Oprava PC u rodicu - vypis z FRST

Zpráva

rjesa · #1 Příspěvek od **rjesa** » 28 srp 2018 17:13

Zdravim,

prosim o kontrolu, jestli je vse v poradku.

Log z FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23.08.2018
Ran by Helán (administrator) on HELÁN-PC (28-08-2018 18:03:57)
Running from C:\Users\Helán\Desktop
Loaded Profiles: Helán (Available Profiles: Helán)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
() C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
() C:\ProgramData\DatacardService\HWDeviceService.exe
(Motive Communications, Inc.) C:\Program Files\Common Files\Motive\McciCMService.exe
(Egis Technology Inc.) C:\Program Files\EgisTec\MyWinLocker 3\x86\MWLService.exe
(NewTech Infosystems, Inc.) C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
() C:\ProgramData\O2 Internet\OnlineUpdate\ouc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(AVAST Software) C:\Program Files\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CyberLink Corp.) C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(NewTech Infosystems, Inc.) C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(CyberLink) C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
(Egis Technology Inc.) C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe
(Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
(Egis Technology Inc.) C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
(Acer Corp.) C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
() C:\Windows\PLFSetI.exe
(Motive Communications, Inc.) C:\Program Files\TO2SSM\McciTrayApp.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1410344 2008-12-05] (Synaptics, Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7600672 2009-07-06] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-07-06] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [494112 2009-08-26] (Acer Incorporated)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated)
HKLM\...\Run: [ArcadeDeluxeAgent] => C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [156968 2009-01-21] (CyberLink Corp.)
HKLM\...\Run: [BackupManagerTray] => C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [249600 2009-04-11] (NewTech Infosystems, Inc.)
HKLM\...\Run: [CLMLServer] => C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe [202024 2009-01-21] (CyberLink)
HKLM\...\Run: [EgisTecLiveUpdate] => C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe [199464 2009-05-13] (Egis Technology Inc.)
HKLM\...\Run: [Google Desktop Search] => C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-07-15] (Google)
HKLM\...\Run: [mwlDaemon] => C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [345384 2009-05-15] (Egis Technology Inc.)
HKLM\...\Run: [PlayMovie] => C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe [173288 2008-12-26] (Acer Corp.)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2008-07-29] ()
HKLM\...\Run: [TO2SSM_McciTrayApp] => C:\Program Files\TO2SSM\McciTrayApp.exe [1473536 2008-08-15] (Motive Communications, Inc.)
HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [1194504 2009-08-27] (Dritek System Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-08-26] (AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3097154473-1048039703-3437092397-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [144384 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-3097154473-1048039703-3437092397-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2010-01-22] (Google Inc.)
HKU\S-1-5-21-3097154473-1048039703-3437092397-1000\...\Run: [EPSON BX300F Series] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEJE.EXE [188928 2008-01-22] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3097154473-1048039703-3437092397-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [12762872 2018-04-24] (Piriform Ltd)
HKU\S-1-5-21-3097154473-1048039703-3437092397-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [27832264 2017-10-06] (Skype Technologies S.A.)
HKU\S-1-5-21-3097154473-1048039703-3437092397-1000\...\MountPoints2: E - E:\AutoRun.exe
HKU\S-1-5-21-3097154473-1048039703-3437092397-1000\...\MountPoints2: {2c8e84c5-587e-11e0-825d-001f16bfe6c4} - E:\AutoRun.exe
HKU\S-1-5-21-3097154473-1048039703-3437092397-1000\...\MountPoints2: {2c8e84e2-587e-11e0-825d-001f16bfe6c4} - E:\AutoRun.exe
HKU\S-1-5-21-3097154473-1048039703-3437092397-1000\...\MountPoints2: {4e8873fa-fa2b-11e4-ba35-001f16bfe6c4} - E:\AutoRun.exe
HKU\S-1-5-21-3097154473-1048039703-3437092397-1000\...\MountPoints2: {4e887427-fa2b-11e4-ba35-001f16bfe6c4} - E:\AutoRun.exe
HKU\S-1-5-21-3097154473-1048039703-3437092397-1000\...\MountPoints2: {d7517e1e-00b9-11e5-b971-001f16bfe6c4} - E:\AutoRun.exe
HKU\S-1-5-21-3097154473-1048039703-3437092397-1000\Control Panel\Desktop\\SCRNSAVE.EXE ->
AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GO36F4~1.DLL => C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [123392 2010-07-15] (Google)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2010-01-22]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Helán\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2011-05-12]
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Helán\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2014-09-26]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{8A4E9B3F-BC43-440A-843A-1A0BA5F611B6}: [NameServer] 194.228.211.33 160.218.161.60
Tcpip\..\Interfaces\{A4A0B211-3D85-41A8-9D79-038718E6B156}: [NameServer] 160.218.161.60 194.228.211.33
Tcpip\..\Interfaces\{C50B5E64-FEB9-43A5-8D7F-A5168348F856}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{CD47B29E-750F-4194-A69D-20D0B83F6A46}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-3097154473-1048039703-3437092397-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&s=2&o=vp32&d=0110&m=aspire_5738
HKU\S-1-5-21-3097154473-1048039703-3437092397-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://global.acer.com
HKU\S-1-5-21-3097154473-1048039703-3437092397-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&s=2&o=vp32&d=0110&m=aspire_5738
SearchScopes: HKLM -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACAW
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACAW
SearchScopes: HKU\S-1-5-21-3097154473-1048039703-3437092397-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACAW
SearchScopes: HKU\S-1-5-21-3097154473-1048039703-3437092397-1000 -> {70D46D94-BF1E-45ED-B567-48701376298E} URL = hxxp://127.0.0.1:4664/search&s=0hppKisuhGQ4bC1mit_S6k8z4js?q={searchTerms}
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems Incorporated)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-08-26] (AVAST Software)
BHO: Pomocník pro přihlášení ke službě Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18] (Microsoft Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-25] (Google Inc.)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-25] (Google Inc.)
Toolbar: HKU\S-1-5-21-3097154473-1048039703-3437092397-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-25] (Google Inc.)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-09] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-08-04] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_30_0_0_154.dll [2018-08-14] ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/WLPG,version=14.0.8051.1204 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2008-12-04] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-20] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-20] (Google Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Helán\AppData\Local\Google\Chrome\User Data\Default [2018-08-28]
CHR Extension: (Prezentace) - C:\Users\Helán\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Helán\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Helán\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\Helán\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Vyhledávání Google) - C:\Users\Helán\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-12]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Helán\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-08-26]
CHR Extension: (Tabulky) - C:\Users\Helán\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Helán\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-26]
CHR Extension: (Avast Online Security) - C:\Users\Helán\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-04-19]
CHR Extension: (Tlačítko Uložit) - C:\Users\Helán\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2018-07-24]
CHR Extension: (Skype) - C:\Users\Helán\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-12-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Helán\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-07]
CHR Extension: (Gmail) - C:\Users\Helán\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\Helán\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-06]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6341888 2018-08-26] (AVAST Software)
S2 avast; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-12] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-08-26] (AVAST Software)
S3 avastm; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-12] (AVAST Software)
R2 CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [75048 2008-12-18] ()
R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [690720 2009-08-26] (Acer Incorporated)
S3 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-07-15] (Google)
R2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [276048 2014-01-15] ()
R2 McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [303104 2007-10-15] (Motive Communications, Inc.) [File not signed]
R2 MWLService; C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-05-15] (Egis Technology Inc.)
R2 NTI IScheduleSvc; C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [61184 2009-04-11] (NewTech Infosystems, Inc.)
R2 NTISchedulerSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [144632 2008-09-23] (NewTech Infosystems, Inc.)
S2 O2 Internet. RunOuc; C:\Program Files\O2 Internet\UpdateDog\ouc.exe [651856 2013-10-26] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [167552 2018-07-17] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriverx.sys [188352 2018-07-17] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidshx.sys [164944 2018-07-17] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblogx.sys [284328 2018-07-17] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbunivx.sys [57976 2018-07-17] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [189240 2018-07-17] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [42808 2018-07-17] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [133680 2018-07-17] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [101056 2018-07-17] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [71848 2018-07-17] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [784120 2018-07-17] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [394928 2018-08-26] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [162704 2018-07-17] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [310784 2018-07-17] (AVAST Software)
S3 Huawei; C:\Windows\System32\DRIVERS\ewdcsc.sys [25856 2010-10-08] (Huawei Tech. Co., Ltd.)
S3 hwusb_cdcacm; C:\Windows\System32\DRIVERS\ew_cdcacm.sys [111872 2014-07-25] (Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\Windows\System32\DRIVERS\ew_wwanecm.sys [319872 2014-09-30] (Huawei Technologies Co., Ltd.)
S3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [21248 2008-03-29] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [20096 2008-03-29] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
R1 mwlPSDFilter; C:\Windows\System32\DRIVERS\mwlPSDFilter.sys [19504 2008-12-04] (Egis Incorporated.)
R1 mwlPSDNServ; C:\Windows\System32\DRIVERS\mwlPSDNServ.sys [16432 2008-12-04] (Egis Incorporated.)
R1 mwlPSDVDisk; C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys [59952 2008-12-04] (Egis Incorporated.)
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-28 18:03 - 2018-08-28 18:04 - 000022144 _____ C:\Users\Helán\Desktop\FRST.txt
2018-08-28 17:56 - 2018-08-28 18:03 - 000000000 ____D C:\FRST
2018-08-28 17:55 - 2018-08-28 17:55 - 001773568 _____ (Farbar) C:\Users\Helán\Desktop\FRST.exe
2018-08-26 19:11 - 2018-08-03 17:39 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2018-08-26 19:11 - 2018-08-02 04:45 - 004054192 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2018-08-26 19:11 - 2018-08-02 04:45 - 003959984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-08-26 19:11 - 2018-08-02 04:45 - 000189616 _____ (Microsoft Corporation) C:\Windows\system32\halmacpi.dll
2018-08-26 19:11 - 2018-08-02 04:45 - 000189616 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-08-26 19:11 - 2018-08-02 04:45 - 000136368 _____ (Microsoft Corporation) C:\Windows\system32\halacpi.dll
2018-08-26 19:11 - 2018-08-02 04:44 - 000137904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-08-26 19:11 - 2018-08-02 04:44 - 000067248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-08-26 19:11 - 2018-08-02 04:43 - 001310464 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-08-26 19:11 - 2018-08-02 04:41 - 001063424 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-08-26 19:11 - 2018-08-02 04:41 - 000655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-08-26 19:11 - 2018-08-02 04:41 - 000554496 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-08-26 19:11 - 2018-08-02 04:41 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-08-26 19:11 - 2018-08-02 04:41 - 000261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-08-26 19:11 - 2018-08-02 04:41 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-08-26 19:11 - 2018-08-02 04:41 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-08-26 19:11 - 2018-08-02 04:41 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-08-26 19:11 - 2018-08-02 04:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-08-26 19:11 - 2018-08-02 04:41 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-08-26 19:11 - 2018-08-02 04:41 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-08-26 19:11 - 2018-08-02 04:41 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-08-26 19:11 - 2018-08-02 04:41 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-08-26 19:11 - 2018-08-02 04:41 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-08-26 19:11 - 2018-08-02 04:41 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-08-26 19:11 - 2018-08-02 04:41 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-08-26 19:11 - 2018-08-02 04:40 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-08-26 19:11 - 2018-08-02 04:40 - 000644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-08-26 19:11 - 2018-08-02 04:40 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-08-26 19:11 - 2018-08-02 04:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-08-26 19:11 - 2018-08-02 04:40 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-08-26 19:11 - 2018-08-02 04:40 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-08-26 19:11 - 2018-08-02 04:40 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-08-26 19:11 - 2018-08-02 04:16 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-08-26 19:11 - 2018-08-02 04:16 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-08-26 19:11 - 2018-08-02 04:16 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-08-26 19:11 - 2018-08-02 04:16 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-08-26 19:11 - 2018-08-02 04:16 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-08-26 19:11 - 2018-08-02 04:14 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-08-26 19:11 - 2018-08-02 04:13 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-08-26 19:11 - 2018-08-02 04:11 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-08-26 19:11 - 2018-08-02 04:11 - 000124928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-08-26 19:11 - 2018-08-02 04:11 - 000098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-08-26 19:11 - 2018-08-02 04:10 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-08-26 19:11 - 2018-08-02 04:10 - 000055296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2018-08-26 19:11 - 2018-08-02 04:10 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2018-08-26 19:11 - 2018-08-02 04:10 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\viac7.sys
2018-08-26 19:11 - 2018-08-02 04:10 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2018-08-26 19:11 - 2018-08-02 04:10 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2018-08-26 19:11 - 2018-08-02 04:10 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-08-26 19:11 - 2018-08-02 04:10 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-08-26 19:11 - 2018-08-02 04:10 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-08-26 19:11 - 2018-07-20 00:58 - 000350272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-08-26 19:11 - 2018-07-19 06:22 - 020286464 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-08-26 19:11 - 2018-07-19 06:16 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-08-26 19:11 - 2018-07-19 06:16 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-08-26 19:11 - 2018-07-19 06:05 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-08-26 19:11 - 2018-07-19 06:04 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-08-26 19:11 - 2018-07-19 06:04 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-08-26 19:11 - 2018-07-19 06:04 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-08-26 19:11 - 2018-07-19 06:03 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-08-26 19:11 - 2018-07-19 06:01 - 002295808 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-08-26 19:11 - 2018-07-19 05:58 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-08-26 19:11 - 2018-07-19 05:57 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-08-26 19:11 - 2018-07-19 05:56 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-08-26 19:11 - 2018-07-19 05:55 - 000662016 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-08-26 19:11 - 2018-07-19 05:55 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-08-26 19:11 - 2018-07-19 05:55 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-08-26 19:11 - 2018-07-19 05:54 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-08-26 19:11 - 2018-07-19 05:49 - 000668160 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-08-26 19:11 - 2018-07-19 05:46 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-08-26 19:11 - 2018-07-19 05:42 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-08-26 19:11 - 2018-07-19 05:41 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-08-26 19:11 - 2018-07-19 05:41 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-08-26 19:11 - 2018-07-19 05:39 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-08-26 19:11 - 2018-07-19 05:38 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-08-26 19:11 - 2018-07-19 05:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-08-26 19:11 - 2018-07-19 05:35 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-08-26 19:11 - 2018-07-19 05:32 - 004494848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-08-26 19:11 - 2018-07-19 05:30 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-08-26 19:11 - 2018-07-19 05:28 - 013679616 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-08-26 19:11 - 2018-07-19 05:28 - 002059776 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-08-26 19:11 - 2018-07-19 05:28 - 000696320 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-08-26 19:11 - 2018-07-19 05:28 - 000692224 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-08-26 19:11 - 2018-07-19 05:27 - 001155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-08-26 19:11 - 2018-07-19 05:09 - 004037632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-08-26 19:11 - 2018-07-19 05:06 - 001329152 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-08-26 19:11 - 2018-07-19 05:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-08-26 19:11 - 2018-07-13 21:07 - 001309888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-08-26 19:11 - 2018-07-13 21:06 - 000240832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2018-08-26 19:11 - 2018-07-13 21:06 - 000187584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2018-08-26 19:11 - 2018-07-08 17:47 - 000309440 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-08-26 19:11 - 2018-07-08 17:42 - 000111616 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-08-26 19:11 - 2018-07-08 17:41 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-08-26 19:11 - 2018-07-08 17:41 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-08-26 19:11 - 2018-07-08 17:41 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-08-26 19:11 - 2018-07-08 17:13 - 000034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-08-26 19:11 - 2018-07-07 17:19 - 002404352 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-08-26 19:11 - 2018-07-06 17:54 - 000713408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2018-08-26 19:11 - 2018-07-06 17:48 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2018-08-26 19:11 - 2018-07-06 17:48 - 000004608 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2018-08-26 19:11 - 2018-06-29 17:40 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll
2018-08-26 19:11 - 2018-06-29 17:09 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll
2018-08-26 19:11 - 2018-06-27 17:50 - 000105152 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2018-08-26 19:11 - 2018-06-27 17:43 - 000363520 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2018-08-26 19:11 - 2018-06-27 17:42 - 002366464 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-08-26 19:11 - 2018-06-27 17:42 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2018-08-26 19:11 - 2018-06-27 17:42 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2018-08-26 19:11 - 2018-06-27 17:41 - 001806848 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-08-26 19:11 - 2018-06-27 17:41 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2018-08-26 19:11 - 2018-06-27 17:16 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2018-08-26 19:11 - 2018-06-21 05:09 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-08-26 18:47 - 2018-07-17 17:13 - 000321752 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-08-14 20:10 - 2018-08-14 20:10 - 006154144 _____ C:\Users\Helán\Downloads\pech.mp4
2018-08-14 19:58 - 2018-08-14 19:58 - 001782050 _____ C:\Users\Helán\Downloads\13115243_616220885200355_1482951324_n.mp4
2018-08-14 19:55 - 2018-08-14 19:55 - 004148128 _____ C:\Users\Helán\Downloads\VID-20180130-WA0000.mp4
2018-08-14 15:00 - 2018-08-14 15:00 - 006314496 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2018-08-06 16:33 - 2018-08-06 16:33 - 008330634 _____ C:\Users\Helán\Downloads\Hot dog11.mp4

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-28 17:59 - 2010-08-04 12:18 - 000019344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-08-28 17:59 - 2010-08-04 12:18 - 000019344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-08-28 13:25 - 2010-12-25 00:33 - 000000000 ____D C:\Users\Helán\AppData\Roaming\Skype
2018-08-27 10:20 - 2018-04-12 10:15 - 000002379 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-08-27 10:20 - 2018-04-12 10:15 - 000002336 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2018-08-27 08:08 - 2018-04-12 10:11 - 000000000 ____D C:\Users\Helán\AppData\Local\AVAST Software
2018-08-27 04:13 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\rescache
2018-08-27 03:42 - 2010-08-04 12:53 - 001584626 _____ C:\Windows\system32\PerfStringBackup.INI
2018-08-27 03:42 - 2009-07-14 10:44 - 000669132 _____ C:\Windows\system32\perfh005.dat
2018-08-27 03:42 - 2009-07-14 10:44 - 000141760 _____ C:\Windows\system32\perfc005.dat
2018-08-27 03:42 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\inf
2018-08-27 03:36 - 2009-07-14 06:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-08-27 03:35 - 2009-07-14 06:33 - 000360944 _____ C:\Windows\system32\FNTCACHE.DAT
2018-08-27 03:15 - 2013-07-12 20:33 - 000000000 ____D C:\Windows\system32\MRT
2018-08-27 03:09 - 2010-12-24 17:39 - 134276632 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-08-26 18:50 - 2015-06-17 09:22 - 000002007 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2018-08-26 18:50 - 2011-11-08 14:07 - 000394928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-08-26 18:41 - 2010-08-04 12:18 - 000000000 ____D C:\Users\Helán
2018-08-26 18:38 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\system32\NDF
2018-08-26 18:38 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\system
2018-08-26 18:38 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\servicing
2018-08-26 18:37 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\registration
2018-08-26 18:37 - 2009-07-14 04:37 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-08-14 15:00 - 2013-05-18 11:08 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2018-08-14 15:00 - 2011-11-08 14:04 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2018-08-14 15:00 - 2009-02-11 22:17 - 000000000 ____D C:\Windows\system32\Macromed
2018-08-13 15:15 - 2014-10-07 18:02 - 000002174 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-08-13 15:15 - 2014-10-07 18:02 - 000002133 _____ C:\Users\Public\Desktop\Google Chrome.lnk

==================== Files in the root of some directories =======

2013-03-23 19:39 - 2015-11-09 12:46 - 000005632 _____ () C:\Users\Helán\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Some files in TEMP:
====================
2018-06-19 08:50 - 2007-11-29 11:13 - 000540672 _____ (Motive Communications, Inc.) C:\Users\Helán\AppData\Local\Temp\IHU494F.tmp.exe
2018-08-27 08:06 - 2007-11-29 11:13 - 000540672 _____ (Motive Communications, Inc.) C:\Users\Helán\AppData\Local\Temp\IHU4F3D.tmp.exe
2018-08-26 18:43 - 2007-11-29 11:13 - 000540672 _____ (Motive Communications, Inc.) C:\Users\Helán\AppData\Local\Temp\IHUCDB.tmp.exe
2018-07-16 14:04 - 2007-11-29 11:13 - 000540672 _____ (Motive Communications, Inc.) C:\Users\Helán\AppData\Local\Temp\IHUFD22.tmp.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-08-26 19:37

==================== End of FRST.txt ============================

Log z Addition:

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 23.08.2018
Ran by Helán (28-08-2018 18:04:46)
Running from C:\Users\Helán\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2010-08-04 11:04:52)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3097154473-1048039703-3437092397-500 - Administrator - Disabled)
Guest (S-1-5-21-3097154473-1048039703-3437092397-501 - Limited - Disabled)
Helán (S-1-5-21-3097154473-1048039703-3437092397-1000 - Administrator - Enabled) => C:\Users\Helán

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM\...\uTorrent) (Version: 2.2.1 - )
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{90120000-001F-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3C3813E1-C370-4F32-9639-8B43C7C780CD}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{3EC77D26-799B-4CD8-914F-C1565E796173}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{90120000-001F-041B-0000-0000000FF1CE}_HOMESTUDENTR_{F67648A4-713E-4298-BBAD-A83D8283B0F3}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{90120000-006E-0405-0000-0000000FF1CE}_HOMESTUDENTR_{2659571A-3405-4486-B7D8-2F125BC0E3B2}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{90120000-00A1-0405-0000-0000000FF1CE}_HOMESTUDENTR_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}) (Version: - Microsoft)
ABBYY FineReader 6.0 Sprint (HKLM\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1395.4512 - ABBYY Software House)
Acer Arcade Deluxe (HKLM\...\{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 2.5.6121 - CyberLink Corp.) Hidden
Acer Arcade Deluxe (HKLM\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 2.5.6121 - CyberLink Corp.)
Acer Backup Manager (HKLM\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 1.0.0.58 - NewTech Infosystems)
Acer Crystal Eye Webcam (HKLM\...\{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}) (Version: 5.0.7.1 - Suyin Optronics Corp)
Acer GridVista (HKLM\...\GridVista) (Version: 2.72.317 - )
Acer PowerSmart Manager (HKLM\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.06.3005 - Acer Incorporated)
Acer Product Registration (HKLM\...\{DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}) (Version: 3.0.0.10 - Acer Incorporated)
Acer ScreenSaver (HKLM\...\Acer Screensaver) (Version: 1.0.0.0226 - Acer)
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.0.12.36 - Adobe Systems Incorporated)
Adobe Flash Player 30 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 30.0.0.154 - Adobe Systems Incorporated)
Adobe Reader 9 - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-A90000000001}) (Version: 9.0.0 - Adobe Systems Incorporated)
Asistent pro přihlášení ke službě Windows Live (HKLM\...\{1E779810-ACCA-4483-BC76-12DFE055B452}) (Version: 5.000.817.1 - Microsoft Corporation)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 18.5.2342 - AVAST Software)
Avast Secure Browser (HKLM\...\Avast Secure Browser) (Version: 68.0.746.59 - AVAST Software)
Backup Manager Basic (HKLM\...\{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 1.0.0.58 - NewTech Infosystems) Hidden
Broadcom Gigabit NetLink Controller (HKLM\...\{9AF0B106-56F1-461B-A270-95BC1682E282}) (Version: 11.34.02 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.41 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
EPSON BX300F Series Printer Uninstall (HKLM\...\EPSON BX300F Series) (Version: - SEIKO EPSON Corporation)
Epson Easy Photo Print 2 (HKLM\...\{DEDB47A3-C988-4A43-A645-E2CEA571E680}) (Version: 2.0.0.0 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - )
EPSON Stylus Office BX300F_TX300F Manuál (HKLM\...\EPSON Stylus Office BX300F_TX300F Uživatelská příručka) (Version: - )
Google Desktop (HKLM\...\Google Desktop) (Version: 5.9.1005.12335 - Google)
Google Drive (HKLM\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Google+ Auto Backup (HKLM\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: 7.80.2.53 - Conexant Systems)
Choice Guard (HKLM\...\{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}) (Version: 1.2.87.0 - Microsoft Corporation) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1892 - Intel Corporation)
Intel(R) TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation)
Junk Mail filter update (HKLM\...\{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}) (Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 6.6.6 (HKLM\...\KLiteCodecPack_is1) (Version: 6.6.6 - )
Launch Manager (HKLM\...\LManager) (Version: 3.0.03 - Acer Inc.)
Media Player Classic - Home Cinema v1.4.2499.0 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.4.2499.0 - MPC-HC Team)
Microsoft .NET Framework 4.7.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6215.1000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (Czech) (HKLM\...\{95120000-00AF-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Works (HKLM\...\{99D7DE4C-2775-4B16-B155-7F09AE939E8E}) (Version: 9.7.0621 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker (HKLM\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.59.0 - Egis Technology Inc.)
Nástroj pro odesílání služby Windows Live (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
NTI Backup Now 5 (HKLM\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.616 - NewTech Infosystems)
NTI Backup Now Standard (HKLM\...\{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.616 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM\...\{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.2.6509 - Název společnosti:) Hidden
NTI Media Maker 8 (HKLM\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.2.6509 - Název společnosti:)
O2 (HKLM\...\O2CZ) (Version: - O2)
O2 Internet (HKLM\...\O2 Internet) (Version: 23.015.05.00.445 - Huawei Technologies Co.,Ltd)
O2 Internet Konfigurator (HKLM\...\O2 Internet Konfigurator) (Version: - )
OpenOffice.org 3.3 (HKLM\...\{D5B94160-4A07-4956-9C73-8C5EEFEF180F}) (Version: 3.3.9567 - OpenOffice.org)
Orion (HKLM\...\{5B63A470-9334-44D1-AF61-6CE2DB565AE9}) (Version: 2.5.0 - Convesoft)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5888 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: 6.0.6000.20113 - Realtek Semiconductor Corp.)
Skype Click to Call (HKLM\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.40 (HKLM\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Software Bluetooth WIDCOMM (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.8800 - Broadcom)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 12.1.0.0 - Synaptics)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: - )
Update for Office 2007 (KB946691) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A420F522-7395-4872-9882-C591B4B92278}) (Version: - Microsoft)
Upgrade Kit (HKLM\...\{1D0FDD6D-3C5E-4588-8ED0-02DC88014BF2}) (Version: 1.00.3002 - Acer Inc.)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{4B4451CE-D1E6-4BDE-B4B2-59F03BB83B7C}) (Version: 14.0.8050.1202 - Microsoft Corporation)
Zoner Photo Studio 9 (HKLM\...\Zoner Photo Studio 9_is1) (Version: - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3097154473-1048039703-3437092397-1000_Classes\CLSID\{4052D303-74C5-49EA-BC6B-66099C8D4007}\InprocServer32 -> C:\Program Files\Google\Google Desktop Search\GoogleDesktopAPI2.dll (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-08-26] (AVAST Software)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files\EgisTec\MyWinLocker 3\x86\psdprotect.dll [2009-05-15] (Egis Technology Inc.)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-08-26] (AVAST Software)
ContextMenuHandlers1: [EDSshellExt] -> {29FF7AB0-BE34-4992-A30B-53A9D86EE239} => C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlshellext.dll [2009-05-15] (Egis Technology Inc.)
ContextMenuHandlers1: [EPP] -> {3F3B81BE-529B-40b9-8189-6666B241ADFA} => C:\Program Files\Epson Software\Easy Photo Print\EPPShell.dll [2008-04-11] (SEIKO EPSON CORPORATION)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2018-04-23] (Google)
ContextMenuHandlers1: [ZONERMenu] -> {BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => C:\Program Files\Zoner\Photo Studio 9\Program\SHELLEXT9.DLL [2006-10-27] (ZONER software)
ContextMenuHandlers2: [ZONERMenu] -> {BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => C:\Program Files\Zoner\Photo Studio 9\Program\SHELLEXT9.DLL [2006-10-27] (ZONER software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-08-26] (AVAST Software)
ContextMenuHandlers4: [EDSshellExt] -> {29FF7AB0-BE34-4992-A30B-53A9D86EE239} => C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlshellext.dll [2009-05-15] (Egis Technology Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2018-04-23] (Google)
ContextMenuHandlers4: [ZONERMenu] -> {BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => C:\Program Files\Zoner\Photo Studio 9\Program\SHELLEXT9.DLL [2006-10-27] (ZONER software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2009-09-02] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-08-26] (AVAST Software)
ContextMenuHandlers6: [ZONERMenu] -> {BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => C:\Program Files\Zoner\Photo Studio 9\Program\SHELLEXT9.DLL [2006-10-27] (ZONER software)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {12726EBF-6FD7-42FB-B0B8-972054AED462} - System32\Tasks\{3B3BCF49-64B4-4A7E-91E9-BECEC4983214} => "c:\users\helán\appdata\local\google\chrome\application\chrome.exe" hxxp://www.skype.com/go/downloading?source=lig ... rror=12007
Task: {21F4FC20-460A-436C-9F0A-B85B6142893B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {2BA0661C-D713-4726-940A-B718F7CF7FF0} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_30_0_0_154_Plugin.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {2FD25FEA-5447-4DBD-9217-B5F53B437774} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-12] (AVAST Software)
Task: {41AB54B5-3AEE-4043-AC28-5724D1C1890E} - System32\Tasks\IHUninstallTrackingTASK => CMD /C DEL C:\Users\HELN~1\AppData\Local\Temp\IHU4F3D.tmp.exe <==== ATTENTION
Task: {4BB4320B-6019-494C-9576-19B5C4973BC0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {7DCA8C41-F4EB-498C-8643-BB256229D166} - System32\Tasks\{46F5A81F-7566-43BD-8A94-D106669FDA47} => "c:\users\helán\appdata\local\google\chrome\application\chrome.exe" hxxp://www.skype.com/go/downloading?source=lig ... rror=12007
Task: {8572B588-5A86-4BBE-AC79-1FC1D49C52D1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {89B58AA9-6B1F-460F-81F7-28ACEEB2DF80} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-06-18] (AVAST Software)
Task: {A57E5E59-7657-4275-88D0-551579D59A2E} - System32\Tasks\{19F77BF6-97FC-4D0A-A8A0-560CA6C4D12A} => "c:\users\helán\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.18.0.106/cs/abandoninstall?source=lightinstaller&page=tsMain
Task: {A749CA1F-31A7-4644-9483-807EF39BD055} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-04-24] (Piriform Ltd)
Task: {A9643420-B9E1-4131-8710-2BA8AA187164} - System32\Tasks\{A2454A7A-F10A-454E-9C24-D3EBEA86C7AC} => C:\Program Files\Skype\\Phone\Skype.exe [2017-10-06] (Skype Technologies S.A.)
Task: {B49428FF-9A86-4596-9553-27577E5B5C04} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {BA7876E8-C1C7-4A31-8C08-07964867B959} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-04-24] (Piriform Ltd)
Task: {C1D8FB2E-A22D-43D3-8003-87E4AD5ACBE3} - System32\Tasks\MotiveReportingUninstall => C:\Program Files\Common Files\Motive\InstallHelper.exe [2007-11-29] (Motive Communications, Inc.)
Task: {C1DA2F20-2548-4405-A2C9-2A0721A8DA92} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-12] (AVAST Software)
Task: {D5A53243-329C-4315-A9CD-D45A8AEBB1BE} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-08-26] (AVAST Software)
Task: {DEBCCC72-3A99-47B1-8BAB-97F13F85C675} - System32\Tasks\IHSelfDeleteTASK => CMD /C DEL C:\Users\HELN~1\AppData\Local\Temp\IHU206C.tmp.exe <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2018-08-26 18:47 - 2018-08-26 18:47 - 000483544 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-08-26 18:47 - 2018-08-26 18:47 - 000928984 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-08-26 18:46 - 2018-08-26 18:46 - 000532696 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-08-26 18:44 - 2018-08-26 18:44 - 000150744 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-08-26 18:46 - 2018-08-26 18:46 - 000985304 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2018-08-28 16:07 - 2018-08-28 16:07 - 005679248 _____ () C:\Program Files\AVAST Software\Avast\defs\18082802\algo.dll
2009-03-12 12:32 - 2008-12-18 14:51 - 000075048 _____ () C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
2014-01-15 05:42 - 2014-01-15 05:42 - 000276048 _____ () C:\ProgramData\DatacardService\HWDeviceService.exe
2009-02-02 18:33 - 2009-02-02 18:33 - 000460199 _____ () C:\Program Files\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2008-09-28 18:55 - 2008-09-28 18:55 - 001076224 _____ () C:\Program Files\NewTech Infosystems\Acer Backup Manager\ACE.dll
2015-05-22 17:05 - 2013-10-26 11:45 - 000651856 _____ () C:\ProgramData\O2 Internet\OnlineUpdate\ouc.exe
2015-05-22 17:05 - 2013-08-31 07:44 - 002417152 _____ () C:\ProgramData\O2 Internet\OnlineUpdate\QtCore4.dll
2015-05-22 17:05 - 2009-01-10 20:32 - 000011362 _____ () C:\ProgramData\O2 Internet\OnlineUpdate\mingwm10.dll
2015-05-22 17:05 - 2009-06-23 04:42 - 000043008 _____ () C:\ProgramData\O2 Internet\OnlineUpdate\libgcc_s_dw2-1.dll
2015-05-22 17:05 - 2013-08-31 07:46 - 001148416 _____ () C:\ProgramData\O2 Internet\OnlineUpdate\QtNetwork4.dll
2009-04-13 12:09 - 2009-04-13 12:09 - 000126976 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2008-06-12 01:10 - 2008-06-12 01:10 - 000016768 _____ () C:\Program Files\Adobe\Reader 9.0\Reader\viewerps.dll
2009-01-21 01:41 - 2009-01-21 01:41 - 000872448 _____ () C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMediaLibrary.dll
2009-01-21 01:41 - 2009-01-21 01:41 - 000007680 _____ () C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvcPS.dll
2010-01-22 13:29 - 2010-07-15 21:29 - 000034816 _____ () C:\Program Files\Google\Google Desktop Search\gzlib.dll
2010-01-22 13:36 - 2008-07-29 20:29 - 000200704 _____ () C:\Windows\PLFSetI.exe
2018-03-10 10:02 - 2018-03-10 10:02 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-08-26 18:44 - 2018-08-26 18:44 - 000282840 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-09-26 22:22 - 2017-09-26 22:22 - 001984000 ____R () C:\Program Files\Skype\Phone\skypert.dll
2011-01-17 16:19 - 2011-05-12 20:08 - 000985088 _____ () C:\Program Files\OpenOffice.org 3\program\libxml2.dll
2015-05-08 20:50 - 2018-04-24 16:57 - 000083784 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2018-08-13 15:15 - 2018-08-08 02:55 - 004076888 _____ () C:\Program Files\Google\Chrome\Application\68.0.3440.106\libglesv2.dll
2018-08-13 15:15 - 2018-08-08 02:55 - 000096088 _____ () C:\Program Files\Google\Chrome\Application\68.0.3440.106\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:CDFF58FE [122]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 12:23 - 2006-09-18 23:41 - 000000761 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3097154473-1048039703-3437092397-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Helán\AppData\Local\Microsoft\Windows\Themes\img11.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: msnmsgr => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{FE8B4FFF-8430-403A-A04E-61B0AB43C54C}] => (Allow) C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
FirewallRules: [{E42E93C2-09D2-4DF2-A743-7EE597D7DCDE}] => (Allow) C:\Program Files\Acer Arcade Deluxe\PlayMovie\PlayMovie.exe
FirewallRules: [{886EE00D-84B4-47BA-84ED-FA5E31473607}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{A0DAB2F3-177C-4877-85B9-E3480CF2B5D7}] => (Allow) C:\Program Files\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe
FirewallRules: [{7386EBDA-95AB-42C0-AFA8-46DE47863EB0}] => (Allow) C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe
FirewallRules: [{E430AA21-5E88-4EC4-8281-E6F7035E1938}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
FirewallRules: [{2C0BF3D6-48D1-445F-A901-C75F01B48B1F}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
FirewallRules: [{BAEA33B2-AF7E-4575-9EE0-7020A41C8E6A}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
FirewallRules: [{D068DC62-E032-41D9-846D-2CF32C1BA564}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
FirewallRules: [{C2CDDCB9-D2A5-4DEA-9D4C-D2884F9CA211}] => (Allow) C:\Program Files\uTorrent\uTorrent.exe
FirewallRules: [{4CE2F100-1D17-4527-8EBE-F2594E4A7F34}] => (Allow) C:\Program Files\uTorrent\uTorrent.exe
FirewallRules: [{F62C5045-F17B-4516-BA75-F12214123FC9}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{4CDFDA17-BF72-431B-B12C-9B51C07DB198}] => (Allow) svchost.exe
FirewallRules: [{45A0D8A2-318A-467C-9B61-0EB79B1E8637}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{86A99EA5-84E5-46A3-AB66-1C02FEB7891D}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{DA2CB476-E5F3-459E-BFE4-881281AEEE59}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{695111DB-1168-48BC-9D55-7ABCBA7CD677}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{9DB4CFE5-1125-40FD-AA1D-7EA8F388E0D9}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{62876373-953D-47EE-913D-E22E3040C48A}] => (Allow) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe

==================== Restore Points =========================

06-08-2018 13:33:23 Naplánovaný kontrolní bod
13-08-2018 14:47:17 Naplánovaný kontrolní bod
20-08-2018 12:04:08 Windows Update
26-08-2018 18:26:54 Operace obnovení
27-08-2018 03:00:19 Windows Update

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (08/28/2018 05:18:49 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (08/28/2018 04:18:50 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (08/28/2018 03:18:52 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (08/28/2018 02:18:49 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (08/28/2018 01:18:50 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (08/28/2018 12:18:52 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (08/28/2018 11:18:50 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (08/28/2018 10:18:49 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

System errors:
=============
Error: (08/27/2018 03:36:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba O2 Internet. OUC neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (08/27/2018 03:36:13 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby O2 Internet. OUC bylo dosaženo časového limitu (30000 ms).

Error: (08/27/2018 12:24:13 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {995C996E-D918-4A8C-A302-45719A6F4EA7} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/26/2018 07:01:38 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Byla vygenerována následující výstraha o závažné chybě: 10. Stav interní chyby: 10

Error: (08/26/2018 06:46:35 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Windows Update přestala během spouštění reagovat.

Error: (08/26/2018 06:41:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba O2 Internet. OUC neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (08/26/2018 06:41:22 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby O2 Internet. OUC bylo dosaženo časového limitu (30000 ms).

Error: (08/21/2018 12:20:58 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Byla vygenerována následující výstraha o závažné chybě: 10. Stav interní chyby: 10

Windows Defender:
===================================
Date: 2016-04-04 17:30:20.062
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{4B6782E1-23A4-4348-9816-D7D237EEBFEE}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

CodeIntegrity:
===================================

Date: 2010-06-18 07:18:07.464
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2010-06-18 07:18:07.323
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2010-06-18 07:18:07.027
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2010-06-18 07:18:06.887
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2010-06-18 07:18:01.910
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSP.sys because the set of per-page image hashes could not be found on the system.

Date: 2010-06-18 07:18:01.785
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSP.sys because the set of per-page image hashes could not be found on the system.

Date: 2010-06-18 07:18:01.676
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSP.sys because the set of per-page image hashes could not be found on the system.

Date: 2010-06-18 07:18:01.551
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSP.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Pentium(R) Dual-Core CPU T4300 @ 2.10GHz
Percentage of memory in use: 69%
Total physical RAM: 1976.93 MB
Available physical RAM: 599.56 MB
Total Virtual: 3953.85 MB
Available Virtual: 2177.39 MB

==================== Drives ================================

Drive c: (ACER) (Fixed) (Total:288.32 GB) (Free:200.23 GB) NTFS ==>[drive with boot components (obtained from BCD)]

\\?\Volume{3250dd47-0781-11df-9bac-806e6f6e6963}\ (PQSERVICE) (Fixed) (Total:9.76 GB) (Free:1.6 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 46DB45CC)
Partition 1: (Not Active) - (Size=9.8 GB) - (Type=27)
Partition 2: (Active) - (Size=288.3 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

#2 Příspěvek od **Rudy** » 28 srp 2018 18:07

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

VIRY.CZ

Oprava PC u rodicu - vypis z FRST

Oprava PC u rodicu - vypis z FRST

Re: Oprava PC u rodicu - vypis z FRST