Prosím o kontrolu logu - občasné zasekávání

[Pedroso]

Zdravím,
dostal se mi do rukou 2v1 staříček Acer IconiaTAB s Windows 7 Home Premium 32 bit, který dříve sloužil přítelkyni, nyní si na něm syn pouští youtube a pohádky.
Podařilo se mi stroj částečně vyčistit pomocí MalwareBytes, ale nedaří se mi na něm zprovoznit antivir (buď selže již instalace/první spuštění - modrá smrt, zásek - nebo při skenování havěti). Zkoušel jsem avast, eset free, původně tam byl symantec, ale již skončila platnost licence.
Zároveň bych se rád zeptal - s ohledem na omezený výkon stroje (CPU AMD C50 1GHz, 2GB RAM a 32GB SSD disk) - jaké security řešení pro tento stroj použít? Zajímavý se mi v tomto směru jevil eset online...

Předem děkuji

Petr

FRST (addition přiloženo jako soubor):

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-08-2019
Ran by Lucka (administrator) on LUCKA-PC (acer ICONIA Tab W500) (26-08-2019 12:34:54)
Running from C:\Users\Lucka\Desktop
Loaded Profiles: Lucka (Available Profiles: Lucka)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\HIDMon\HIDMON.exe
() [File not signed] C:\Program Files\USBKBTool\SnxUsbDockingKB2267Srv.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer VCM\AcerVCM.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer VCM\RS_Service.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Registration\GREGsvc.exe
(Acer Incorporated -> Acer) C:\Program Files\Acer\TouchApplicationSuite\Acer Ring\Acer Ring.exe
(Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\AdminService.exe
(Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\AthBtTray.exe
(Atheros Communications Inc. -> Atheros Communications) [File not signed] C:\Program Files\Bluetooth Suite\BtvStack.exe
(Atheros Communications Inc. -> Atheros) [File not signed] C:\Program Files\Bluetooth Suite\Ath_CoexAgent.exe
(CyberLink -> CyberLink Corp.) C:\Program Files\Acer\clear.fi\MVP\clear.fiAgent.exe
(Dritek System Inc. -> ) C:\Program Files\Acer\Device Control\ADevCtrl.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files\Acer\Auto Screen Rotation Blocker\AutoScreenRotationBlocker.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files\Acer\Device Control\AdWmiSvc.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files\Acer\Device Control\DeviceCtrlSvc.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files\Launch Manager\dsiwmis.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files\Launch Manager\LMworker.exe
(Google LLC -> Google LLC) C:\Users\Lucka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Lucka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Lucka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Lucka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Lucka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Lucka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Lucka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Lucka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Lucka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Lucka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google) C:\Users\Lucka\AppData\Local\Google\Chrome\User Data\SwReporter\40.200.201.3\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\Lucka\AppData\Local\Google\Chrome\User Data\SwReporter\40.200.201.3\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\Lucka\AppData\Local\Google\Chrome\User Data\SwReporter\40.200.201.3\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\Lucka\AppData\Local\Google\Chrome\User Data\SwReporter\40.200.201.3\software_reporter_tool.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Skype Software Sarl -> Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Skype Software Sarl -> Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-01-13] (Advanced Micro Devices, Inc.) [File not signed]
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10025576 2011-01-26] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [1530472 2011-01-18] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [ADevCtrl] => C:\Program Files\Acer\Device Control\ADevCtrl.exe [239696 2011-02-22] (Dritek System Inc. -> )
HKLM\...\Run: [AcerRingLauncher] => C:\Program Files\Acer\TouchApplicationSuite\Acer Ring\AcerRingLauncher.exe [15248 2011-03-05] (Acer Incorporated -> Acer)
HKLM\...\Run: [OOTag] => C:\Program Files\Acer\OOBEOffer\ootag.exe [13856 2010-02-23] (Acer Incorporated -> Microsoft)
HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [1070160 2011-02-11] (Dritek System Inc. -> Dritek System Inc.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files\Bluetooth Suite\BtvStack.exe [490656 2011-01-06] (Atheros Communications Inc. -> Atheros Communications) [File not signed]
HKLM\...\Run: [AthBtTray] => C:\Program Files\Bluetooth Suite\AthBtTray.exe [302240 2011-01-06] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [715368 2011-02-22] (Acer Incorporated -> Acer Incorporated)
HKLM\...\Run: [xLaunchHIDMon] => C:\Program Files\HIDMon\HIDMon.exe [114688 2011-02-11] () [File not signed]
HKLM\...\Run: [AutoScreenRotationBlocker] => C:\Program Files\Acer\Auto Screen Rotation Blocker\AutoScreenRotationBlocker.exe [114768 2011-02-21] (Dritek System Inc. -> Dritek System Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3473166551-1568802319-3614615059-1000\...\Run: [Google Update] => C:\Users\Lucka\AppData\Local\Google\Update\1.3.34.11\GoogleUpdateCore.exe [410920 2019-08-26] (Google Inc -> Google LLC)
HKU\S-1-5-21-3473166551-1568802319-3614615059-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [16509040 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk [2011-03-07]
ShortcutTarget: Acer VCM.lnk -> C:\Program Files\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated -> Acer Incorporated)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01D951A4-CDCB-4316-9897-7AC040111EA1} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} C:\Program Files\Windows Live\SOXE\wlsoxe.dll [179584 2010-09-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {1B495595-19CA-41E1-8D55-0A32CBEE08DB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3473166551-1568802319-3614615059-1000UA => C:\Users\Lucka\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-12-12] (Google Inc -> Google Inc.)
Task: {449DABD0-0B4B-4F66-A176-683D6C4D1C49} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-08-26] (Adobe Inc. -> Adobe)
Task: {4BC1E29C-BC24-43DE-BFAA-999A8C58F3F4} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files\Norton Identity Safe\Engine\2013.1.0.32\SymErr.exe
Task: {61DBA6B8-CBBE-48A5-9B95-870393A8A374} - System32\Tasks\clear.fi => C:\Program Files\Acer\clear.fi\MVP\clear.fi.exe [264760 2011-02-18] (CyberLink -> Acer Incorporated)
Task: {65306B7F-D2D1-4DD4-9FDB-7F492A962A50} - System32\Tasks\{2BE83876-D6BB-4B18-9677-FC4661CB933D} => "C:\Program Files\Internet Explorer\iexplore.exe" hxxp://www.skype.com/go/downloading?source=lig ... tError=404
Task: {70997E82-7302-4DB3-9955-D6536BBAEECE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {758DB2F2-4233-47CB-979D-E23AD634E34A} - System32\Tasks\clear.fiAgent => C:\Program Files\Acer\clear.fi\MVP\clear.fiAgent.exe [120104 2011-02-18] (CyberLink -> CyberLink Corp.)
Task: {956C09F6-E93A-4AE9-9AEA-9C38A1949362} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16509040 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A2A5D9F6-00A2-4409-9779-C17C7E59C831} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1693064 2019-08-26] (AVAST Software s.r.o. -> AVAST Software)
Task: {C4DBF60C-9F0A-4121-97D4-FFFD0F1FDAF5} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {E51E1EB0-6A3F-4F3B-A8AD-F7C9DDB46945} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files\Norton Identity Safe\Engine\2013.1.0.32\SymErr.exe
Task: {F3E7A35B-3092-4A87-8391-738AFBB60D12} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3473166551-1568802319-3614615059-1000Core => C:\Users\Lucka\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-12-12] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{3D27BA52-F3CF-49B2-9848-6789AE231AAE}: [DhcpNameServer] 8.8.8.8 8.8.4.4

Internet Explorer:
==================
HKU\S-1-5-21-3473166551-1568802319-3614615059-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://seznam.cz/
HKU\S-1-5-21-3473166551-1568802319-3614615059-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files\Bluetooth Suite\IEPlugIn.dll [2011-01-06] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2013-11-20] (Skype Technologies SA -> Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2013-11-20] (Skype Technologies SA -> Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-12-13] (VideoLAN) [File not signed]
FF Plugin: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [No File]
FF Plugin HKU\S-1-5-21-3473166551-1568802319-3614615059-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Lucka\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-08-26] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-3473166551-1568802319-3614615059-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Lucka\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-08-26] (Google Inc -> Google LLC)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.seznam.cz/?clid=12454
CHR NewTab: Default -> Not-active:"chrome-extension://epjncljanmdaajainajcdpfhepmgcjga/product.html"
CHR DefaultSearchURL: Default -> hxxps://search.seznam.cz/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> seznam.cz
CHR DefaultSuggestURL: Default -> hxxps://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Profile: C:\Users\Lucka\AppData\Local\Google\Chrome\User Data\Default [2019-08-26]
CHR Extension: (EasyPDFCombine) - C:\Users\Lucka\AppData\Local\Google\Chrome\User Data\Default\Extensions\epjncljanmdaajainajcdpfhepmgcjga [2019-08-26]
CHR Extension: (Skype) - C:\Users\Lucka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-12-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lucka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-12]
CHR Extension: (Chrome Media Router) - C:\Users\Lucka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-26]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-01-03]
StartMenuInternet: Google Chrome.JEOC5YKK6MOFWA5FHE5IMS2UEY - C:\Users\Lucka\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [176128 2011-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-01-06] (Atheros Communications Inc. -> Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files\Bluetooth Suite\adminservice.exe [56480 2011-01-06] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363616 2014-01-03] (Skype Software Sarl -> Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748640 2014-01-03] (Skype Software Sarl -> Microsoft Corporation)
R2 DsiDeviceControlService; C:\Program Files\Acer\Device Control\DeviceCtrlSvc.exe [66128 2011-02-22] (Dritek System Inc. -> Dritek System Inc.)
R2 ePowerSvc; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [739944 2011-02-22] (Acer Incorporated -> Acer Incorporated)
R2 GREGService; C:\Program Files\Acer\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated -> Acer Incorporated)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5394136 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 RS_Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated -> Acer Incorporated)
R2 SnxUsbDockingKB2267Srv; C:\Program Files\USBKBTool\SnxUsbDockingKB2267Srv.exe [86016 2011-02-04] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 acpials; C:\Windows\System32\DRIVERS\acpials.sys [7680 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [7566848 2011-01-12] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [238592 2011-01-12] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
S3 androidusb; C:\Windows\System32\Drivers\ssadadb.sys [30312 2011-05-13] (MCCI Internal Testing Software -> Google Inc)
R3 athr; C:\Windows\System32\DRIVERS\athr.sys [1884160 2010-11-09] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW73.sys [101392 2010-11-17] (ATI Technologies, Inc -> Advanced Micro Devices)
R3 AX88772B; C:\Windows\System32\DRIVERS\ax88772b.sys [81408 2010-12-31] (Microsoft Windows Hardware Compatibility Publisher -> ASIX Electronics Corp.)
R1 BST; C:\Windows\System32\DRIVERS\bma150.sys [15936 2011-01-10] (ROBERT BOSCH TAIWAN CO., LTD. -> Bosch Sensortec GmbH)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae.sys [128552 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
S3 HPFXBULK; C:\Windows\System32\drivers\hpfxbulk.sys [9344 2007-07-06] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett Packard)
S3 k750bus; C:\Windows\System32\DRIVERS\k750bus.sys [55216 2005-02-11] (Microsoft Windows Hardware Compatibility Publisher -> MCCI)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [173512 2019-08-26] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [190624 2019-08-26] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [64296 2019-08-26] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [241760 2019-08-26] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [86768 2019-08-26] (Malwarebytes Corporation -> Malwarebytes)
R3 usbfilter; C:\Windows\System32\DRIVERS\usbfilter.sys [35968 2010-11-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-26 12:34 - 2019-08-26 12:37 - 000022035 _____ C:\Users\Lucka\Desktop\FRST.txt
2019-08-26 12:34 - 2019-08-26 12:34 - 000000000 ____D C:\Users\Lucka\Desktop\FRST-OlderVersion
2019-08-26 12:33 - 2019-08-26 12:34 - 000000000 ____D C:\Users\Lucka\Desktop\FRST old
2019-08-26 11:25 - 2019-08-26 11:25 - 000064296 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2019-08-26 11:24 - 2019-08-26 11:24 - 000241760 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-08-26 11:24 - 2019-08-26 11:24 - 000190624 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2019-08-26 11:24 - 2019-08-26 11:24 - 000173512 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-08-26 11:24 - 2019-08-26 11:24 - 000086768 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2019-08-26 11:23 - 2019-08-26 11:23 - 000001988 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-08-26 11:23 - 2019-08-26 11:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-08-26 11:23 - 2019-01-08 16:32 - 000128552 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-26 12:34 - 2019-04-29 20:17 - 000000000 ____D C:\FRST
2019-08-26 12:34 - 2019-04-29 19:46 - 001448960 _____ (Farbar) C:\Users\Lucka\Desktop\FRST.exe
2019-08-26 12:29 - 2014-01-03 22:18 - 000000000 ____D C:\Users\Lucka\AppData\Local\Mobogenie
2019-08-26 12:18 - 2013-03-20 12:22 - 000000035 _____ C:\Users\Public\Documents\AtherosServiceConfig.ini
2019-08-26 11:34 - 2013-04-01 10:14 - 000002409 _____ C:\Users\Lucka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-08-26 11:34 - 2013-04-01 10:14 - 000002372 _____ C:\Users\Lucka\Desktop\Google Chrome.lnk
2019-08-26 11:20 - 2009-07-14 06:34 - 000009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-08-26 11:20 - 2009-07-14 06:34 - 000009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-08-26 11:19 - 2013-04-01 12:36 - 000842296 _____ (Adobe) C:\Windows\system32\FlashPlayerApp.exe
2019-08-26 11:19 - 2013-04-01 12:36 - 000175160 _____ (Adobe) C:\Windows\system32\FlashPlayerCPLApp.cpl
2019-08-26 11:19 - 2011-03-07 17:31 - 000000000 ____D C:\Windows\system32\Macromed
2019-08-26 11:14 - 2013-03-20 20:55 - 000668792 _____ C:\Windows\system32\perfh005.dat
2019-08-26 11:14 - 2013-03-20 20:55 - 000141420 _____ C:\Windows\system32\perfc005.dat
2019-08-26 11:14 - 2011-03-07 16:41 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2019-08-26 11:14 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\inf
2019-08-26 11:09 - 2019-04-28 23:00 - 000000000 ____D C:\ProgramData\AVAST Software
2019-08-26 11:09 - 2013-03-20 12:22 - 000000000 ____D C:\ProgramData\boost_interprocess
2019-08-26 11:09 - 2009-07-14 06:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-08-26 11:07 - 2019-05-01 16:01 - 000373722 _____ C:\Windows\ntbtlog.txt

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-04-28 21:46
==================== End of FRST.txt ============================

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[Pedroso]

Díky - co s preinstalled software (to, co tam naházel Acer od "výroby)"? Aby to neodbouchlo i nějaké věci spjaté s ovladači, nebo recovery session... Odstranit, nebo ponechat?

[Rudy]

Jste-li si jist, že jsou to regulérní položky, ponechte. Nainstalované ovladače to určitě neodstřeli.

[Pedroso]

Děkuji, níže log z Adw Cleaneru:

# -------------------------------
# Malwarebytes AdwCleaner 7.4.0.0
# -------------------------------
# Build: 07-23-2019
# Database: 2019-08-21.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 08-26-2019
# Duration: 00:00:05
# OS: Windows 7 Home Premium
# Cleaned: 10
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files\Seznam.cz
Deleted C:\Users\Lucka\AppData\Local\Mobogenie
Deleted C:\Users\Lucka\AppData\Local\genienext
Deleted C:\Users\Lucka\AppData\Roaming\Seznam.cz
Deleted C:\Users\Lucka\Documents\Mobogenie

***** [ Files ] *****

Deleted C:\Users\Lucka\daemonprocess.txt

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Seznam.cz
Deleted HKCU\Software\Softonic

***** [ Chromium (and derivatives) ] *****

Deleted EasyPDFCombine

***** [ Chromium URLs ] *****

Deleted Softonic EN

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2041 octets] - [26/08/2019 13:27:56]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

[Rudy]

OK. Dejte nové logy FRST+Addition.

[Pedroso]

Přikládám:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-08-2019
Ran by Lucka (administrator) on LUCKA-PC (acer ICONIA Tab W500) (26-08-2019 14:55:49)
Running from C:\Users\Lucka\Desktop
Loaded Profiles: Lucka (Available Profiles: Lucka)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\HIDMon\HIDMON.exe
() [File not signed] C:\Program Files\USBKBTool\SnxUsbDockingKB2267Srv.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer VCM\AcerVCM.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer VCM\RS_Service.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Registration\GREGsvc.exe
(Acer Incorporated -> Acer) C:\Program Files\Acer\TouchApplicationSuite\Acer Ring\Acer Ring.exe
(Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\AdminService.exe
(Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\AthBtTray.exe
(Atheros Communications Inc. -> Atheros Communications) [File not signed] C:\Program Files\Bluetooth Suite\BtvStack.exe
(Atheros Communications Inc. -> Atheros) [File not signed] C:\Program Files\Bluetooth Suite\Ath_CoexAgent.exe
(CyberLink -> CyberLink Corp.) C:\Program Files\Acer\clear.fi\MVP\clear.fiAgent.exe
(Dritek System Inc. -> ) C:\Program Files\Acer\Device Control\ADevCtrl.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files\Acer\Auto Screen Rotation Blocker\AutoScreenRotationBlocker.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files\Acer\Device Control\AdWmiSvc.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files\Acer\Device Control\DeviceCtrlSvc.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files\Launch Manager\dsiwmis.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files\Launch Manager\LMworker.exe
(Google LLC -> Google LLC) C:\Users\Lucka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Lucka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Lucka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Lucka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Lucka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Lucka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Lucka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Lucka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\Lucka\AppData\Local\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Skype Software Sarl -> Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Skype Software Sarl -> Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-01-13] (Advanced Micro Devices, Inc.) [File not signed]
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10025576 2011-01-26] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [1530472 2011-01-18] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [ADevCtrl] => C:\Program Files\Acer\Device Control\ADevCtrl.exe [239696 2011-02-22] (Dritek System Inc. -> )
HKLM\...\Run: [AcerRingLauncher] => C:\Program Files\Acer\TouchApplicationSuite\Acer Ring\AcerRingLauncher.exe [15248 2011-03-05] (Acer Incorporated -> Acer)
HKLM\...\Run: [OOTag] => C:\Program Files\Acer\OOBEOffer\ootag.exe [13856 2010-02-23] (Acer Incorporated -> Microsoft)
HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [1070160 2011-02-11] (Dritek System Inc. -> Dritek System Inc.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files\Bluetooth Suite\BtvStack.exe [490656 2011-01-06] (Atheros Communications Inc. -> Atheros Communications) [File not signed]
HKLM\...\Run: [AthBtTray] => C:\Program Files\Bluetooth Suite\AthBtTray.exe [302240 2011-01-06] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [715368 2011-02-22] (Acer Incorporated -> Acer Incorporated)
HKLM\...\Run: [xLaunchHIDMon] => C:\Program Files\HIDMon\HIDMon.exe [114688 2011-02-11] () [File not signed]
HKLM\...\Run: [AutoScreenRotationBlocker] => C:\Program Files\Acer\Auto Screen Rotation Blocker\AutoScreenRotationBlocker.exe [114768 2011-02-21] (Dritek System Inc. -> Dritek System Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3473166551-1568802319-3614615059-1000\...\Run: [Google Update] => C:\Users\Lucka\AppData\Local\Google\Update\1.3.34.11\GoogleUpdateCore.exe [410920 2019-08-26] (Google Inc -> Google LLC)
HKU\S-1-5-21-3473166551-1568802319-3614615059-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [16509040 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk [2011-03-07]
ShortcutTarget: Acer VCM.lnk -> C:\Program Files\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated -> Acer Incorporated)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01D951A4-CDCB-4316-9897-7AC040111EA1} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} C:\Program Files\Windows Live\SOXE\wlsoxe.dll [179584 2010-09-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {1B495595-19CA-41E1-8D55-0A32CBEE08DB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3473166551-1568802319-3614615059-1000UA => C:\Users\Lucka\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-12-12] (Google Inc -> Google Inc.)
Task: {449DABD0-0B4B-4F66-A176-683D6C4D1C49} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-08-26] (Adobe Inc. -> Adobe)
Task: {4BC1E29C-BC24-43DE-BFAA-999A8C58F3F4} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files\Norton Identity Safe\Engine\2013.1.0.32\SymErr.exe
Task: {61DBA6B8-CBBE-48A5-9B95-870393A8A374} - System32\Tasks\clear.fi => C:\Program Files\Acer\clear.fi\MVP\clear.fi.exe [264760 2011-02-18] (CyberLink -> Acer Incorporated)
Task: {65306B7F-D2D1-4DD4-9FDB-7F492A962A50} - System32\Tasks\{2BE83876-D6BB-4B18-9677-FC4661CB933D} => "C:\Program Files\Internet Explorer\iexplore.exe" hxxp://www.skype.com/go/downloading?source=lig ... tError=404
Task: {70997E82-7302-4DB3-9955-D6536BBAEECE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {758DB2F2-4233-47CB-979D-E23AD634E34A} - System32\Tasks\clear.fiAgent => C:\Program Files\Acer\clear.fi\MVP\clear.fiAgent.exe [120104 2011-02-18] (CyberLink -> CyberLink Corp.)
Task: {956C09F6-E93A-4AE9-9AEA-9C38A1949362} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16509040 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A2A5D9F6-00A2-4409-9779-C17C7E59C831} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1693064 2019-08-26] (AVAST Software s.r.o. -> AVAST Software)
Task: {C4DBF60C-9F0A-4121-97D4-FFFD0F1FDAF5} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {E51E1EB0-6A3F-4F3B-A8AD-F7C9DDB46945} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files\Norton Identity Safe\Engine\2013.1.0.32\SymErr.exe
Task: {F3E7A35B-3092-4A87-8391-738AFBB60D12} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3473166551-1568802319-3614615059-1000Core => C:\Users\Lucka\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-12-12] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{3D27BA52-F3CF-49B2-9848-6789AE231AAE}: [DhcpNameServer] 8.8.8.8 8.8.4.4

Internet Explorer:
==================
HKU\S-1-5-21-3473166551-1568802319-3614615059-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://seznam.cz/
HKU\S-1-5-21-3473166551-1568802319-3614615059-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files\Bluetooth Suite\IEPlugIn.dll [2011-01-06] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2013-11-20] (Skype Technologies SA -> Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2013-11-20] (Skype Technologies SA -> Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [No File]
FF Plugin HKU\S-1-5-21-3473166551-1568802319-3614615059-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Lucka\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-08-26] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-3473166551-1568802319-3614615059-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Lucka\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-08-26] (Google Inc -> Google LLC)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.seznam.cz/?clid=12454
CHR DefaultSearchURL: Default -> hxxps://search.seznam.cz/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> seznam.cz
CHR DefaultSuggestURL: Default -> hxxps://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Profile: C:\Users\Lucka\AppData\Local\Google\Chrome\User Data\Default [2019-08-26]
CHR Extension: (No Name) - C:\Users\Lucka\AppData\Local\Google\Chrome\User Data\Default\Extensions\epjncljanmdaajainajcdpfhepmgcjga [2019-08-26]
CHR Extension: (Skype) - C:\Users\Lucka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-12-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lucka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-12]
CHR Extension: (Chrome Media Router) - C:\Users\Lucka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-26]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-01-03]
StartMenuInternet: Google Chrome.JEOC5YKK6MOFWA5FHE5IMS2UEY - C:\Users\Lucka\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [176128 2011-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-01-06] (Atheros Communications Inc. -> Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files\Bluetooth Suite\adminservice.exe [56480 2011-01-06] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363616 2014-01-03] (Skype Software Sarl -> Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748640 2014-01-03] (Skype Software Sarl -> Microsoft Corporation)
R2 DsiDeviceControlService; C:\Program Files\Acer\Device Control\DeviceCtrlSvc.exe [66128 2011-02-22] (Dritek System Inc. -> Dritek System Inc.)
R2 ePowerSvc; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [739944 2011-02-22] (Acer Incorporated -> Acer Incorporated)
R2 GREGService; C:\Program Files\Acer\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated -> Acer Incorporated)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5394136 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 RS_Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated -> Acer Incorporated)
R2 SnxUsbDockingKB2267Srv; C:\Program Files\USBKBTool\SnxUsbDockingKB2267Srv.exe [86016 2011-02-04] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 acpials; C:\Windows\System32\DRIVERS\acpials.sys [7680 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [7566848 2011-01-12] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [238592 2011-01-12] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
S3 androidusb; C:\Windows\System32\Drivers\ssadadb.sys [30312 2011-05-13] (MCCI Internal Testing Software -> Google Inc)
R3 athr; C:\Windows\System32\DRIVERS\athr.sys [1884160 2010-11-09] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW73.sys [101392 2010-11-17] (ATI Technologies, Inc -> Advanced Micro Devices)
R3 AX88772B; C:\Windows\System32\DRIVERS\ax88772b.sys [81408 2010-12-31] (Microsoft Windows Hardware Compatibility Publisher -> ASIX Electronics Corp.)
R1 BST; C:\Windows\System32\DRIVERS\bma150.sys [15936 2011-01-10] (ROBERT BOSCH TAIWAN CO., LTD. -> Bosch Sensortec GmbH)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae.sys [128552 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
S3 HPFXBULK; C:\Windows\System32\drivers\hpfxbulk.sys [9344 2007-07-06] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett Packard)
S3 k750bus; C:\Windows\System32\DRIVERS\k750bus.sys [55216 2005-02-11] (Microsoft Windows Hardware Compatibility Publisher -> MCCI)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [173512 2019-08-26] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [190624 2019-08-26] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [64296 2019-08-26] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [241760 2019-08-26] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [86768 2019-08-26] (Malwarebytes Corporation -> Malwarebytes)
R3 usbfilter; C:\Windows\System32\DRIVERS\usbfilter.sys [35968 2010-11-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-26 14:08 - 2019-08-26 14:08 - 000064296 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2019-08-26 14:07 - 2019-08-26 14:07 - 000241760 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-08-26 14:07 - 2019-08-26 14:07 - 000190624 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2019-08-26 14:07 - 2019-08-26 14:07 - 000086768 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2019-08-26 13:26 - 2019-08-26 14:05 - 000000000 ____D C:\AdwCleaner
2019-08-26 13:25 - 2019-08-26 13:25 - 007623880 _____ (Malwarebytes) C:\Users\Lucka\Desktop\adwcleaner_7.4.exe
2019-08-26 13:09 - 2019-08-26 13:10 - 040772008 _____ C:\Users\Lucka\Downloads\vlc-3.0.8-win32.exe
2019-08-26 13:03 - 2019-08-26 13:03 - 000007571 _____ C:\Users\Lucka\Desktop\Addition.rar
2019-08-26 12:38 - 2019-08-26 12:42 - 000027520 _____ C:\Users\Lucka\Desktop\Addition.txt
2019-08-26 12:34 - 2019-08-26 14:57 - 000021436 _____ C:\Users\Lucka\Desktop\FRST.txt
2019-08-26 12:34 - 2019-08-26 12:34 - 000000000 ____D C:\Users\Lucka\Desktop\FRST-OlderVersion
2019-08-26 12:33 - 2019-08-26 12:34 - 000000000 ____D C:\Users\Lucka\Desktop\FRST old
2019-08-26 11:24 - 2019-08-26 11:24 - 000173512 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-08-26 11:23 - 2019-08-26 11:23 - 000001988 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-08-26 11:23 - 2019-08-26 11:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-08-26 11:23 - 2019-01-08 16:32 - 000128552 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-26 14:55 - 2019-04-29 20:17 - 000000000 ____D C:\FRST
2019-08-26 14:15 - 2009-07-14 06:34 - 000009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-08-26 14:15 - 2009-07-14 06:34 - 000009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-08-26 14:12 - 2013-03-20 20:55 - 000668792 _____ C:\Windows\system32\perfh005.dat
2019-08-26 14:12 - 2013-03-20 20:55 - 000141420 _____ C:\Windows\system32\perfc005.dat
2019-08-26 14:12 - 2011-03-07 16:41 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2019-08-26 14:12 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\inf
2019-08-26 14:07 - 2013-03-20 12:22 - 000000035 _____ C:\Users\Public\Documents\AtherosServiceConfig.ini
2019-08-26 14:07 - 2013-03-20 12:22 - 000000000 ____D C:\ProgramData\boost_interprocess
2019-08-26 14:06 - 2009-07-14 06:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-08-26 14:05 - 2013-03-20 13:10 - 000000000 ____D C:\Users\Lucka
2019-08-26 13:20 - 2013-04-12 17:40 - 000000000 ____D C:\Users\Lucka\AppData\Roaming\vlc
2019-08-26 13:19 - 2013-04-12 17:40 - 000000992 _____ C:\Users\Public\Desktop\VLC media player.lnk
2019-08-26 13:19 - 2013-04-12 17:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2019-08-26 12:34 - 2019-04-29 19:46 - 001448960 _____ (Farbar) C:\Users\Lucka\Desktop\FRST.exe
2019-08-26 11:34 - 2013-04-01 10:14 - 000002409 _____ C:\Users\Lucka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-08-26 11:34 - 2013-04-01 10:14 - 000002372 _____ C:\Users\Lucka\Desktop\Google Chrome.lnk
2019-08-26 11:19 - 2013-04-01 12:36 - 000842296 _____ (Adobe) C:\Windows\system32\FlashPlayerApp.exe
2019-08-26 11:19 - 2013-04-01 12:36 - 000175160 _____ (Adobe) C:\Windows\system32\FlashPlayerCPLApp.cpl
2019-08-26 11:19 - 2011-03-07 17:31 - 000000000 ____D C:\Windows\system32\Macromed
2019-08-26 11:09 - 2019-04-28 23:00 - 000000000 ____D C:\ProgramData\AVAST Software
2019-08-26 11:07 - 2019-05-01 16:01 - 000373722 _____ C:\Windows\ntbtlog.txt

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-08-26 13:58
==================== End of FRST.txt ============================




Additional scan result of Farbar Recovery Scan Tool (x86) Version: 25-08-2019
Ran by Lucka (26-08-2019 14:58:48)
Running from C:\Users\Lucka\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2013-03-20 11:10:48)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3473166551-1568802319-3614615059-500 - Administrator - Disabled)
Guest (S-1-5-21-3473166551-1568802319-3614615059-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3473166551-1568802319-3614615059-1002 - Limited - Enabled)
Lucka (S-1-5-21-3473166551-1568802319-3614615059-1000 - Administrator - Enabled) => C:\Users\Lucka

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acer Auto Screen Rotation Blocker (HKLM\...\AutoScreenRotationBlocker) (Version: 1.02.1103 - Acer Inc.)
Acer Crystal Eye Webcam (HKLM\...\{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.1.1421 - CyberLink Corp.) Hidden
Acer Crystal Eye Webcam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.1.1421 - CyberLink Corp.)
Acer Device Control (HKLM\...\ADevCtrl) (Version: 1.01.3002 - Acer Inc.)
Acer ePower Management (HKLM\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3006 - Acer Incorporated)
Acer Registration (HKLM\...\Acer Registration) (Version: 1.03.3004 - Acer Incorporated)
Acer ScreenSaver (HKLM\...\Acer Screensaver) (Version: 1.1.0217.2011 - Acer Incorporated)
Acer Touch Application Suite (HKLM\...\{1C572D82-7E38-4A13-932A-D651AA95E1E9}) (Version: 1.00.3002 - Acer Incorporated)
Acer VCM (HKLM\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3100 - Acer Incorporated)
Adobe Flash Player 32 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 32.0.0.238 - Adobe)
Adobe Reader 9.1 - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
ATI Catalyst Install Manager (HKLM\...\{93DED073-01CE-E238-919E-2ADF059ACE30}) (Version: 3.0.812.0 - ATI Technologies, Inc.)
AX88772B Windows 7 Drivers (HKLM\...\{54A168C9-2250-4058-80EB-1F4A4192548A}) (Version: 1.0.1.1 - ASIX Electronics Corporation) Hidden
AX88772B Windows 7 Drivers (HKLM\...\InstallShield_{54A168C9-2250-4058-80EB-1F4A4192548A}) (Version: 1.0.1.1 - ASIX Electronics Corporation)
Bluetooth Win7 Suite (HKLM\...\{101A497C-7EF6-4001-834D-E5FA1C70FEFA}) (Version: 7.02.000.55 - Atheros Communications)
ccc-core-static (HKLM\...\{342B9C98-5BEE-399B-7263-BC9C4E38A882}) (Version: 2011.0112.2151.39168 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.56 - Piriform)
clear.fi (HKLM\...\{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.1418.20 - CyberLink Corp.) Hidden
clear.fi (HKLM\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.1418.20 - CyberLink Corp.)
clear.fi Client (HKLM\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.01.3001 - Acer Incorporated)
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Google Chrome (HKU\S-1-5-21-3473166551-1568802319-3614615059-1000\...\Google Chrome) (Version: 76.0.3809.100 - Google LLC)
HIDMon (HKLM\...\{7166D240-F1EE-4044-B0F3-F6AB1AF8AE72}) (Version: 1.4.0.0211 - eGalax_eMPIA Technology Inc.)
Junk Mail filter update (HKLM\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM\...\LManager) (Version: 5.1.2 - Acer Inc.)
Malwarebytes verze 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Mesh Runtime (HKLM\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM\...\{2C303EE0-A595-3543-A71A-931C7AC40EDE}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Touch Pack for Windows 7 (HKLM\...\{8FF90DB8-6DED-44A3-B182-244FEC09012F}) (Version: 1.0.40517.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.0 (HKLM\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6302 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30126 - Realtek Semiconductor Corp.)
Skype Click to Call (HKLM\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.0.14735.1561 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
USBKBTool 1.0.3.6 (HKLM\...\USBKBTool) (Version: 1.0.3.6 - )
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Welcome Center (HKLM\...\Acer Welcome Center) (Version: 1.02.3201 - Acer Incorporated)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinZip 17.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240D6}) (Version: 17.0.10283 - WinZip Computing, S.L. )
WMV9/VC-1 Video Playback (HKLM\...\{9ECA28E4-29DD-3F55-DA48-678E164A2144}) (Version: 1.0.60112.2202 - ATI Technologies Inc.) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Lucka\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\Lucka\AppData\Local\Google\Update\1.3.21.135\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Lucka\AppData\Local\Google\Update\1.3.33.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Lucka\AppData\Local\Google\Update\1.3.34.11\GoogleUpdateOnDemand.exe (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Lucka\AppData\Local\Google\Update\1.3.34.11\GoogleUpdateOnDemand.exe (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{3560575F-7C2D-48AE-AB45-DAD430A95EBE}\InprocServer32 -> C:\Program Files\WinZip\adxloader.dll () [File not signed]
CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> "C:\Users\Lucka\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateOnDemand.exe" => No File
CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\Lucka\AppData\Local\Google\Update\1.3.34.7\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\Lucka\AppData\Local\Google\Update\1.3.21.145\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\Lucka\AppData\Local\Google\Update\1.3.21.153\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\Lucka\AppData\Local\Google\Update\1.3.34.11\psuser.dll (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Lucka\AppData\Local\Google\Update\1.3.33.7\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\Lucka\AppData\Local\Google\Update\1.3.21.149\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{9BF19355-5579-46CB-B61D-2F5CD4887BE3}\InprocServer32 -> C:\Users\Lucka\AppData\Local\Google\Update\1.3.33.15\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\localserver32 -> C:\Users\Lucka\AppData\Local\Google\Chrome\Application\76.0.3809.100\notification_helper.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Lucka\AppData\Local\Google\Update\1.3.22.3\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\Lucka\AppData\Local\Google\Update\1.3.21.165\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Lucka\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Lucka\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Lucka\AppData\Local\Google\Update\1.3.29.1\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Lucka\AppData\Local\Google\Update\1.3.34.11\GoogleUpdateOnDemand.exe (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Lucka\AppData\Local\Google\Update\1.3.34.11\psuser.dll (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\Lucka\AppData\Local\Google\Update\1.3.33.17\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\Lucka\AppData\Local\Google\Update\1.3.22.5\psuser.dll => No File
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files\Bluetooth Suite\BtvAppExt.dll [2011-01-06] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
ContextMenuHandlers1: [MRAICQCMenu] -> {7C9E7B90-88EC-4852-AC7A-C938268A5D04} => C:\Users\Lucka\AppData\Roaming\ICQM\ICQ\dll\mramenu.dll [2013-04-02] (I C Q LTD -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshlstb.dll [2012-10-12] (WinZip Computing -> WinZip Computing, S.L.)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files\Bluetooth Suite\ShellContextExt.dll [2011-01-06] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshlstb.dll [2012-10-12] (WinZip Computing -> WinZip Computing, S.L.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll [2011-01-13] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshlstb.dll [2012-10-12] (WinZip Computing -> WinZip Computing, S.L.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2013-11-05 20:16 - 2012-06-09 20:20 - 000167936 _____ (Alexander Roshal) [File not signed] C:\Program Files\WinRAR\rarext.dll
2011-01-06 21:04 - 2011-01-06 21:04 - 000064672 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\AthCopyHook.dll
2011-01-06 21:04 - 2011-01-06 21:04 - 000033440 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\BPP.DLL
2011-01-06 21:04 - 2011-01-06 21:04 - 000037024 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\BTBIP.DLL
2011-01-06 21:04 - 2011-01-06 21:04 - 000040096 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\BtFileStore.dll
2011-01-06 21:04 - 2011-01-06 21:04 - 000036000 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\BtFileStoreOpp.dll
2011-01-06 21:04 - 2011-01-06 21:04 - 000158880 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\BtObexFt.dll
2011-01-06 21:04 - 2011-01-06 21:04 - 000158880 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\BTOBEXOP.dll
2011-01-06 21:04 - 2011-01-06 21:04 - 000154784 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\BtvAppExt.dll
2011-01-06 21:05 - 2011-01-06 21:05 - 000072864 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\goep.dll
2011-01-06 21:05 - 2011-01-06 21:05 - 000076960 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\GOEP_bpp.DLL
2011-01-06 21:05 - 2011-01-06 21:05 - 000072864 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\GOEP_SINGLE.DLL
2011-01-06 21:05 - 2011-01-06 21:05 - 000076960 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\Handsfree.dll
2011-01-06 21:05 - 2011-01-06 21:05 - 000101536 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\L2capLib.dll
2011-01-06 21:06 - 2011-01-06 21:06 - 000879776 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\OutLookLib.dll
2011-01-06 21:06 - 2011-01-06 21:06 - 000072864 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\RfcommLib.dll
2011-01-06 21:06 - 2011-01-06 21:06 - 000244384 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\ShellContextExt.dll
2011-01-06 21:06 - 2011-01-06 21:06 - 000068768 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\Sync.dll
2013-03-20 12:44 - 2011-02-10 05:37 - 003272704 _____ (EETI) [File not signed] C:\Program Files\HIDMon\HIDdAPI.dll
2013-04-01 10:08 - 2013-04-01 10:08 - 000097280 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.DLL
2013-04-01 10:08 - 2013-04-01 10:08 - 001101824 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80.DLL
2013-04-01 10:08 - 2013-04-01 10:08 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2009-06-10 23:39 - 000000824 ____N C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Windows Live\Shared
HKU\S-1-5-21-3473166551-1568802319-3614615059-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Lucka\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{DE72139B-0FCF-42A3-8E96-849A7B2A04E9}] => (Allow) C:\Program Files\Acer\Acer VCM\VC.exe (Acer Incorporated -> Acer Incoporated)
FirewallRules: [{23B684B8-7C85-41E8-9C1C-3237396F43E6}] => (Allow) C:\Program Files\Acer\Acer VCM\RS_Service.exe (Acer Incorporated -> Acer Incorporated)
FirewallRules: [{B34D157E-F077-4963-9229-0999249A8EC4}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{38295701-8E93-4BDE-AF42-7ED9A9B7FF77}] => (Allow) LPort=2869
FirewallRules: [{FA29A139-1E8C-4438-8AB6-797C2D6A499D}] => (Allow) LPort=1900
FirewallRules: [{EEA8CE5C-92D5-43CB-B5E9-4CD2E07E4E75}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe No File
FirewallRules: [{4B8C1E57-B0F5-408F-9999-7350CB6C3693}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8F539D74-F283-45E9-9A34-219A13256B16}] => (Allow) C:\Program Files\Acer\clear.fi\MVP\clear.fi.exe (CyberLink -> Acer Incorporated)
FirewallRules: [{DE6D3CF6-7231-4BDE-AD44-A1C9C08829FE}] => (Allow) C:\Program Files\Acer\clear.fi\MVP\clear.fiAgent.exe (CyberLink -> CyberLink Corp.)
FirewallRules: [{7BC72948-BA3D-42C3-BD05-0548D590DC35}] => (Allow) C:\Program Files\Acer\clear.fi\MVP\Kernel\CLML\CLMLSvc.exe (CyberLink -> CyberLink Corp.)
FirewallRules: [{11F7A058-B1B3-4801-A2D8-4D30B8FA2427}] => (Allow) C:\Program Files\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe (CyberLink -> CyberLink)
FirewallRules: [{24097719-7EB2-44A2-AAC8-C8395C740D7E}] => (Allow) C:\Program Files\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe (CyberLink -> CyberLink)
FirewallRules: [{912AD1F7-20E5-4DA4-947B-42038A6A9516}] => (Block) C:\Program Files\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe (CyberLink -> CyberLink)
FirewallRules: [{12AB7EC1-4013-40EC-B6AB-CD6E065D6B31}] => (Allow) C:\Users\Lucka\AppData\Roaming\ICQM\icq.exe (I C Q LTD -> ICQ) [File not signed]
FirewallRules: [{FF67B17A-D4FF-4467-80DE-BD6ABEB81ED9}] => (Allow) C:\Users\Lucka\AppData\Roaming\ICQM\icq.exe (I C Q LTD -> ICQ) [File not signed]
FirewallRules: [{26FBF972-67B0-4270-A9CC-60B64F2F3207}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{A79731C9-246D-409C-A01E-90682AFFAAF4}C:\users\lucka\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\lucka\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{4F24A54E-1A6D-40FA-ABC7-4B82E8A5F2A0}C:\users\lucka\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\lucka\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{A0ECC5B2-CA5D-4A68-9384-21D23E06C3BA}C:\users\lucka\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\lucka\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{3B932524-073E-4535-8017-FF4D3EA56DBA}C:\users\lucka\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\lucka\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Could not start eventlog service, could not read events.


Spou�t�n� slu�by Protokol ud�lost� syst�mu Windows.
Slu�bu Protokol ud�lost� syst�mu Windows nelze spustit.

Do�lo k chyb� syst�mu.

Do�lo k syst�mov� chyb� 23.

Chyba dat (cyklick� redundantn� kontrola).



==================== Memory info ===========================

BIOS: Insyde Corp. EAB00V1.05 02/24/2011
Motherboard: acer WT1
Processor: AMD C-50 Processor
Percentage of memory in use: 92%
Total physical RAM: 1641.9 MB
Available physical RAM: 131.24 MB
Total Virtual: 2301.9 MB
Available Virtual: 184.51 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:29.72 GB) (Free:6.27 GB) NTFS
Drive d: () (Removable) (Total:15.43 GB) (Free:0 GB) NTFS

\\?\Volume{feeacab5-9144-11e2-9ba7-806e6f6e6963}\ (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 29.8 GB) (Disk ID: 4DF04E7C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=29.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Protective MBR) (Size: 15.4 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {1B495595-19CA-41E1-8D55-0A32CBEE08DB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3473166551-1568802319-3614615059-1000UA => C:\Users\Lucka\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-12-12] (Google Inc -> Google Inc.)
Task: {F3E7A35B-3092-4A87-8391-738AFBB60D12} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3473166551-1568802319-3614615059-1000Core => C:\Users\Lucka\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-12-12] (Google Inc -> Google Inc.)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [No File]
CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\Lucka\AppData\Local\Google\Update\1.3.21.135\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Lucka\AppData\Local\Google\Update\1.3.33.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> "C:\Users\Lucka\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateOnDemand.exe" => No File
CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\Lucka\AppData\Local\Google\Update\1.3.34.7\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\Lucka\AppData\Local\Google\Update\1.3.21.145\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\Lucka\AppData\Local\Google\Update\1.3.21.153\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Lucka\AppData\Local\Google\Update\1.3.33.7\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\Lucka\AppData\Local\Google\Update\1.3.21.149\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{9BF19355-5579-46CB-B61D-2F5CD4887BE3}\InprocServer32 -> C:\Users\Lucka\AppData\Local\Google\Update\1.3.33.15\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Lucka\AppData\Local\Google\Update\1.3.22.3\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\Lucka\AppData\Local\Google\Update\1.3.21.165\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Lucka\AppData\Local\Google\Update\1.3.29.1\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\Lucka\AppData\Local\Google\Update\1.3.33.17\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\Lucka\AppData\Local\Google\Update\1.3.22.5\psuser.dll => No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[Pedroso]

Níže log:

Fix result of Farbar Recovery Scan Tool (x86) Version: 25-08-2019
Ran by Lucka (26-08-2019 18:04:45) Run:1
Running from C:\Users\Lucka\Desktop
Loaded Profiles: Lucka (Available Profiles: Lucka)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {1B495595-19CA-41E1-8D55-0A32CBEE08DB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3473166551-1568802319-3614615059-1000UA => C:\Users\Lucka\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-12-12] (Google Inc -> Google Inc.)
Task: {F3E7A35B-3092-4A87-8391-738AFBB60D12} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3473166551-1568802319-3614615059-1000Core => C:\Users\Lucka\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-12-12] (Google Inc -> Google Inc.)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [No File]
CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\Lucka\AppData\Local\Google\Update\1.3.21.135\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Lucka\AppData\Local\Google\Update\1.3.33.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> "C:\Users\Lucka\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateOnDemand.exe" => No File
CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\Lucka\AppData\Local\Google\Update\1.3.34.7\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\Lucka\AppData\Local\Google\Update\1.3.21.145\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\Lucka\AppData\Local\Google\Update\1.3.21.153\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Lucka\AppData\Local\Google\Update\1.3.33.7\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\Lucka\AppData\Local\Google\Update\1.3.21.149\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{9BF19355-5579-46CB-B61D-2F5CD4887BE3}\InprocServer32 -> C:\Users\Lucka\AppData\Local\Google\Update\1.3.33.15\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Lucka\AppData\Local\Google\Update\1.3.22.3\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\Lucka\AppData\Local\Google\Update\1.3.21.165\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Lucka\AppData\Local\Google\Update\1.3.29.1\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\Lucka\AppData\Local\Google\Update\1.3.33.17\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\Lucka\AppData\Local\Google\Update\1.3.22.5\psuser.dll => No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1B495595-19CA-41E1-8D55-0A32CBEE08DB}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1B495595-19CA-41E1-8D55-0A32CBEE08DB}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3473166551-1568802319-3614615059-1000UA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-3473166551-1568802319-3614615059-1000UA" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F3E7A35B-3092-4A87-8391-738AFBB60D12}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3E7A35B-3092-4A87-8391-738AFBB60D12}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3473166551-1568802319-3614615059-1000Core => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-3473166551-1568802319-3614615059-1000Core" => removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully.
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
"HKU\S-1-5-21-3473166551-1568802319-3614615059-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully.
HKU\S-1-5-21-3473166551-1568802319-3614615059-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully.
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKLM\Software\Classes\PROTOCOLS\Handler\livecall => removed successfully.
HKLM\Software\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F} => removed successfully.
HKLM\Software\Classes\PROTOCOLS\Handler\msnim => removed successfully.
HKLM\Software\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F} => not found
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully.
HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0 => removed successfully.
HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344} => removed successfully.
HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4} => removed successfully.
HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119} => removed successfully.
HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9} => removed successfully.
HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892} => removed successfully.
HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5} => removed successfully.
HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8} => removed successfully.
HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008} => removed successfully.
HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{9BF19355-5579-46CB-B61D-2F5CD4887BE3} => removed successfully.
HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61} => removed successfully.
HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB} => removed successfully.
HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2} => removed successfully.
HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4} => removed successfully.
HKU\S-1-5-21-3473166551-1568802319-3614615059-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93} => removed successfully.
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully.
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully.
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13019138 B
Java, Flash, Steam htmlcache => 613 B
Windows/system/drivers => 4821033 B
Edge => 0 B
Chrome => 15934744 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 44020072 B
LocalService => 132244 B
NetworkService => 66228 B
Lucka => 24143773 B

RecycleBin => 0 B
EmptyTemp: => 97.4 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:06:02 ====

[Rudy]

OK. Nastala nějaká změna?

[Pedroso]

Moc děkuju! Za dnešní den žádný zásek a řekl bych, že subjektivně je rychlejší:) Záseky hned po startu asi způsoboval avast (v nouzovém režimu jsem ho odebral). Rád bych se (i když to nepatří do tohoto vlákna) zeptal, jaký security software na tomto stroji použít (forewall/antivir), aby byla nějaká základní ochrana, která by příliš nečerpala systémové zdroje, kterých není na rozdávání:) Přemýšlel jsem o eset online, nebo avastu (který ale z nějakých důvodů zasekával systém) ale nechám si poradit.

[Rudy]

FW postačí systémový, pokud jste home user. Z antivirů bych doporučil buď Avast (po přeinstalaci se bude možná chovat jinak), nebo Eset. Avast je podle nás to nejlepší v segmentu free antivirů. Eset je ale placený, odebírá však minimum syst. prostředků.

[Pedroso]

Super, ještě jednou moc děkuji za radu a za pomoc! Zítra zašlu opět po čase příspěvek na fórum:)

[Rudy]

Za příspěvek děkujeme a vy nemáte zač!