VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Peosim o preventivní prohlídku

https://forum.viry.cz:443/viewtopic.php?t=156006

Stránka 1 z 1

Peosim o preventivní prohlídku

Napsal: 01 čer 2019 12:02
od Paris
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-05.2019
Ran by ES1-512 (administrator) on ACER (Acer Aspire ES1-512) (01-06-2019 12:43:58)
Running from C:\Users\ES1-512\Downloads
Loaded Profiles: ES1-512 (Available Profiles: ES1-512)
Platform: Windows 8.1 Connected (Update) (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Acer Incorporated -> ) C:\Program Files (x86)\Acer\Live Updater\updater.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Acer Incorporated -> acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Akamai Technologies, Inc. -> Akamai Technologies, Inc.) C:\Users\ES1-512\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc. -> Akamai Technologies, Inc.) C:\Users\ES1-512\AppData\Local\Akamai\netsession_win.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe
(Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\setup\New_1305094a\instup.exe
(AVAST Software) [File not signed] C:\Program Files\AVAST Software\Avast\setup\sbr.exe
(CyberLink -> ) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Update\Install\{56397B6F-9B27-4D7B-AA09-878C315C9685}\74.0.3729.169_chrome_installer.exe
(Google LLC -> Google Inc.) C:\Windows\Temp\CR_1362C.tmp\setup.exe
(Google LLC -> Google Inc.) C:\Windows\Temp\CR_1362C.tmp\setup.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\mcafee\vul\McVulCtr.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Integration\Integrator.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\OLicenseHeartbeat.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\ES1-512\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCUpdate.exe
(Pokki -> Pokki) C:\Users\ES1-512\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe
(Qualcomm Atheros -> ) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(WildTangent Inc -> WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
Failed to access process -> wsqmcons.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672664 2014-06-30] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942232 2016-10-14] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261000 2019-04-26] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-01-28] (McAfee, Inc. -> McAfee, Inc.)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [636712 2018-12-01] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-04-29] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKU\S-1-5-21-1958939149-1057758978-2051586712-1001\...\Run: [Akamai NetSession Interface] => C:\Users\ES1-512\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
HKU\S-1-5-21-1958939149-1057758978-2051586712-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2007576 2017-02-03] (Autodesk, Inc -> Autodesk, Inc.)
HKU\S-1-5-21-1958939149-1057758978-2051586712-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19645800 2019-02-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1958939149-1057758978-2051586712-1001\...\RunOnce: [Application Restart #1] => C:\Users\ES1-512\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [8992976 2019-04-09] (Pokki -> Pokki)
HKU\S-1-5-21-1958939149-1057758978-2051586712-1001\...\RunOnce: [Application Restart #0] => C:\Users\ES1-512\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [8992976 2019-04-09] (Pokki -> Pokki)
HKU\S-1-5-21-1958939149-1057758978-2051586712-1001\...\Policies\Explorer: []
HKU\S-1-5-21-1958939149-1057758978-2051586712-1001\...\MountPoints2: {77a526ca-4724-11e8-8282-206a8adf8c20} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2007576 2017-02-03] (Autodesk, Inc -> Autodesk, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.131\Installer\chrmstp.exe [2019-05-09] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> c:\Program Files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll [2013-09-05] (Adobe Systems, Incorporated -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-04-29] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-04-29] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0E2EE0F4-5E7D-473D-B523-CA1136C9105B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113096 2019-05-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {1C66A125-1BE2-4F63-BA1B-7F09B6882BC8} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [4150312 2013-07-08] (Acer Incorporated -> )
Task: {244970A7-6DB0-4CF3-A97F-7E2646DBCAC4} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [490728 2014-06-17] (Acer Incorporated -> Acer Incorporated)
Task: {35F1A12E-FB15-4857-B511-9C1C1213ECE9} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26197064 2019-05-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {41253B99-ED1A-4ECA-A1ED-DFE7823172CD} - System32\Tasks\SweetLabs App Platform => C:\Users\ES1-512\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe [7561424 2019-04-09] (Pokki -> Pokki)
Task: {4BD1DBF0-918F-41CE-8547-01C0B98DCD8A} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [439016 2014-06-10] (Acer Incorporated -> Acer Incorporate)
Task: {532F27B7-3E2A-41D6-98BC-E84529287472} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [384232 2014-06-12] (Acer Incorporated -> Acer Incorporated)
Task: {829EBC38-ECE5-4ED1-84D2-DAA347FFDBB4} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26197064 2019-05-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {82BF5014-E68E-4EB9-94AB-D0BDAA8DEFDB} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [324328 2014-06-26] (Acer Incorporated -> Acer Incorporate)
Task: {838D284C-3557-4E93-8F87-3F2D9B907DA4} - System32\Tasks\abDocsDllLoader => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [1769312 2017-09-28] (Acer Incorporated -> )
Task: {8B775A83-6C0B-48D8-9A77-6A1D47F7FAEE} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [40008 2013-01-22] (Acer Incorporated -> )
Task: {96D38699-2107-4E31-AB9A-7D6C76412070} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {97640034-F26E-4F79-AB72-7D4F981D8E3E} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1427464 2019-05-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {9F9A0EF5-6786-49EF-BBD5-72792B761BD0} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1439776 2019-05-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {A0054036-E576-4543-A21E-024655DCB17B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113096 2019-05-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {AC19C246-0ADC-4817-BB10-5F1AE76DE53E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1439776 2019-05-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {BB98034A-98CC-431A-9E7E-27253A405CC3} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [216296 2014-03-13] (Acer Incorporated -> TODO: <Company name>)
Task: {BFA28714-E496-4B04-8162-B60C8668D562} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-10] (Google Inc -> Google Inc.)
Task: {C846E3D4-863D-4288-ACB7-39D54920EAC8} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [324328 2014-06-26] (Acer Incorporated -> Acer Incorporate)
Task: {DB7929CC-124B-4DFD-948D-49C75293AE45} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14679256 2019-02-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DE043863-E84B-4EED-9792-65006755376C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2925960 2019-04-26] (AVAST Software s.r.o. -> AVAST Software)
Task: {E489A70C-A4B0-4D19-A88D-AAB4AABB88C1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-10] (Google Inc -> Google Inc.)
Task: {EFA7D916-4937-4621-8032-650F95E2F648} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [65752 2017-03-20] (Acer Incorporated -> Acer Incorporated)
Task: {FFCAD543-C017-4173-9E64-9A7ED6B2FE9D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2380088 2019-05-09] (AVAST Software s.r.o. -> AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{73BFEF96-12CB-4CCD-87BE-C4A75FF840D8}: [DhcpNameServer] 192.18.128.24
Tcpip\..\Interfaces\{BDB48C3D-0C0A-4ECF-B2D1-A305D8853281}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-1958939149-1057758978-2051586712-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-1958939149-1057758978-2051586712-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKU\S-1-5-21-1958939149-1057758978-2051586712-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1958939149-1057758978-2051586712-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-05-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-05-26] (Microsoft Corporation -> Microsoft Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll [2016-10-03] (McAfee, Inc. -> McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\McIEPlg.dll [2016-10-03] (McAfee, Inc. -> McAfee, Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-26] (Microsoft Corporation -> Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll [2016-10-03] (McAfee, Inc. -> McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\McIEPlg.dll [2016-10-03] (McAfee, Inc. -> McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\mcsniepl64.dll [2014-01-28] (McAfee, Inc. -> McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2014-01-28] (McAfee, Inc. -> McAfee, Inc.)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2017-08-10] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2015-12-05] [Legacy] [not signed]
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\npmcsnffpl64.dll [2014-01-28] (McAfee, Inc. -> )
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\npmcsnffpl.dll [2014-01-28] (McAfee, Inc. -> )
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-05-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-05-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] (WildTangent Inc -> )
FF Plugin-x32: Adobe Reader -> c:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-09-05] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\ES1-512\AppData\Local\Google\Chrome\User Data\Default [2019-06-01]
CHR Extension: (Prezentace) - C:\Users\ES1-512\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Dokumenty) - C:\Users\ES1-512\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Disk Google) - C:\Users\ES1-512\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-10]
CHR Extension: (YouTube) - C:\Users\ES1-512\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-10]
CHR Extension: (Plná Peněženka Lištička) - C:\Users\ES1-512\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecmgkhgjmodembdmiimbacpjgcdimiek [2019-02-12]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\ES1-512\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-02-12]
CHR Extension: (Tabulky) - C:\Users\ES1-512\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\ES1-512\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2019-04-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\ES1-512\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\ES1-512\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-11]
CHR Extension: (Gmail) - C:\Users\ES1-512\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-15]
CHR Extension: (Chrome Media Router) - C:\Users\ES1-512\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-01]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2017-07-07]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2017-07-07]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6660888 2019-04-26] (AVAST Software s.r.o. -> AVAST Software)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-04-29] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [362488 2019-04-26] (AVAST Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11147336 2019-05-15] (Microsoft Corporation -> Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated -> Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent Inc -> WildTangent)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc. -> McAfee, Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315376 2014-06-09] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporated -> Acer Incorporate)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [166152 2016-10-03] (McAfee, Inc. -> McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-01-28] (McAfee, Inc. -> McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-30] (McAfee, Inc. -> McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc. -> McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc. -> McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-15] (McAfee, Inc. -> McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc. -> McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc. -> McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc. -> McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-03-18] (McAfee, Inc. -> McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-04-04] (McAfee, Inc. -> McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-04-04] (McAfee, Inc. -> McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc. -> McAfee, Inc.)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporated -> Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] (CyberLink -> )
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporated -> Acer Incorporate)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [233216 2014-06-24] (Acer Incorporated -> acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37104 2019-04-26] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205400 2019-04-26] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [254128 2019-04-26] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196000 2019-04-26] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320624 2019-04-26] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [57888 2019-04-26] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [257832 2019-04-26] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42288 2019-04-26] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [166848 2019-04-26] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112520 2019-04-26] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88160 2019-04-26] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1031000 2019-04-26] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [476776 2019-04-29] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [220640 2019-04-26] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [385848 2019-04-29] (AVAST Software s.r.o. -> AVAST Software)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3893248 2014-04-03] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-04-04] (McAfee, Inc. -> McAfee, Inc.)
R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2014-06-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc. -> McAfee, Inc.)
R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [69632 2014-06-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [3789824 2014-04-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-18] (Acer Incorporated -> Acer Incorporated)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [177544 2014-04-04] (McAfee, Inc. -> McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311856 2014-04-04] (McAfee, Inc. -> McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69352 2014-04-04] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [522360 2014-04-04] (McAfee, Inc. -> McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [784760 2014-04-04] (McAfee, Inc. -> McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [441264 2014-03-18] (McAfee, Inc. -> McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-03-18] (McAfee, Inc. -> McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc. -> McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [346760 2014-04-04] (McAfee, Inc. -> McAfee, Inc.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-18] (Acer Incorporated -> Acer Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation - Client Components Group -> Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-01 12:51 - 2019-06-01 12:44 - 000363400 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-06-01 12:43 - 2019-06-01 12:53 - 000035500 _____ C:\Users\ES1-512\Downloads\FRST.txt
2019-06-01 12:42 - 2019-06-01 12:43 - 000000000 ____D C:\FRST
2019-06-01 12:41 - 2019-06-01 12:41 - 000002506 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-06-01 12:41 - 2019-06-01 12:41 - 000002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-06-01 12:41 - 2019-06-01 12:41 - 000002477 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-06-01 12:41 - 2019-06-01 12:41 - 000002472 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-06-01 12:41 - 2019-06-01 12:41 - 000002465 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy.lnk
2019-06-01 12:41 - 2019-06-01 12:41 - 000002398 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-06-01 12:41 - 2019-06-01 12:41 - 000002394 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-06-01 12:41 - 2019-06-01 12:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2019-06-01 12:40 - 2019-06-01 12:40 - 000002433 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-06-01 12:39 - 2019-06-01 12:40 - 002435584 _____ (Farbar) C:\Users\ES1-512\Downloads\FRST64.exe
2019-06-01 12:23 - 2019-06-01 12:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2019-05-16 17:26 - 2019-05-16 17:26 - 000294729 _____ C:\Users\ES1-512\Downloads\csob-potvrzeni-o-prijmu-cz-hypoteka.pdf

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-01 12:52 - 2013-08-22 17:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-06-01 12:47 - 2017-11-05 11:22 - 000385640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-06-01 12:46 - 2018-11-01 20:37 - 000042288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-06-01 12:46 - 2018-01-23 18:45 - 000279120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-06-01 12:46 - 2017-11-05 11:22 - 000477584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-06-01 12:46 - 2017-11-05 11:22 - 000225096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-06-01 12:46 - 2017-11-05 11:22 - 000167872 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-06-01 12:46 - 2017-11-05 11:22 - 000112312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-06-01 12:46 - 2017-11-05 11:22 - 000087944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-06-01 12:41 - 2019-01-18 18:14 - 000037104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-06-01 12:41 - 2017-11-17 20:15 - 000207448 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-06-01 12:41 - 2017-11-05 11:22 - 001030784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-06-01 12:41 - 2015-12-05 00:33 - 000003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1958939149-1057758978-2051586712-1001
2019-06-01 12:38 - 2019-01-18 19:03 - 000262496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-06-01 12:38 - 2019-01-18 18:14 - 000205848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-06-01 12:38 - 2019-01-18 18:14 - 000061472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-06-01 12:33 - 2014-08-19 14:29 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-06-01 12:30 - 2017-11-05 11:22 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-06-01 12:25 - 2017-07-24 17:59 - 000000000 ____D C:\Users\ES1-512\AppData\Local\Akamai
2019-06-01 12:21 - 2015-12-05 00:26 - 000000000 ____D C:\Users\ES1-512\AppData\Local\SweetLabs App Platform
2019-05-26 21:36 - 2018-12-21 20:33 - 000002344 _____ C:\Users\ES1-512\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive pro firmy.lnk
2019-05-26 21:30 - 2017-08-14 16:34 - 004925440 ___SH C:\Users\ES1-512\Downloads\Thumbs.db
2019-05-26 21:25 - 2014-08-19 13:57 - 000734510 _____ C:\Windows\system32\perfh005.dat
2019-05-26 21:25 - 2014-08-19 13:57 - 000148820 _____ C:\Windows\system32\perfc005.dat
2019-05-26 21:25 - 2014-03-18 11:47 - 001739092 _____ C:\Windows\system32\PerfStringBackup.INI
2019-05-26 21:25 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2019-05-26 20:45 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp
2019-05-16 17:18 - 2017-07-07 17:15 - 000000000 ____D C:\Users\ES1-512\AppData\Local\CrashDumps
2019-05-15 21:53 - 2017-07-27 16:12 - 000003170 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1958939149-1057758978-2051586712-1001
2019-05-15 21:25 - 2018-12-28 21:39 - 000002457 _____ C:\Users\ES1-512\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2019-05-15 20:56 - 2017-07-10 16:31 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-05-15 20:56 - 2017-07-10 16:31 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-05-15 20:36 - 2017-07-24 18:50 - 000000000 ____D C:\ProgramData\boost_interprocess
2019-05-15 20:32 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-05-09 22:18 - 2017-07-10 16:32 - 000002248 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-09 22:18 - 2017-07-10 16:32 - 000002207 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-05-09 21:34 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\ELAM

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-03-16 22:40
==================== End of FRST.txt ============================

Re: Prosim o preventivní prohlídku

Napsal: 01 čer 2019 12:02
od Paris
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-05.2019
Ran by ES1-512 (01-06-2019 12:56:01)
Running from C:\Users\ES1-512\Downloads
Windows 8.1 Connected (Update) (X64) (2015-12-04 22:26:19)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1958939149-1057758978-2051586712-500 - Administrator - Disabled)
ES1-512 (S-1-5-21-1958939149-1057758978-2051586712-1001 - Administrator - Enabled) => C:\Users\ES1-512
Guest (S-1-5-21-1958939149-1057758978-2051586712-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1958939149-1057758978-2051586712-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus and Antispyware (Disabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Antispyware (Disabled - Out of date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: McAfee Firewall (Disabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

A360 Desktop (HKLM\...\{B65CD59E-A771-4354-AA4B-C3E01B496BCD}) (Version: 8.2.3.1800 - Autodesk)
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.10.2002 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2001 - Acer Incorporated)
abMusic (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 3.01.2003.6 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 4.00.2001.1 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8107 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.12.2006 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8105 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.02.2003 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3004 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3004 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2005.0 - Acer Incorporated)
Adobe Reader XI (11.0.04) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.04 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-1958939149-1057758978-2051586712-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
Aloha TriPeaks (HKLM-x32\...\WTA-73b11b8a-24f1-4bc9-a41e-825e89e06856) (Version: 2.2.0.98 - WildTangent) Hidden
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.25.2001.0 - Acer Incorporated)
AutoCAD LT 2018 – Čeština (Czech) (HKLM\...\{28B89EEF-1009-0000-0102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
AutoCAD LT 2018 – Čeština (Czech) (HKLM\...\{28B89EEF-1009-0405-2102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
AutoCAD LT 2018 Language Pack – Čeština (Czech) (HKLM\...\{28B89EEF-1009-0405-1102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2018 (HKLM-x32\...\{177AD7F6-9C77-4E50-BA53-B7259C5F282D}) (Version: 16.11.1.0 - Autodesk)
Autodesk AutoCAD LT 2018 – Čeština (Czech) (HKLM\...\AutoCAD LT 2018 – Čeština (Czech)) (Version: 22.0.49.0 - Autodesk)
Autodesk License Service (x64) - 5.1.4 (HKLM\...\{3609A8D9-FC0C-4C9B-9F58-0B1D1A4FE556}) (Version: 5.1.4.0 - Autodesk)
Autodesk Material Library 2018 (HKLM-x32\...\{7847611E-92E9-4917-B395-71C91D523104}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2018 (HKLM-x32\...\{FCDED119-A969-4E48-8A32-D21AD6B03253}) (Version: 16.11.1.0 - Autodesk)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.5.2378 - AVAST Software)
Batch XLS TO XLSX Converter 2009 (HKLM-x32\...\{26918E50-6EDC-4A59-A31E-E9C1EF06F1BC}_is1) (Version: - Batchwork Software)
Bejeweled 2 Deluxe (HKLM-x32\...\WTA-7e82e265-1d8f-4811-b12b-30fe42d87afa) (Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.48 - Piriform)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3914.57 - CyberLink Corp.)
Farm to Fork Collector's Edition (HKLM-x32\...\WTA-0597da84-da32-409d-a99e-97cbdff3a242) (Version: 3.0.2.59 - WildTangent) Hidden
Game Explorer Categories - genres (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 11.0.0.7 - WildTangent, Inc.)
Game Explorer Categories - main (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 11.0.0.7 - WildTangent, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.131 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Governor of Poker 2 Premium Edition (HKLM-x32\...\WTA-f29d0dc3-3c1c-458b-abfa-4102edea62c9) (Version: 3.0.2.59 - WildTangent) Hidden
HappyFoto DESIGNER 5.6 (HKLM-x32\...\HappyFoto-Designer_is1) (Version: - )
Host App Service (HKU\S-1-5-21-1958939149-1057758978-2051586712-1001\...\SweetLabs_AP) (Version: 0.269.8.727 - Pokki) <==== ATTENTION
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8101 - Acer Incorporated)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3574 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Jewel Match 3 (HKLM-x32\...\WTA-c04cf0da-5b9c-40aa-ac19-b040ffc27238) (Version: 3.0.2.59 - WildTangent) Hidden
King Oddball (HKLM-x32\...\WTA-9ee06ddd-2d89-466c-a93e-e980c9c706a8) (Version: 3.0.2.48 - WildTangent) Hidden
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated)
LUXOR Evolved (HKLM-x32\...\WTA-faa8b974-1d80-45b6-94e0-27451480575f) (Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (HKLM-x32\...\WTA-f1d014a4-7dce-40f4-818d-c30bd3377faf) (Version: 2.2.0.98 - WildTangent) Hidden
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 12.8.955 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.279 - McAfee, Inc.)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.11601.20230 - Microsoft Corporation)
Microsoft Office 365 Business - cs-cz (HKLM\...\O365BusinessRetail - cs-cz) (Version: 16.0.11601.20230 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1958939149-1057758978-2051586712-1001\...\OneDriveSetup.exe) (Version: 19.070.0410.0005 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11601.20230 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11601.20230 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11601.20230 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.11601.20230 - Microsoft Corporation) Hidden
OpenOffice 4.1.4 (HKLM-x32\...\{726F81BD-FECF-412D-917B-F237CD6C8FFE}) (Version: 4.14.9787 - Apache Software Foundation)
Peggle Nights (HKLM-x32\...\WTA-51ad853d-8397-4b8a-8af4-6d588096e611) (Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-b73fcb63-f87b-4beb-b944-027391be4e4e) (Version: 3.0.2.59 - WildTangent) Hidden
Počítačová aplikace Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.12.84 - Autodesk)
Pokki Start Menu (HKU\S-1-5-21-1958939149-1057758978-2051586712-1001\...\SweetLabs_Start_Menu) (Version: 0.269.8.727 - Pokki)
Polar Bowler 1st Frame (HKLM-x32\...\WTA-9dd65576-8c22-4a22-ac03-11223c493022) (Version: 3.0.2.59 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.322 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.33 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39059 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7288 - Realtek Semiconductor Corp.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
The Chronicles of Emerland Solitaire (HKLM-x32\...\WTA-11f8b423-ebeb-4896-bee6-af70f4bf5179) (Version: 3.0.2.51 - WildTangent) Hidden
Trinklit Supreme (HKLM-x32\...\WTA-7b27259f-ed57-412c-9d4f-f275cda3e3ef) (Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer) (Version: 4.0.11.13 - WildTangent) Hidden
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Zuma's Revenge (HKLM-x32\...\WTA-f44658a3-a4b5-45ee-be7a-b8b27a6b1f94) (Version: 2.2.0.97 - WildTangent) Hidden

Packages:
=========
- Games App - -> C:\Program Files\WindowsApps\WildTangentGames.-GamesApp-_1.0.3.28_x86__qt5r5pa5dyg8m [2017-07-07] (WildTangent Games)
AccuWeather for Windows 8 -> C:\Program Files\WindowsApps\AccuWeather.AccuWeatherforWindows8_4.1.0.31_x64__8zz2pj9h1h1d8 [2017-07-07] (AccuWeather)
Acer Explorer -> C:\Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4 [2017-07-07] (Acer Incorporated)
Booking.com Partner Edition -> C:\Program Files\WindowsApps\4AE8B7C2.Booking.comPartnerEdition_1.2.1.0_x64__6wqyppa9wfhnr [2015-12-05] (Booking.com B.V.)
eBay -> C:\Program Files\WindowsApps\eBayInc.eBay_1.6.0.34_neutral__1618n3s9xq8tw [2017-07-07] (eBay, Inc)
Evernote Touch -> C:\Program Files\WindowsApps\Evernote.Evernote_3.3.0.102_x86__q4d96b2w5wcc2 [2017-07-07] (Evernote)
Kindle -> C:\Program Files\WindowsApps\AMZNMobileLLC.KindleforWindows8_2.1.0.2_neutral__stfe6vwa9jnbp [2017-07-07] (AMZN Mobile LLC)
TuneIn Radio -> C:\Program Files\WindowsApps\TuneIn.TuneInRadio_1.1.0.0_neutral__6bhtb546zcxnj [2014-08-19] (TuneIn)
Zinio -> C:\Program Files\WindowsApps\ZinioLLC.Zinio_2.1.0.317_x64__0q6dqzpp40p2e [2014-08-19] (Zinio LLC)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1958939149-1057758978-2051586712-1001_Classes\CLSID\{74F5CC00-49A9-11CF-A2F9-444553540000}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD LT 2018\cs-CZ\acadltficn.dll (Autodesk Development Sarl -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1958939149-1057758978-2051586712-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1958939149-1057758978-2051586712-1001_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD LT 2018\acadlt.exe (Autodesk, Inc -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-26] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [ACloudSyncedRF] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudSyncedSF] -> {5D5F18B7-D59B-4B18-A3E9-0A4BDCCCB699} => -> No File
ShellIconOverlayIdentifiers: [ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2017-02-03] (Autodesk, Inc -> Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2017-02-03] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvAppExt.dll [2014-04-29] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-26] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\msc\mcctxmenufrmwrk.dll [2014-03-20] (McAfee, Inc. -> McAfee, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-26] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [ContextMenuShlExt] -> {08264889-8298-4B92-A6F2-6813E1BE356E} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2014-04-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\Windows\system32\igfxOSP.dll [2014-04-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-26] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\msc\mcctxmenufrmwrk.dll [2014-03-20] (McAfee, Inc. -> McAfee, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\Public\Desktop\Booking.com.lnk -> C:\Program Files\Booking.COM\StartURL.exe () -> hxxp://www.booking.com/index.html?aid=379334

==================== Loaded Modules (Whitelisted) ==============

2014-04-29 11:38 - 2014-04-29 11:38 - 000011264 _____ () [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-04-29 11:35 - 2014-04-29 11:35 - 000086016 _____ () [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-07-02 05:08 - 2013-07-02 05:08 - 000733696 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
2017-07-10 16:45 - 2017-07-10 16:45 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\AppVIsvSubsystems32.dll
2017-07-10 16:45 - 2017-07-10 16:45 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll
2017-07-10 16:49 - 2017-07-10 16:49 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\AppVIsvSubsystems32.dll
2017-07-10 16:49 - 2017-07-10 16:49 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\c2r32.dll
2014-04-29 11:42 - 2014-04-29 11:42 - 000012928 _____ (Qualcomm Atheros -> ) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2014-04-29 11:42 - 2014-04-29 11:42 - 000134784 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
2014-04-29 11:42 - 2014-04-29 11:42 - 000085632 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\GattI.dll
2014-04-29 11:42 - 2014-04-29 11:42 - 000126592 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\gatts.DLL
2014-04-29 11:42 - 2014-04-29 11:42 - 000083072 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Handsfree.dll
2014-04-29 11:43 - 2014-04-29 11:43 - 000034432 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ipc.dll
2014-04-29 11:43 - 2014-04-29 11:43 - 000063104 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ModuleManager.dll
2014-04-29 11:43 - 2014-04-29 11:43 - 001067648 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\OutlookLib.dll
2014-04-29 11:43 - 2014-04-29 11:43 - 000027264 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\TCPConnection.dll
2014-04-29 11:43 - 2014-04-29 11:43 - 000116352 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\utils.dll
2014-04-29 11:42 - 2014-04-29 11:42 - 000319104 _____ (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
2014-04-29 11:36 - 2014-04-29 11:36 - 000308224 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\LE\LE.dll
2014-04-29 11:37 - 2014-04-29 11:37 - 000210432 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Audio\audio.dll
2014-04-29 11:38 - 2014-04-29 11:38 - 000162304 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\BasicPrintProfile\BPP.dll
2014-04-29 11:38 - 2014-04-29 11:38 - 000177152 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\BIP\BIP.dll
2014-04-29 11:36 - 2014-04-29 11:36 - 000018432 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\DID\DId.dll
2014-04-29 11:35 - 2014-04-29 11:35 - 000035840 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\FAX\Fax.dll
2014-04-29 11:37 - 2014-04-29 11:37 - 000421888 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\FileTransfer\FileTransfer.dll
2014-04-29 11:38 - 2014-04-29 11:38 - 000096256 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\GapSdp\GapSdp.dll
2014-04-29 11:33 - 2014-04-29 11:33 - 000097792 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\goep\goep.dll
2014-04-29 11:35 - 2014-04-29 11:35 - 000029696 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\HCRP\Hcrp.dll
2014-04-29 11:36 - 2014-04-29 11:36 - 000142848 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\HealthDevice\HDP.dll
2014-04-29 11:38 - 2014-04-29 11:38 - 000091136 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\L2capLib\l2caplib.dll
2014-04-29 11:38 - 2014-04-29 11:38 - 000066048 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\OppOperation\OppOperation.dll
2014-04-29 11:37 - 2014-04-29 11:37 - 000067072 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\pbap\pbap.dll
2014-04-29 11:38 - 2014-04-29 11:38 - 000063488 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\RfcommLib\rfcommlib.dll
2014-04-29 11:37 - 2014-04-29 11:37 - 000097280 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\sap\sap.dll
2014-04-29 11:38 - 2014-04-29 11:38 - 000087552 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\SesMgr\sesmgr.dll
2014-04-29 11:37 - 2014-04-29 11:37 - 000055296 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\spp\spp.dll
2014-04-29 11:37 - 2014-04-29 11:37 - 000064512 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Sync\Sync.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-1958939149-1057758978-2051586712-1001\Software\Classes\.scr: AutoCADLTScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2019-01-05 22:09 - 000000825 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Acer\Remote Files\
HKU\S-1-5-21-1958939149-1057758978-2051586712-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\ES1-512\Pictures\kreta\DSC_0628.JPG
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{87584CF7-596E-4EF5-A84D-8CEE5947C43F}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{ECAB8682-DAFA-440D-A99C-4AC2F0452FE5}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{5BD4ECF2-9D3E-45A1-9303-DF8AA991B629}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{050EA426-C987-47A6-BB14-E3ABAF32CDB8}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8DF3A57C-1D4F-48B2-962B-819AF482C0E1}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CF31038F-F34D-48F2-824B-A3797762CB51}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B1453EB5-8146-4079-A4EB-0D4596CB7A32}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7DED19B4-1DAA-4381-B749-C86D8B94B9EF}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{D09CCEF0-31D6-4A2B-B91C-5892F8D1E4B4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{652552D8-01D9-45D2-9392-587334D2C38B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{43773EB8-7FC0-48D2-BDE8-79C60805D33B}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{A9F110D4-F9FC-48C5-9EB3-92E0EC83A2C7}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{3A50B073-B9CC-4D7E-963A-F7AF0C0692C5}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{F51C3296-8E99-42A0-B288-30939539C1AD}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{6CC3951C-2456-41A6-B502-036E91C9346D}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporated -> Acer Cloud Technology)
FirewallRules: [{3DA13430-E83C-47D4-8949-E7F7EC1A8AA4}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporated -> Acer Cloud Technology)
FirewallRules: [{C0A88104-AE03-477D-9673-2E1889924DB1}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{E2C7D152-9C38-477B-851C-F77EF2548264}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{731E078D-75A6-4D63-9CD8-1B0DF5D54BFA}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{1CBFB114-FBCC-4A89-B182-BBC246270A39}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{885B0B85-BA79-4C09-9008-44ABB8EDAD2A}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{6F633614-A6BC-4C68-8365-267426C5A7E0}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{FF036531-1A18-4CE8-AC24-83D51EBCCF66}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{915CEB3E-DEBE-4C3E-9026-71A94DD9825B}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{EDE394FF-D422-4C4E-B676-7AFF0A03CE89}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E64920EA-515C-490A-9EA2-CA137ABBF21C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{49F4B46E-17A2-46F7-A012-4C9D7F35EFD4}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{8524E6E9-C681-471A-BF7D-8C4344CB3DC5}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{1199D0E0-5114-4D09-86FC-3D9B6DEECB63}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{FFABBE2E-A289-4562-972C-2EB714F6698B}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{76FA44FA-DED7-4F09-8B17-F5AF1B1D0D0D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{14F6C622-B9DF-4503-994C-63B9DF42449E}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{62D205B5-19A2-4EF7-A1EF-C14B06CAEC59}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{A45BEAF9-1B52-44E5-A1B3-0D03A96A7004}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BB3CB22E-9587-4F90-A57F-3518E7FF37F7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{109973BB-DB07-4729-9997-E2113D5B4C1C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{27313983-F04E-4213-A55E-77C39CA8B5B5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E82F3B3D-8959-41D6-95A1-F24BDDAC8422}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

17-02-2019 18:25:51 Windows Update
09-03-2019 18:34:09 Windows Update
16-03-2019 17:01:54 Windows Update
21-03-2019 10:24:11 Windows Update
26-04-2019 20:05:06 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/01/2019 12:41:20 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL na řádku 1.
Identita komponenty nalezená v manifestu nesouhlasí s identitou požadované komponenty.
Odkaz je UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definice je UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (06/01/2019 12:25:00 PM) (Source: MsiInstaller) (EventID: 11310) (User: Acer)
Description: Produkt: Akamai NetSession Interface - Chyba 1310 Při zápisu do souboru C:\Users\ES1-512\AppData\Local\Akamai\admintool.exe došlo k chybě. Systémová chyba 0. Přesvědčte se, zda máte přístup do adresáře.

Error: (06/01/2019 12:23:42 PM) (Source: MsiInstaller) (EventID: 11310) (User: Acer)
Description: Produkt: Akamai NetSession Interface - Chyba 1310 Při zápisu do souboru C:\Users\ES1-512\AppData\Local\Akamai\admintool.exe došlo k chybě. Systémová chyba 0. Přesvědčte se, zda máte přístup do adresáře.

Error: (05/26/2019 10:02:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15468

Error: (05/26/2019 10:02:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15468

Error: (05/26/2019 10:02:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/26/2019 10:01:04 PM) (Source: Winlogon) (EventID: 4005) (User: )
Description: Proces přihlášení do systému Windows byl neočekávaně ukončen.

Error: (05/26/2019 10:00:58 PM) (Source: Winlogon) (EventID: 4005) (User: )
Description: Proces přihlášení do systému Windows byl neočekávaně ukončen.


System errors:
=============
Error: (06/01/2019 12:55:34 PM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk1\DR2 má chybný blok.

Error: (06/01/2019 12:55:30 PM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk1\DR2 má chybný blok.

Error: (06/01/2019 12:55:25 PM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk1\DR2 má chybný blok.

Error: (06/01/2019 12:53:41 PM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk1\DR2 má chybný blok.

Error: (06/01/2019 12:53:35 PM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk1\DR2 má chybný blok.

Error: (06/01/2019 12:53:31 PM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk1\DR2 má chybný blok.

Error: (06/01/2019 12:53:27 PM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk1\DR2 má chybný blok.

Error: (06/01/2019 12:53:22 PM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk1\DR2 má chybný blok.


Windows Defender:
===================================
Date: 2017-09-26 11:47:05.806
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x8007045b
Popis chyby: Probíhá vypnutí systému.
Důvod: V systému chybí aktualizace potřebné ke spuštění systému kontroly sítě. Nainstalujte potřebné aktualizace a restartujte počítač.

Date: 2017-09-21 18:17:04.853
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 117.12.0.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Systém kontroly sítě
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 2.1.13804.0
Kód chyby: 0x80070652
Popis chyby :Momentálně je spuštěna jiná instalace. Před spuštěním nové instalace nejdříve dokončete spuštěnou instalaci.

Date: 2017-09-21 18:16:54.030
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu:
Zdroj aktualizace: Uživatel
Typ podpisu:
Typ aktualizace:
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu:
Kód chyby: 0x80070652
Popis chyby :Momentálně je spuštěna jiná instalace. Před spuštěním nové instalace nejdříve dokončete spuštěnou instalaci.

Date: 2017-09-21 18:16:50.086
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu:
Zdroj aktualizace: Uživatel
Typ podpisu:
Typ aktualizace:
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu:
Kód chyby: 0x80070652
Popis chyby :Momentálně je spuštěna jiná instalace. Před spuštěním nové instalace nejdříve dokončete spuštěnou instalaci.

Date: 2017-09-21 18:16:36.405
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.251.1053.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.14104.0
Kód chyby: 0x80070652
Popis chyby :Momentálně je spuštěna jiná instalace. Před spuštěním nové instalace nejdříve dokončete spuštěnou instalaci.

CodeIntegrity:
===================================

Date: 2018-02-17 14:27:43.449
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-17 14:27:39.745
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-17 14:27:35.777
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-17 14:27:31.448
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-17 14:27:27.401
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-17 14:27:23.511
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-17 14:27:19.604
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-17 14:27:15.823
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: Insyde Corp. V1.04 07/30/2014
Motherboard: Acer Aspire ES1-512
Processor: Intel(R) Celeron(R) CPU N2840 @ 2.16GHz
Percentage of memory in use: 83%
Total physical RAM: 3977.98 MB
Available physical RAM: 660.07 MB
Total Virtual: 5382.8 MB
Available Virtual: 1943.8 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:448.8 GB) (Free:350.34 GB) NTFS

\\?\Volume{c5ab8641-2f82-4fc6-badb-11634b116320}\ (Recovery) (Fixed) (Total:0.59 GB) (Free:0.27 GB) NTFS
\\?\Volume{af170493-16a4-484f-b52f-aa97137e96ed}\ (Push Button Reset) (Fixed) (Total:15.96 GB) (Free:15.88 GB) NTFS

==================== MBR & Partition Table ==================
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 1.

==================== End of Addition.txt ============================

Re: Peosim o preventivní prohlídku

Napsal: 01 čer 2019 13:44
od Rudy
Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: Peosim o preventivní prohlídku

Napsal: 01 čer 2019 18:02
od Paris
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-05-27.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-01-2019
# Duration: 00:00:20
# OS: Windows 8.1 Connected
# Cleaned: 17
# Failed: 1


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\Pokki
Deleted C:\Users\Public\Pokki
Not Deleted C:\Users\ES1-512\AppData\Local\SweetLabs App Platform

***** [ Files ] *****

Deleted C:\Users\ES1-512\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Pokki Start Menu.lnk
Deleted C:\Users\ES1-512\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
Deleted C:\Users\ES1-512\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Start Menu.lnk
Deleted C:\Users\ES1-512\Favorites\Booking.com.url

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\SWEETLABS APP PLATFORM

***** [ Registry ] *****

Deleted HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Deleted HKCU\Software\Classes\Directory\shell\pokki
Deleted HKCU\Software\Classes\Drive\shell\pokki
Deleted HKCU\Software\Classes\lnkfile\shell\pokki
Deleted HKCU\Software\Classes\pokki
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
Deleted HKCU\Software\SweetLabs App Platform
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{41253B99-ED1A-4ECA-A1ED-DFE7823172CD}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SweetLabs App Platform

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2819 octets] - [01/06/2019 18:49:11]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Re: Peosim o preventivní prohlídku

Napsal: 01 čer 2019 19:12
od Rudy
OK. Dejte nové logy FRST+Addition.

Re: Peosim o preventivní prohlídku

Napsal: 01 čer 2019 21:35
od Paris
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-06-2019
Ran by ES1-512 (administrator) on ACER (Acer Aspire ES1-512) (01-06-2019 22:26:18)
Running from C:\Users\ES1-512\Downloads
Loaded Profiles: ES1-512 (Available Profiles: ES1-512)
Platform: Windows 8.1 Connected (Update) (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Akamai Technologies, Inc. -> Akamai Technologies, Inc.) C:\Users\ES1-512\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc. -> Akamai Technologies, Inc.) C:\Users\ES1-512\AppData\Local\Akamai\netsession_win.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe
(Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(CyberLink -> ) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\Core\mchost.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\mcafee\virusscan\McVsShld.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Qualcomm Atheros -> ) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(WildTangent Inc -> WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672664 2014-06-30] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942232 2016-10-14] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [262024 2019-06-01] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-01-28] (McAfee, Inc. -> McAfee, Inc.)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [636712 2018-12-01] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-04-29] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKU\S-1-5-21-1958939149-1057758978-2051586712-1001\...\Run: [Akamai NetSession Interface] => C:\Users\ES1-512\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
HKU\S-1-5-21-1958939149-1057758978-2051586712-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2007576 2017-02-03] (Autodesk, Inc -> Autodesk, Inc.)
HKU\S-1-5-21-1958939149-1057758978-2051586712-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19645800 2019-02-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1958939149-1057758978-2051586712-1001\...\RunOnce: [Application Restart #1] => C:\Users\ES1-512\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [8992976 2019-04-09] (Pokki -> Pokki)
HKU\S-1-5-21-1958939149-1057758978-2051586712-1001\...\RunOnce: [Application Restart #0] => C:\Users\ES1-512\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [8992976 2019-04-09] (Pokki -> Pokki)
HKU\S-1-5-21-1958939149-1057758978-2051586712-1001\...\Policies\Explorer: []
HKU\S-1-5-21-1958939149-1057758978-2051586712-1001\...\MountPoints2: {77a526ca-4724-11e8-8282-206a8adf8c20} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2007576 2017-02-03] (Autodesk, Inc -> Autodesk, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.169\Installer\chrmstp.exe [2019-06-01] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> c:\Program Files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll [2013-09-05] (Adobe Systems, Incorporated -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-04-29] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-04-29] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1274336E-AB06-46B6-A48C-0671C5557CC6} - System32\Tasks\Microsoft\Windows\TaskScheduler\Maintenance Configurator => {645E29EA-4B0A-464C-8B7D-1A6B9F9D92A8} C:\Windows\system32\msched.dll [137728 2014-10-29] (Microsoft Windows -> Microsoft Corporation)
Task: {1687544D-7247-4F5A-965A-A6E920E55278} - System32\Tasks\Microsoft\Windows\TaskScheduler\Manual Maintenance => {57BFCFDD-EEE4-4DBB-A751-3CDEB169FF44} C:\Windows\system32\msched.dll [137728 2014-10-29] (Microsoft Windows -> Microsoft Corporation)
Task: {1A4230A2-E136-4936-9B22-DDF624BB8332} - System32\Tasks\Microsoft\Windows\IME\SQM data sender => {ccb1d8cb-d39f-41c9-b793-0196214bdc4e} C:\Windows\System32\IME\shared\imecfm.dll [115200 2014-10-29] (Microsoft Windows -> Microsoft Corporation)
Task: {1C66A125-1BE2-4F63-BA1B-7F09B6882BC8} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [4150312 2013-07-08] (Acer Incorporated -> )
Task: {1D5833FE-E659-41DB-98AC-923059EE4153} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect => {784E29F4-5EBE-4279-9948-1E8FE941646D}
Task: {221203AC-EBF6-499E-817E-E0EFB5EAB1BF} - System32\Tasks\Microsoft\Windows\WS\WSTask => {E52C9A25-F3E8-49E4-BAA7-FAD0EF620129} C:\Windows\System32\WSService.dll [3460472 2014-10-29] (Microsoft Windows -> Microsoft Corporation)
Task: {244970A7-6DB0-4CF3-A97F-7E2646DBCAC4} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [490728 2014-06-17] (Acer Incorporated -> Acer Incorporated)
Task: {2DAED91C-3E5C-4CC5-8BEF-39A6B7DA8E3A} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2934152 2019-06-01] (AVAST Software s.r.o. -> AVAST Software)
Task: {45561755-0BB2-49DF-9B3C-3F0CEB4AB61E} - System32\Tasks\Microsoft\Windows\WS\Badge Update => {00CCDDF6-5107-424D-853D-3907AE5502DC} C:\Windows\winstore\WinStoreUI.dll [1229312 2015-05-03] (Microsoft Windows -> Microsoft Corporation)
Task: {47BFE674-5DFA-4395-B88C-47D28D6E5597} - System32\Tasks\Microsoft\Windows\Maintenance\WinSAT => A9A33436-678B-4c9c-A211-7CC38785E79D
Task: {4BD1DBF0-918F-41CE-8547-01C0B98DCD8A} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [439016 2014-06-10] (Acer Incorporated -> Acer Incorporate)
Task: {4CEA811C-CF46-4B25-A0EE-ADAF8C50C370} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448056 2019-06-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {532F27B7-3E2A-41D6-98BC-E84529287472} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [384232 2014-06-12] (Acer Incorporated -> Acer Incorporated)
Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM => {c8367320-6f85-11e0-a1f0-0800200c9a66} C:\Windows\System32\BthSQM.dll [27648 2014-10-29] (Microsoft Windows -> Microsoft Corporation)
Task: {614AAB68-59E5-4794-9FF3-A89B72033EA5} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall => {EFF7F153-1C97-417a-B633-FEDE6683A939}
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup => {DEF03232-9688-11E2-BE7F-B4B52FD966FF} C:\Windows\System32\pnpclean.dll [118784 2014-10-29] (Microsoft Windows -> Microsoft Corporation)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {bf6c1e47-86ec-4194-9ce5-13c15dcb2001} C:\Windows\System32\skydrive.exe [1154048 2014-10-31] (Microsoft Windows -> Microsoft Corporation)
Task: {6F02587F-8A2B-4552-97F6-DEEF229E335B} - System32\Tasks\Microsoft\Windows\TaskScheduler\Idle Maintenance => {57BFCFDD-EEE4-4DBB-A751-3CDEB169FF44} C:\Windows\system32\msched.dll [137728 2014-10-29] (Microsoft Windows -> Microsoft Corporation)
Task: {7FF8F62F-2F28-441F-8A39-F52681537576} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1958939149-1057758978-2051586712-500 => {2D3F8A1B-6DCD-4ED5-BDBA-A096594B98EF} C:\Windows\System32\twinapi.dll [801792 2014-10-29] (Microsoft Windows -> Microsoft Corporation)
Task: {81A56CE6-601C-4260-9E89-C2ECE15AC668} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 => {429BC048-379E-45E0-80E4-EB1977941B5C} C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll [29360 2018-03-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {81ADE2CF-6A20-45DB-8231-3F41276E391D} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 => {84F0FAE1-C27B-4F6F-807B-28CF6F96287D} C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll [29360 2018-03-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {82BF5014-E68E-4EB9-94AB-D0BDAA8DEFDB} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [324328 2014-06-26] (Acer Incorporated -> Acer Incorporate)
Task: {838D284C-3557-4E93-8F87-3F2D9B907DA4} - System32\Tasks\abDocsDllLoader => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [1769312 2017-09-28] (Acer Incorporated -> )
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1b1f472e-3221-4826-97db-2c2324d389ae} C:\Windows\System32\skydrive.exe [1154048 2014-10-31] (Microsoft Windows -> Microsoft Corporation)
Task: {8B775A83-6C0B-48D8-9A77-6A1D47F7FAEE} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [40008 2013-01-22] (Acer Incorporated -> )
Task: {8F33697E-FF55-473E-9E89-FFEF015A09CD} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448056 2019-06-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {957BC611-1402-4921-B043-B94764421E42} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics => {5b6b6834-34f0-49b9-ad4e-81d4994c7a74} C:\Windows\system32\DfpCommon.dll [408576 2014-10-29] (Microsoft Windows -> Microsoft Corporation)
Task: {96D38699-2107-4E31-AB9A-7D6C76412070} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {97640034-F26E-4F79-AB72-7D4F981D8E3E} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1498208 2019-06-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {9AE37D28-4D53-45A9-970D-A57242F1A84F} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical => {613fba38-a3df-4ab8-9674-5604984a299a} C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll [29360 2018-03-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {9C8E21C9-6AB1-4D66-8DF5-73AF5359B24E} - System32\Tasks\Microsoft\Windows\WS\Sync Licenses => {10F591BE-3C84-418A-86DD-BAA002E2F36E} C:\Windows\winstore\WinStoreUI.dll [1229312 2015-05-03] (Microsoft Windows -> Microsoft Corporation)
Task: {9E7C69C3-6F8B-4BF0-A961-A76D97264FAE} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1958939149-1057758978-2051586712-1001 => {2D3F8A1B-6DCD-4ED5-BDBA-A096594B98EF} C:\Windows\System32\twinapi.dll [801792 2014-10-29] (Microsoft Windows -> Microsoft Corporation)
Task: {B2D57D3C-7CC6-490A-9B65-3DF4F5D14D4C} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4b81-9BEC-6C05514111AA} C:\Windows\System32\WpcWebSync.dll [2941952 2014-10-29] (Microsoft Windows -> Microsoft Corporation)
Task: {B6941C45-7EB8-4D29-9ADD-15E9F1657552} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [112664 2019-06-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {B7992938-01F1-4F40-A0EC-0D23D2F0F152} - System32\Tasks\Microsoft\Windows\TaskScheduler\Regular Maintenance => {57BFCFDD-EEE4-4DBB-A751-3CDEB169FF44} C:\Windows\system32\msched.dll [137728 2014-10-29] (Microsoft Windows -> Microsoft Corporation)
Task: {BB98034A-98CC-431A-9E7E-27253A405CC3} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [216296 2014-03-13] (Acer Incorporated -> TODO: <Company name>)
Task: {BFA28714-E496-4B04-8162-B60C8668D562} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-10] (Google Inc -> Google Inc.)
Task: {C371F25E-745F-4A1E-BEF3-959161B56258} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific => {9f2b0085-9218-42a1-88b0-9f0e65851666} C:\Windows\system32\apprepsync.dll [169984 2014-10-29] (Microsoft Windows -> Microsoft Corporation)
Task: {C4AE3C3E-C327-4689-B6FD-C11FB31AE88B} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler => {5AA199A0-1CED-43A5-9B85-3226086738A3} C:\Windows\System32\netcfgx.dll [487256 2015-07-14] (Microsoft Windows -> Microsoft Corporation)
Task: {C846E3D4-863D-4288-ACB7-39D54920EAC8} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [324328 2014-06-26] (Acer Incorporated -> Acer Incorporate)
Task: {C94D4BF0-175B-4F15-8FEE-07B121771E01} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall => {F3B4E234-7A68-4E43-B813-E4BA55A065F6}
Task: {DB7929CC-124B-4DFD-948D-49C75293AE45} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14679256 2019-02-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {E36CEB79-2C0B-4E07-BC29-DBBC8DD99A91} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26166344 2019-05-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {E3771A50-73A4-4182-9689-60FAEEDE05BF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefresh => {EBF00FCB-0769-4b81-9BEC-6C05514111AA} C:\Windows\System32\WpcWebSync.dll [2941952 2014-10-29] (Microsoft Windows -> Microsoft Corporation)
Task: {E489A70C-A4B0-4D19-A88D-AAB4AABB88C1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-10] (Google Inc -> Google Inc.)
Task: {E90AFE1C-4FDE-42AA-955F-3B9EDF653C66} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical => {de434264-8fe9-4c0b-a83b-89ebeebff78e} C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll [29360 2018-03-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {EAA604B7-AB67-4D38-A9E0-A3FEF1BD1FD1} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26166344 2019-05-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {EF302BFC-BAB0-4E5D-B388-5492BED8348A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [112664 2019-06-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {EFA7D916-4937-4621-8032-650F95E2F648} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [65752 2017-03-20] (Acer Incorporated -> Acer Incorporated)
Task: {FFCAD543-C017-4173-9E64-9A7ED6B2FE9D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2380088 2019-05-09] (AVAST Software s.r.o. -> AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{73BFEF96-12CB-4CCD-87BE-C4A75FF840D8}: [DhcpNameServer] 192.18.128.24
Tcpip\..\Interfaces\{BDB48C3D-0C0A-4ECF-B2D1-A305D8853281}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-1958939149-1057758978-2051586712-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-1958939149-1057758978-2051586712-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKU\S-1-5-21-1958939149-1057758978-2051586712-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1958939149-1057758978-2051586712-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-06-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-05-26] (Microsoft Corporation -> Microsoft Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll [2016-10-03] (McAfee, Inc. -> McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\McIEPlg.dll [2016-10-03] (McAfee, Inc. -> McAfee, Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll [2016-10-03] (McAfee, Inc. -> McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\McIEPlg.dll [2016-10-03] (McAfee, Inc. -> McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\mcsniepl64.dll [2014-01-28] (McAfee, Inc. -> McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2014-01-28] (McAfee, Inc. -> McAfee, Inc.)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2017-08-10] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2015-12-05] [Legacy] [not signed]
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\npmcsnffpl64.dll [2014-01-28] (McAfee, Inc. -> )
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\npmcsnffpl.dll [2014-01-28] (McAfee, Inc. -> )
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-05-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-05-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] (WildTangent Inc -> )
FF Plugin-x32: Adobe Reader -> c:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-09-05] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\ES1-512\AppData\Local\Google\Chrome\User Data\Default [2019-06-01]
CHR Extension: (Prezentace) - C:\Users\ES1-512\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Dokumenty) - C:\Users\ES1-512\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Disk Google) - C:\Users\ES1-512\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-10]
CHR Extension: (YouTube) - C:\Users\ES1-512\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-10]
CHR Extension: (Plná Peněženka Lištička) - C:\Users\ES1-512\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecmgkhgjmodembdmiimbacpjgcdimiek [2019-02-12]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\ES1-512\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-02-12]
CHR Extension: (Tabulky) - C:\Users\ES1-512\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\ES1-512\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2019-04-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\ES1-512\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\ES1-512\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-11]
CHR Extension: (Gmail) - C:\Users\ES1-512\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-15]
CHR Extension: (Chrome Media Router) - C:\Users\ES1-512\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-01]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2017-07-07]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2017-07-07]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6844776 2019-06-01] (AVAST Software s.r.o. -> AVAST Software)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-04-29] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [409224 2019-06-01] (AVAST Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11145800 2019-05-22] (Microsoft Corporation -> Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated -> Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent Inc -> WildTangent)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc. -> McAfee, Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315376 2014-06-09] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporated -> Acer Incorporate)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [166152 2016-10-03] (McAfee, Inc. -> McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-01-28] (McAfee, Inc. -> McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-30] (McAfee, Inc. -> McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc. -> McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc. -> McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-15] (McAfee, Inc. -> McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc. -> McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc. -> McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc. -> McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-03-18] (McAfee, Inc. -> McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-04-04] (McAfee, Inc. -> McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-04-04] (McAfee, Inc. -> McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc. -> McAfee, Inc.)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporated -> Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] (CyberLink -> )
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporated -> Acer Incorporate)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [233216 2014-06-24] (Acer Incorporated -> acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37104 2019-06-01] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [207448 2019-06-01] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [262496 2019-06-01] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [205848 2019-06-01] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [61472 2019-06-01] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [279120 2019-06-01] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42288 2019-06-01] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [167872 2019-06-01] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112312 2019-06-01] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87944 2019-06-01] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1030784 2019-06-01] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [477584 2019-06-01] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [225096 2019-06-01] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [385880 2019-06-01] (AVAST Software s.r.o. -> AVAST Software)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3893248 2014-04-03] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-04-04] (McAfee, Inc. -> McAfee, Inc.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2014-06-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc. -> McAfee, Inc.)
R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [69632 2014-06-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [3789824 2014-04-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-18] (Acer Incorporated -> Acer Incorporated)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [199768 2019-06-01] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [127136 2019-06-01] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73912 2019-06-01] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2019-06-01] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [117344 2019-06-01] (Malwarebytes Corporation -> Malwarebytes)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [177544 2014-04-04] (McAfee, Inc. -> McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311856 2014-04-04] (McAfee, Inc. -> McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69352 2014-04-04] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [522360 2014-04-04] (McAfee, Inc. -> McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [784760 2014-04-04] (McAfee, Inc. -> McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [441264 2014-03-18] (McAfee, Inc. -> McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-03-18] (McAfee, Inc. -> McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc. -> McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [346760 2014-04-04] (McAfee, Inc. -> McAfee, Inc.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-18] (Acer Incorporated -> Acer Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation - Client Components Group -> Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-01 22:26 - 2019-06-01 22:26 - 000000000 ____D C:\Users\ES1-512\Downloads\FRST-OlderVersion
2019-06-01 19:00 - 2019-06-01 19:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2019-06-01 18:55 - 2019-06-01 18:55 - 000073912 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2019-06-01 18:54 - 2019-06-01 18:54 - 000275232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-06-01 18:54 - 2019-06-01 18:54 - 000127136 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2019-06-01 18:54 - 2019-06-01 18:54 - 000117344 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2019-06-01 18:47 - 2019-06-01 18:49 - 000000000 ____D C:\AdwCleaner
2019-06-01 18:46 - 2019-06-01 18:46 - 007025360 _____ (Malwarebytes) C:\Users\ES1-512\Downloads\AdwCleaner.exe
2019-06-01 17:56 - 2019-06-01 17:56 - 000000000 ____D C:\Users\ES1-512\AppData\Local\mbam
2019-06-01 17:54 - 2019-06-01 17:54 - 000199768 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-06-01 17:54 - 2019-06-01 17:54 - 000000000 ____D C:\Users\ES1-512\AppData\Local\mbamtray
2019-06-01 17:53 - 2019-06-01 18:25 - 000002044 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-06-01 17:53 - 2019-06-01 17:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-06-01 17:53 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-06-01 17:52 - 2019-06-01 17:52 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-06-01 17:52 - 2019-06-01 17:52 - 000000000 ____D C:\Program Files\Malwarebytes
2019-06-01 17:50 - 2019-06-01 17:51 - 063182216 _____ (Malwarebytes ) C:\Users\ES1-512\Downloads\mb3-setup-43841.43841-3.7.1.2839-1.0.586-1.0.10430.exe
2019-06-01 13:27 - 2019-06-01 13:27 - 000002506 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-06-01 13:27 - 2019-06-01 13:27 - 000002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-06-01 13:27 - 2019-06-01 13:27 - 000002477 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-06-01 13:27 - 2019-06-01 13:27 - 000002472 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-06-01 13:27 - 2019-06-01 13:27 - 000002465 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy.lnk
2019-06-01 13:27 - 2019-06-01 13:27 - 000002433 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-06-01 13:27 - 2019-06-01 13:27 - 000002398 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-06-01 13:27 - 2019-06-01 13:27 - 000002394 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-06-01 13:27 - 2019-06-01 13:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2019-06-01 13:22 - 2019-06-01 13:23 - 000000000 ____D C:\rsit
2019-06-01 13:22 - 2019-06-01 13:23 - 000000000 ____D C:\Program Files\trend micro
2019-06-01 13:21 - 2019-06-01 13:22 - 001222144 _____ C:\Users\ES1-512\Downloads\RSITx64.exe
2019-06-01 12:51 - 2019-06-01 12:44 - 000363400 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-06-01 12:43 - 2019-06-01 22:28 - 000041162 _____ C:\Users\ES1-512\Downloads\FRST.txt
2019-06-01 12:42 - 2019-06-01 22:26 - 000000000 ____D C:\FRST
2019-06-01 12:39 - 2019-06-01 22:26 - 002433536 _____ (Farbar) C:\Users\ES1-512\Downloads\FRST64.exe
2019-05-16 17:26 - 2019-05-16 17:26 - 000294729 _____ C:\Users\ES1-512\Downloads\csob-potvrzeni-o-prijmu-cz-hypoteka.pdf

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-01 22:25 - 2015-12-05 00:33 - 000003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1958939149-1057758978-2051586712-1001
2019-06-01 22:24 - 2017-07-24 17:59 - 000000000 ____D C:\Users\ES1-512\AppData\Local\Akamai
2019-06-01 19:51 - 2017-07-10 16:32 - 000002248 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-01 19:51 - 2017-07-10 16:32 - 000002207 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-06-01 19:18 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp
2019-06-01 19:03 - 2017-11-05 11:22 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-06-01 18:59 - 2014-08-19 13:57 - 000734510 _____ C:\Windows\system32\perfh005.dat
2019-06-01 18:59 - 2014-08-19 13:57 - 000148820 _____ C:\Windows\system32\perfc005.dat
2019-06-01 18:59 - 2014-03-18 11:47 - 001739092 _____ C:\Windows\system32\PerfStringBackup.INI
2019-06-01 18:59 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2019-06-01 18:55 - 2017-07-24 18:50 - 000000000 ____D C:\ProgramData\boost_interprocess
2019-06-01 18:53 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-06-01 18:52 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2019-06-01 18:36 - 2017-11-05 11:22 - 000385880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-06-01 18:36 - 2015-12-05 00:26 - 000000000 ____D C:\Users\ES1-512\AppData\Local\SweetLabs App Platform
2019-06-01 18:34 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\ELAM
2019-06-01 13:32 - 2013-08-22 17:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-06-01 13:23 - 2014-08-19 14:29 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-06-01 12:46 - 2018-11-01 20:37 - 000042288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-06-01 12:46 - 2018-01-23 18:45 - 000279120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-06-01 12:46 - 2017-11-05 11:22 - 000477584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-06-01 12:46 - 2017-11-05 11:22 - 000225096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-06-01 12:46 - 2017-11-05 11:22 - 000167872 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-06-01 12:46 - 2017-11-05 11:22 - 000112312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-06-01 12:46 - 2017-11-05 11:22 - 000087944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-06-01 12:41 - 2019-01-18 18:14 - 000037104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-06-01 12:41 - 2017-11-17 20:15 - 000207448 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-06-01 12:41 - 2017-11-05 11:22 - 001030784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-06-01 12:38 - 2019-01-18 19:03 - 000262496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-06-01 12:38 - 2019-01-18 18:14 - 000205848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-06-01 12:38 - 2019-01-18 18:14 - 000061472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-05-26 21:36 - 2018-12-21 20:33 - 000002344 _____ C:\Users\ES1-512\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive pro firmy.lnk
2019-05-26 21:30 - 2017-08-14 16:34 - 004925440 ___SH C:\Users\ES1-512\Downloads\Thumbs.db
2019-05-16 17:18 - 2017-07-07 17:15 - 000000000 ____D C:\Users\ES1-512\AppData\Local\CrashDumps
2019-05-15 21:53 - 2017-07-27 16:12 - 000003170 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1958939149-1057758978-2051586712-1001
2019-05-15 20:56 - 2017-07-10 16:31 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-05-15 20:56 - 2017-07-10 16:31 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-03-16 22:40
==================== End of FRST.txt ============================

Re: Peosim o preventivní prohlídku

Napsal: 01 čer 2019 21:36
od Paris
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-06-2019
Ran by ES1-512 (01-06-2019 22:30:38)
Running from C:\Users\ES1-512\Downloads
Windows 8.1 Connected (Update) (X64) (2015-12-04 22:26:19)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1958939149-1057758978-2051586712-500 - Administrator - Disabled)
ES1-512 (S-1-5-21-1958939149-1057758978-2051586712-1001 - Administrator - Enabled) => C:\Users\ES1-512
Guest (S-1-5-21-1958939149-1057758978-2051586712-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1958939149-1057758978-2051586712-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus and Antispyware (Disabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: McAfee Anti-Virus and Antispyware (Disabled - Out of date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: McAfee Firewall (Disabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

A360 Desktop (HKLM\...\{B65CD59E-A771-4354-AA4B-C3E01B496BCD}) (Version: 8.2.3.1800 - Autodesk)
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.10.2002 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2001 - Acer Incorporated)
abMusic (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 3.01.2003.6 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 4.00.2001.1 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8107 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.12.2006 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8105 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.02.2003 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3004 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3004 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2005.0 - Acer Incorporated)
Adobe Reader XI (11.0.04) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.04 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-1958939149-1057758978-2051586712-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
Aloha TriPeaks (HKLM-x32\...\WTA-73b11b8a-24f1-4bc9-a41e-825e89e06856) (Version: 2.2.0.98 - WildTangent) Hidden
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.25.2001.0 - Acer Incorporated)
AutoCAD LT 2018 – Čeština (Czech) (HKLM\...\{28B89EEF-1009-0000-0102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
AutoCAD LT 2018 – Čeština (Czech) (HKLM\...\{28B89EEF-1009-0405-2102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
AutoCAD LT 2018 Language Pack – Čeština (Czech) (HKLM\...\{28B89EEF-1009-0405-1102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2018 (HKLM-x32\...\{177AD7F6-9C77-4E50-BA53-B7259C5F282D}) (Version: 16.11.1.0 - Autodesk)
Autodesk AutoCAD LT 2018 – Čeština (Czech) (HKLM\...\AutoCAD LT 2018 – Čeština (Czech)) (Version: 22.0.49.0 - Autodesk)
Autodesk License Service (x64) - 5.1.4 (HKLM\...\{3609A8D9-FC0C-4C9B-9F58-0B1D1A4FE556}) (Version: 5.1.4.0 - Autodesk)
Autodesk Material Library 2018 (HKLM-x32\...\{7847611E-92E9-4917-B395-71C91D523104}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2018 (HKLM-x32\...\{FCDED119-A969-4E48-8A32-D21AD6B03253}) (Version: 16.11.1.0 - Autodesk)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.5.2378 - AVAST Software)
Batch XLS TO XLSX Converter 2009 (HKLM-x32\...\{26918E50-6EDC-4A59-A31E-E9C1EF06F1BC}_is1) (Version: - Batchwork Software)
Bejeweled 2 Deluxe (HKLM-x32\...\WTA-7e82e265-1d8f-4811-b12b-30fe42d87afa) (Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.48 - Piriform)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3914.57 - CyberLink Corp.)
Farm to Fork Collector's Edition (HKLM-x32\...\WTA-0597da84-da32-409d-a99e-97cbdff3a242) (Version: 3.0.2.59 - WildTangent) Hidden
Game Explorer Categories - genres (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 11.0.0.7 - WildTangent, Inc.)
Game Explorer Categories - main (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 11.0.0.7 - WildTangent, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.169 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Governor of Poker 2 Premium Edition (HKLM-x32\...\WTA-f29d0dc3-3c1c-458b-abfa-4102edea62c9) (Version: 3.0.2.59 - WildTangent) Hidden
HappyFoto DESIGNER 5.6 (HKLM-x32\...\HappyFoto-Designer_is1) (Version: - )
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8101 - Acer Incorporated)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3574 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Jewel Match 3 (HKLM-x32\...\WTA-c04cf0da-5b9c-40aa-ac19-b040ffc27238) (Version: 3.0.2.59 - WildTangent) Hidden
King Oddball (HKLM-x32\...\WTA-9ee06ddd-2d89-466c-a93e-e980c9c706a8) (Version: 3.0.2.48 - WildTangent) Hidden
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated)
LUXOR Evolved (HKLM-x32\...\WTA-faa8b974-1d80-45b6-94e0-27451480575f) (Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (HKLM-x32\...\WTA-f1d014a4-7dce-40f4-818d-c30bd3377faf) (Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes verze 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 12.8.955 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.279 - McAfee, Inc.)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.11629.20196 - Microsoft Corporation)
Microsoft Office 365 Business - cs-cz (HKLM\...\O365BusinessRetail - cs-cz) (Version: 16.0.11629.20196 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1958939149-1057758978-2051586712-1001\...\OneDriveSetup.exe) (Version: 19.070.0410.0005 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11629.20196 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11629.20196 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11629.20196 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.11629.20196 - Microsoft Corporation) Hidden
OpenOffice 4.1.4 (HKLM-x32\...\{726F81BD-FECF-412D-917B-F237CD6C8FFE}) (Version: 4.14.9787 - Apache Software Foundation)
Peggle Nights (HKLM-x32\...\WTA-51ad853d-8397-4b8a-8af4-6d588096e611) (Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-b73fcb63-f87b-4beb-b944-027391be4e4e) (Version: 3.0.2.59 - WildTangent) Hidden
Počítačová aplikace Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.12.84 - Autodesk)
Polar Bowler 1st Frame (HKLM-x32\...\WTA-9dd65576-8c22-4a22-ac03-11223c493022) (Version: 3.0.2.59 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.322 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.33 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39059 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7288 - Realtek Semiconductor Corp.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
The Chronicles of Emerland Solitaire (HKLM-x32\...\WTA-11f8b423-ebeb-4896-bee6-af70f4bf5179) (Version: 3.0.2.51 - WildTangent) Hidden
Trinklit Supreme (HKLM-x32\...\WTA-7b27259f-ed57-412c-9d4f-f275cda3e3ef) (Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer) (Version: 4.0.11.13 - WildTangent) Hidden
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Zuma's Revenge (HKLM-x32\...\WTA-f44658a3-a4b5-45ee-be7a-b8b27a6b1f94) (Version: 2.2.0.97 - WildTangent) Hidden

Packages:
=========
- Games App - -> C:\Program Files\WindowsApps\WildTangentGames.-GamesApp-_1.0.3.28_x86__qt5r5pa5dyg8m [2017-07-07] (WildTangent Games)
AccuWeather for Windows 8 -> C:\Program Files\WindowsApps\AccuWeather.AccuWeatherforWindows8_4.1.0.31_x64__8zz2pj9h1h1d8 [2017-07-07] (AccuWeather)
Acer Explorer -> C:\Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4 [2017-07-07] (Acer Incorporated)
Booking.com Partner Edition -> C:\Program Files\WindowsApps\4AE8B7C2.Booking.comPartnerEdition_1.2.1.0_x64__6wqyppa9wfhnr [2015-12-05] (Booking.com B.V.)
eBay -> C:\Program Files\WindowsApps\eBayInc.eBay_1.6.0.34_neutral__1618n3s9xq8tw [2017-07-07] (eBay, Inc)
Evernote Touch -> C:\Program Files\WindowsApps\Evernote.Evernote_3.3.0.102_x86__q4d96b2w5wcc2 [2017-07-07] (Evernote)
Kindle -> C:\Program Files\WindowsApps\AMZNMobileLLC.KindleforWindows8_2.1.0.2_neutral__stfe6vwa9jnbp [2017-07-07] (AMZN Mobile LLC)
TuneIn Radio -> C:\Program Files\WindowsApps\TuneIn.TuneInRadio_1.1.0.0_neutral__6bhtb546zcxnj [2014-08-19] (TuneIn)
Zinio -> C:\Program Files\WindowsApps\ZinioLLC.Zinio_2.1.0.317_x64__0q6dqzpp40p2e [2014-08-19] (Zinio LLC)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1958939149-1057758978-2051586712-1001_Classes\CLSID\{74F5CC00-49A9-11CF-A2F9-444553540000}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD LT 2018\cs-CZ\acadltficn.dll (Autodesk Development Sarl -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1958939149-1057758978-2051586712-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1958939149-1057758978-2051586712-1001_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD LT 2018\acadlt.exe (Autodesk, Inc -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-06-01] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [ACloudSyncedRF] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudSyncedSF] -> {5D5F18B7-D59B-4B18-A3E9-0A4BDCCCB699} => -> No File
ShellIconOverlayIdentifiers: [ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2017-02-03] (Autodesk, Inc -> Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2017-02-03] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvAppExt.dll [2014-04-29] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-06-01] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\msc\mcctxmenufrmwrk.dll [2014-03-20] (McAfee, Inc. -> McAfee, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-06-01] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [ContextMenuShlExt] -> {08264889-8298-4B92-A6F2-6813E1BE356E} => -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2014-04-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\Windows\system32\igfxOSP.dll [2014-04-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-06-01] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\msc\mcctxmenufrmwrk.dll [2014-03-20] (McAfee, Inc. -> McAfee, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2014-04-29 11:38 - 2014-04-29 11:38 - 000011264 _____ () [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-04-29 11:35 - 2014-04-29 11:35 - 000086016 _____ () [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-07-02 05:08 - 2013-07-02 05:08 - 000733696 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
2014-04-29 11:42 - 2014-04-29 11:42 - 000012928 _____ (Qualcomm Atheros -> ) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2014-04-29 11:42 - 2014-04-29 11:42 - 000134784 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
2014-04-29 11:42 - 2014-04-29 11:42 - 000085632 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\GattI.dll
2014-04-29 11:42 - 2014-04-29 11:42 - 000126592 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\gatts.DLL
2014-04-29 11:42 - 2014-04-29 11:42 - 000083072 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Handsfree.dll
2014-04-29 11:43 - 2014-04-29 11:43 - 000034432 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ipc.dll
2014-04-29 11:43 - 2014-04-29 11:43 - 000063104 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ModuleManager.dll
2014-04-29 11:43 - 2014-04-29 11:43 - 001067648 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\OutlookLib.dll
2014-04-29 11:43 - 2014-04-29 11:43 - 000027264 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\TCPConnection.dll
2014-04-29 11:43 - 2014-04-29 11:43 - 000116352 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\utils.dll
2014-04-29 11:42 - 2014-04-29 11:42 - 000319104 _____ (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
2014-04-29 11:36 - 2014-04-29 11:36 - 000308224 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\LE\LE.dll
2014-04-29 11:37 - 2014-04-29 11:37 - 000210432 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Audio\audio.dll
2014-04-29 11:38 - 2014-04-29 11:38 - 000162304 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\BasicPrintProfile\BPP.dll
2014-04-29 11:38 - 2014-04-29 11:38 - 000177152 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\BIP\BIP.dll
2014-04-29 11:36 - 2014-04-29 11:36 - 000018432 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\DID\DId.dll
2014-04-29 11:35 - 2014-04-29 11:35 - 000035840 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\FAX\Fax.dll
2014-04-29 11:37 - 2014-04-29 11:37 - 000421888 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\FileTransfer\FileTransfer.dll
2014-04-29 11:38 - 2014-04-29 11:38 - 000096256 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\GapSdp\GapSdp.dll
2014-04-29 11:33 - 2014-04-29 11:33 - 000097792 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\goep\goep.dll
2014-04-29 11:35 - 2014-04-29 11:35 - 000029696 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\HCRP\Hcrp.dll
2014-04-29 11:36 - 2014-04-29 11:36 - 000142848 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\HealthDevice\HDP.dll
2014-04-29 11:38 - 2014-04-29 11:38 - 000091136 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\L2capLib\l2caplib.dll
2014-04-29 11:38 - 2014-04-29 11:38 - 000066048 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\OppOperation\OppOperation.dll
2014-04-29 11:37 - 2014-04-29 11:37 - 000067072 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\pbap\pbap.dll
2014-04-29 11:38 - 2014-04-29 11:38 - 000063488 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\RfcommLib\rfcommlib.dll
2014-04-29 11:37 - 2014-04-29 11:37 - 000097280 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\sap\sap.dll
2014-04-29 11:38 - 2014-04-29 11:38 - 000087552 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\SesMgr\sesmgr.dll
2014-04-29 11:37 - 2014-04-29 11:37 - 000055296 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\spp\spp.dll
2014-04-29 11:37 - 2014-04-29 11:37 - 000064512 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Sync\Sync.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-1958939149-1057758978-2051586712-1001\Software\Classes\.scr: AutoCADLTScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2019-06-01 13:23 - 000000828 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Acer\Remote Files\
HKU\S-1-5-21-1958939149-1057758978-2051586712-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\ES1-512\Pictures\kreta\DSC_0628.JPG
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{87584CF7-596E-4EF5-A84D-8CEE5947C43F}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{ECAB8682-DAFA-440D-A99C-4AC2F0452FE5}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{5BD4ECF2-9D3E-45A1-9303-DF8AA991B629}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{050EA426-C987-47A6-BB14-E3ABAF32CDB8}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8DF3A57C-1D4F-48B2-962B-819AF482C0E1}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CF31038F-F34D-48F2-824B-A3797762CB51}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B1453EB5-8146-4079-A4EB-0D4596CB7A32}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7DED19B4-1DAA-4381-B749-C86D8B94B9EF}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{D09CCEF0-31D6-4A2B-B91C-5892F8D1E4B4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{652552D8-01D9-45D2-9392-587334D2C38B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{43773EB8-7FC0-48D2-BDE8-79C60805D33B}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{A9F110D4-F9FC-48C5-9EB3-92E0EC83A2C7}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{3A50B073-B9CC-4D7E-963A-F7AF0C0692C5}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{F51C3296-8E99-42A0-B288-30939539C1AD}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{6CC3951C-2456-41A6-B502-036E91C9346D}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporated -> Acer Cloud Technology)
FirewallRules: [{3DA13430-E83C-47D4-8949-E7F7EC1A8AA4}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporated -> Acer Cloud Technology)
FirewallRules: [{C0A88104-AE03-477D-9673-2E1889924DB1}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{E2C7D152-9C38-477B-851C-F77EF2548264}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{731E078D-75A6-4D63-9CD8-1B0DF5D54BFA}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{1CBFB114-FBCC-4A89-B182-BBC246270A39}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{885B0B85-BA79-4C09-9008-44ABB8EDAD2A}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{6F633614-A6BC-4C68-8365-267426C5A7E0}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{FF036531-1A18-4CE8-AC24-83D51EBCCF66}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{915CEB3E-DEBE-4C3E-9026-71A94DD9825B}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{EDE394FF-D422-4C4E-B676-7AFF0A03CE89}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E64920EA-515C-490A-9EA2-CA137ABBF21C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{49F4B46E-17A2-46F7-A012-4C9D7F35EFD4}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{8524E6E9-C681-471A-BF7D-8C4344CB3DC5}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{1199D0E0-5114-4D09-86FC-3D9B6DEECB63}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{FFABBE2E-A289-4562-972C-2EB714F6698B}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{14F6C622-B9DF-4503-994C-63B9DF42449E}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{62D205B5-19A2-4EF7-A1EF-C14B06CAEC59}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{A45BEAF9-1B52-44E5-A1B3-0D03A96A7004}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BB3CB22E-9587-4F90-A57F-3518E7FF37F7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{27313983-F04E-4213-A55E-77C39CA8B5B5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E82F3B3D-8959-41D6-95A1-F24BDDAC8422}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{247BAFF1-9879-44F5-96B3-F6ACA08F5E97}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{60ED85AB-A831-407B-B914-3854689F53F5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

17-02-2019 18:25:51 Windows Update
09-03-2019 18:34:09 Windows Update
16-03-2019 17:01:54 Windows Update
21-03-2019 10:24:11 Windows Update
26-04-2019 20:05:06 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/01/2019 10:24:50 PM) (Source: MsiInstaller) (EventID: 11310) (User: Acer)
Description: Produkt: Akamai NetSession Interface - Chyba 1310 Při zápisu do souboru C:\Users\ES1-512\AppData\Local\Akamai\admintool.exe došlo k chybě. Systémová chyba 0. Přesvědčte se, zda máte přístup do adresáře.

Error: (06/01/2019 10:24:17 PM) (Source: MsiInstaller) (EventID: 11310) (User: Acer)
Description: Produkt: Akamai NetSession Interface - Chyba 1310 Při zápisu do souboru C:\Users\ES1-512\AppData\Local\Akamai\admintool.exe došlo k chybě. Systémová chyba 0. Přesvědčte se, zda máte přístup do adresáře.

Error: (06/01/2019 10:23:14 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8964328

Error: (06/01/2019 10:23:14 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8964328

Error: (06/01/2019 10:23:14 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/01/2019 07:53:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2531

Error: (06/01/2019 07:53:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2531

Error: (06/01/2019 07:53:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (06/01/2019 06:58:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba User Experience Improvement Program neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (06/01/2019 06:58:55 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby User Experience Improvement Program bylo dosaženo časového limitu (30000 ms).

Error: (06/01/2019 06:57:56 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {209500FC-6B45-4693-8871-6296C4843751} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/01/2019 06:55:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba aswbIDSAgent neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (06/01/2019 06:55:34 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby aswbIDSAgent bylo dosaženo časového limitu (30000 ms).

Error: (06/01/2019 06:51:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Adaptér výkonu rozhraní WMI neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.

Error: (06/01/2019 06:51:32 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba wmiApSrv se nemohla přihlásit jako NT AUTHORITY\SYSTEM s aktuálně konfigurovaným heslem z důvodu následující chyby:
Požadavek není podporován.


Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (06/01/2019 06:50:35 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Windows Update se po přijetí pokynu pro vypnutí neukončila správně.


Windows Defender:
===================================
Date: 2017-09-26 11:47:05.806
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x8007045b
Popis chyby: Probíhá vypnutí systému.
Důvod: V systému chybí aktualizace potřebné ke spuštění systému kontroly sítě. Nainstalujte potřebné aktualizace a restartujte počítač.

Date: 2017-09-21 18:17:04.853
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 117.12.0.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Systém kontroly sítě
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 2.1.13804.0
Kód chyby: 0x80070652
Popis chyby :Momentálně je spuštěna jiná instalace. Před spuštěním nové instalace nejdříve dokončete spuštěnou instalaci.

Date: 2017-09-21 18:16:54.030
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu:
Zdroj aktualizace: Uživatel
Typ podpisu:
Typ aktualizace:
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu:
Kód chyby: 0x80070652
Popis chyby :Momentálně je spuštěna jiná instalace. Před spuštěním nové instalace nejdříve dokončete spuštěnou instalaci.

Date: 2017-09-21 18:16:50.086
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu:
Zdroj aktualizace: Uživatel
Typ podpisu:
Typ aktualizace:
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu:
Kód chyby: 0x80070652
Popis chyby :Momentálně je spuštěna jiná instalace. Před spuštěním nové instalace nejdříve dokončete spuštěnou instalaci.

Date: 2017-09-21 18:16:36.405
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.251.1053.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.14104.0
Kód chyby: 0x80070652
Popis chyby :Momentálně je spuštěna jiná instalace. Před spuštěním nové instalace nejdříve dokončete spuštěnou instalaci.

CodeIntegrity:
===================================

Date: 2018-02-17 14:27:43.449
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-17 14:27:39.745
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-17 14:27:35.777
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-17 14:27:31.448
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-17 14:27:27.401
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-17 14:27:23.511
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-17 14:27:19.604
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-17 14:27:15.823
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: Insyde Corp. V1.04 07/30/2014
Motherboard: Acer Aspire ES1-512
Processor: Intel(R) Celeron(R) CPU N2840 @ 2.16GHz
Percentage of memory in use: 70%
Total physical RAM: 3977.98 MB
Available physical RAM: 1166.92 MB
Total Virtual: 5321.98 MB
Available Virtual: 2329.66 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:448.8 GB) (Free:350.02 GB) NTFS
Drive e: (CANON_DC) (Removable) (Total:3.68 GB) (Free:3.61 GB) FAT32

\\?\Volume{c5ab8641-2f82-4fc6-badb-11634b116320}\ (Recovery) (Fixed) (Total:0.59 GB) (Free:0.27 GB) NTFS
\\?\Volume{af170493-16a4-484f-b52f-aa97137e96ed}\ (Push Button Reset) (Fixed) (Total:15.96 GB) (Free:15.88 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (Protective MBR) (Size: 3.7 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

Re: Peosim o preventivní prohlídku

Napsal: 02 čer 2019 10:21
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
ShellIconOverlayIdentifiers: [ACloudSyncedSF] -> {5D5F18B7-D59B-4B18-A3E9-0A4BDCCCB699} => -> No File
ContextMenuHandlers3: [ContextMenuShlExt] -> {08264889-8298-4B92-A6F2-6813E1BE356E} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
HKU\S-1-5-21-1958939149-1057758978-2051586712-1001\...\Policies\Explorer: []
HKU\S-1-5-21-1958939149-1057758978-2051586712-1001\...\MountPoints2: {77a526ca-4724-11e8-8282-206a8adf8c20} - "E:\HiSuiteDownLoader.exe"
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {BFA28714-E496-4B04-8162-B60C8668D562} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-10] (Google Inc -> Google Inc.)
Task: {E489A70C-A4B0-4D19-A88D-AAB4AABB88C1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-10] (Google Inc -> Google Inc.)
SearchScopes: HKU\S-1-5-21-1958939149-1057758978-2051586712-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1958939149-1057758978-2051586712-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
C:\Users\ES1-512\AppData\Local\Akamai
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End
Uložte do C:\Users\ES1-512\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

V PC jsou dva antiviry (Avast a McAfee). Jeden z nich odinstalujte. Může docházet k sw. kolizi.

Re: Peosim o preventivní prohlídku

Napsal: 02 čer 2019 22:11
od Paris
Fix result of Farbar Recovery Scan Tool (x64) Version: 01-06-2019
Ran by ES1-512 (02-06-2019 23:01:19) Run:1
Running from C:\Users\ES1-512\Downloads
Loaded Profiles: ES1-512 & (Available Profiles: ES1-512)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
ShellIconOverlayIdentifiers: [ACloudSyncedSF] -> {5D5F18B7-D59B-4B18-A3E9-0A4BDCCCB699} => -> No File
ContextMenuHandlers3: [ContextMenuShlExt] -> {08264889-8298-4B92-A6F2-6813E1BE356E} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
HKU\S-1-5-21-1958939149-1057758978-2051586712-1001\...\Policies\Explorer: []
HKU\S-1-5-21-1958939149-1057758978-2051586712-1001\...\MountPoints2: {77a526ca-4724-11e8-8282-206a8adf8c20} - "E:\HiSuiteDownLoader.exe"
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {BFA28714-E496-4B04-8162-B60C8668D562} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-10] (Google Inc -> Google Inc.)
Task: {E489A70C-A4B0-4D19-A88D-AAB4AABB88C1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-10] (Google Inc -> Google Inc.)
SearchScopes: HKU\S-1-5-21-1958939149-1057758978-2051586712-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1958939149-1057758978-2051586712-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
C:\Users\ES1-512\AppData\Local\Akamai
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ACloudSyncedSF => removed successfully
HKLM\Software\Classes\CLSID\{5D5F18B7-D59B-4B18-A3E9-0A4BDCCCB699} => not found
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\ContextMenuShlExt => removed successfully
HKLM\Software\Classes\CLSID\{08264889-8298-4B92-A6F2-6813E1BE356E} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKU\S-1-5-21-1958939149-1057758978-2051586712-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\" => removed successfully
HKU\S-1-5-21-1958939149-1057758978-2051586712-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{77a526ca-4724-11e8-8282-206a8adf8c20} => removed successfully
HKLM\Software\Classes\CLSID\{77a526ca-4724-11e8-8282-206a8adf8c20} => not found
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BFA28714-E496-4B04-8162-B60C8668D562}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BFA28714-E496-4B04-8162-B60C8668D562}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E489A70C-A4B0-4D19-A88D-AAB4AABB88C1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E489A70C-A4B0-4D19-A88D-AAB4AABB88C1}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKU\S-1-5-21-1958939149-1057758978-2051586712-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-1958939149-1057758978-2051586712-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
C:\Users\ES1-512\AppData\Local\Akamai => moved successfully
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 50807769 B
Java, Flash, Steam htmlcache => 735 B
Windows/system/drivers => 275565831 B
Edge => 0 B
Chrome => 356077013 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 32694 B
NetworkService => 907032 B
ES1-512 => 348317492 B

RecycleBin => 0 B
EmptyTemp: => 991.9 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 23:03:41 ====

Re: Peosim o preventivní prohlídku

Napsal: 03 čer 2019 08:59
od Rudy
Smazáno, log by již měl být OK.

Re: Peosim o preventivní prohlídku

Napsal: 03 čer 2019 15:13
od Paris
Děkuji moc. Za pomoc

Re: Peosim o preventivní prohlídku

Napsal: 03 čer 2019 15:51
od Rudy
Nemáte zač! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz