FDE15}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{A910D161-5007-48B1-A3AA-2EC9240ACA37}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{0F30B144-CAEA-4093-B461-00A1B71DF458}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{67C0CEB5-65F2-4E62-AF39-10AC126EC739}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{DABDAE59-1C05-439A-A3EE-485019B1BC25}] => (Allow) C:\Program Files\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{26D455CE-FCEA-4561-BE6E-5A9241D2ADF6}] => (Allow) C:\Program Files\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{DA487092-3A21-4818-9BF7-BC1555E0913F}] => (Allow) C:\Program Files\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{89F153AA-39B2-47F4-B335-E3E74904A141}] => (Allow) C:\Program Files\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{68DF1FAE-B51E-464D-93A2-CCB8AF2F7A1B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/15/2016 10:29:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AvastSvc.exe, verze: 12.3.3154.0, časové razítko: 0x57b5c39d
Název chybujícího modulu: ntdll.dll, verze: 6.3.9600.18438, časové razítko: 0x57ae4b64
Kód výjimky: 0xc0000374
Posun chyby: 0x000d13e2
ID chybujícího procesu: 0x580
Čas spuštění chybující aplikace: 0x01d23f84fbb4c7d0
Cesta k chybující aplikaci: C:\Program Files\AVAST Software\Avast\AvastSvc.exe
Cesta k chybujícímu modulu: C:\windows\SYSTEM32\ntdll.dll
ID zprávy: 869013f9-ab7a-11e6-9771-90489a5a9b46
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (11/15/2016 10:12:50 PM) (Source: DptfPolicyLpmService) (EventID: 1) (User: )
Description: Event-ID 1
Error: (11/15/2016 10:11:05 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Index nebyl inicializován.
Podrobnosti:
Zadaný objekt nebyl nalezen. Zadejte název existujícího objektu. (HRESULT : 0x80040d06) (0x80040d06)
Error: (11/15/2016 10:11:05 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Aplikace nebyla inicializována.
Kontext: aplikace Windows
Podrobnosti:
Zadaný objekt nebyl nalezen. Zadejte název existujícího objektu. (HRESULT : 0x80040d06) (0x80040d06)
Error: (11/15/2016 10:11:05 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Objekt indexovacího modulu nebyl inicializován.
Kontext: aplikace Windows, katalog SystemIndex
Podrobnosti:
Zadaný objekt nebyl nalezen. Zadejte název existujícího objektu. (HRESULT : 0x80040d06) (0x80040d06)
Error: (11/15/2016 10:11:05 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.TripoliIndexer> nebyl inicializován.
Kontext: aplikace Windows, katalog SystemIndex
Podrobnosti:
Zadaný objekt nebyl nalezen. Zadejte název existujícího objektu. (HRESULT : 0x80040d06) (0x80040d06)
Error: (11/15/2016 10:11:05 PM) (Source: Windows Search Service) (EventID: 3057) (User: )
Description: Správce modulu plug-in <Search.TripoliIndexer> nebyl inicializován.
Kontext: aplikace Windows
Podrobnosti:
(HRESULT : 0x8e5e0210) (0x8e5e0210)
Error: (11/15/2016 10:11:05 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Služba Windows Search byla zastavena, protože došlo k problému s indexovacím modulem The catalog is corrupt.
Podrobnosti:
Katalog indexu obsahu je poškozený. 0xc0041801 (0xc0041801)
Error: (11/15/2016 10:11:05 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vyhledávací služby zjistila, že index {id=4810 - enduser\mssearch2\search\ytrip\common\util\jetutil.cpp (167)} obsahuje poškozené datové soubory. Služba se pokusí tyto potíže automaticky odstranit vytvořením nového indexu.
Podrobnosti:
0x8e5e0210 (0x8e5e0210)
Error: (11/15/2016 10:11:05 PM) (Source: ESENT) (EventID: 455) (User: )
Description: SearchIndexer (7896) Windows: Při otevírání souboru protokolu C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb00046.log došlo k chybě -1811 (0xfffff8ed).
System errors:
=============
Error: (11/15/2016 10:31:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avast Antivirus byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.
Error: (11/15/2016 10:11:58 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\windows\System32\bcmihvsrv.dll
Error: (11/15/2016 10:11:58 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\windows\System32\bcmihvsrv.dll
Error: (11/15/2016 10:11:54 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\windows\System32\bcmihvsrv.dll
Error: (11/15/2016 10:11:49 PM) (Source: DCOM) (EventID: 10010) (User: acer)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/15/2016 10:11:41 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující chybě:
Instance této služby je již spuštěna.
Error: (11/15/2016 10:11:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (11/15/2016 10:11:05 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Windows Search skončila s následující chybou specifickou pro službu:
%%2147749126
Error: (11/15/2016 10:11:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba User Experience Improvement Program byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (11/15/2016 10:11:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
==================== Memory info ===========================
Processor: Intel(R) Atom(TM) CPU Z3745 @ 1.33GHz
Percentage of memory in use: 36%
Total physical RAM: 1931.36 MB
Available physical RAM: 1226.85 MB
Total Virtual: 2699.36 MB
Available Virtual: 1802.89 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:21.9 GB) (Free:3.76 GB) NTFS
Drive d: (CANON_DC) (Removable) (Total:7.28 GB) (Free:7.27 GB) FAT32
Drive f: () (Removable) (Total:15.41 GB) (Free:15.41 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 29.1 GB) (Disk ID: 5860B3B4)
Partition: GPT.
========================================================
Disk: 1 (Size: 7.3 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 3 (Size: 15.4 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt ============================