Additional scan result of Farbar Recovery Scan Tool (x86) Version: 29-03-2020
Ran by Dušan (04-04-2020 16:58:43)
Running from C:\Users\Dušan\Desktop
Microsoft Windows 7 Professional  Service Pack 1 (X86) (2017-07-25 07:37:31)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-530079562-2313805981-1276691295-500 - Administrator - Disabled)
Dušan (S-1-5-21-530079562-2313805981-1276691295-1001 - Administrator - Enabled) => C:\Users\Dušan
Guest (S-1-5-21-530079562-2313805981-1276691295-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-530079562-2313805981-1276691295-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Disabled - Up to date) {0B81F5C2-9C9F-1DB6-0BF9-02BFE6D63BAF}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.38 beta (HKLM\...\7-Zip) (Version:  - )
Acer OrbiCam (HKLM\...\{4A57592C-FF92-4083-97A9-92783BD5AFB4}) (Version: 6.96.0.11R - Bison WebCam)
Adobe Flash Player 26 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 26.0.0.137 - Adobe Systems Incorporated)
Advanced SystemCare 12 (HKLM\...\Advanced SystemCare_is1) (Version: 12.6.0 - IObit)
Driver Booster 7 (HKLM\...\Driver Booster_is1) (Version: 7.1.0 - IObit)
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118) (Version:  - )
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
IObit Malware Fighter 7 (HKLM\...\IObit Malware Fighter_is1) (Version: 7.3.0.5799 - IObit)
IObit Software Updater (HKLM\...\IObit Software Updater_is1) (Version: 2.1.0.2663 - IObit)
IObit Uninstaller 9 (HKLM\...\IObitUninstall) (Version: 9.0.2.38 - IObit)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM\...\PROPLUS) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Opera Stable 67.0.3575.115 (HKLM\...\Opera 67.0.3575.115) (Version: 67.0.3575.115 - Opera Software)
Renonc - licitovaný mariáš (HKU\S-1-5-21-530079562-2313805981-1276691295-1001\...\b7a4e1e148fa4eb1) (Version: 1.5.1.2 - Václav Kozmík)
Renonc - licitovaný mariáš (HKU\S-1-5-21-530079562-2313805981-1276691295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04042020153216012\...\b7a4e1e148fa4eb1) (Version: 1.5.1.2 - Václav Kozmík)
Seznam Software (HKU\S-1-5-21-530079562-2313805981-1276691295-1001\...\SeznamInstall) (Version: 2.1.32 - Seznam.cz)
Seznam Software (HKU\S-1-5-21-530079562-2313805981-1276691295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04042020153216012\...\SeznamInstall) (Version: 2.1.32 - Seznam.cz)
Skype verzia 8.58 (HKLM\...\Skype_is1) (Version: 8.58 - Skype Technologies S.A.)
TeamViewer 10 (HKLM\...\TeamViewer) (Version: 10.0.93450 - TeamViewer)
VirtualCloneDrive (HKLM\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [                    IMFSafeBox] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files\IObit\IObit Malware Fighter\IMFShellExt.dll [2019-07-30] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-01-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files\IObit\Advanced SystemCare\ASCExtMenu.dll [2018-07-06] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files\IObit\IObit Malware Fighter\IMFShellExt.dll [2019-07-30] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files\IObit\IObit Uninstaller\IUMenuRight.dll [2019-07-30] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files\IObit\Advanced SystemCare\ASCExtMenu.dll [2018-07-06] (IObit Information Technology -> IObit)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-01-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files\IObit\Advanced SystemCare\ASCExtMenu.dll [2018-07-06] (IObit Information Technology -> IObit)
ContextMenuHandlers4: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files\IObit\IObit Malware Fighter\IMFShellExt.dll [2019-07-30] (IObit Information Technology -> IObit)
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files\IObit\IObit Uninstaller\IUMenuRight.dll [2019-07-30] (IObit Information Technology -> IObit)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2009-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-01-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files\IObit\IObit Malware Fighter\IMFShellExt.dll [2019-07-30] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files\IObit\IObit Uninstaller\IUMenuRight.dll [2019-07-30] (IObit Information Technology -> IObit)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) =============

2015-01-03 19:24 - 2015-01-03 19:24 - 000050176 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2018-08-04 13:31 - 000000878 _____ C:\Windows\system32\drivers\etc\hosts
0.0.0.0 serius.mwbsys.com
0.0.0.0 keystone.mwbsys.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-530079562-2313805981-1276691295-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Dušan\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-530079562-2313805981-1276691295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04042020153216012\Control Panel\Desktop\\Wallpaper -> C:\Users\Dušan\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{5F4E8D99-146E-42F1-9743-5192D5F25AAC}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{018367C4-A754-470D-95C2-401C4D3A1B5B}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{C4906BA6-94BE-467E-BAA3-5B69AFF86E2C}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{4F0761ED-684B-4035-9C8F-6734826E0823}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{90036151-19F0-4C71-B126-540611AD439F}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BAB000DD-6B6E-4BDA-B2CB-4DC75C226478}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{F43260D2-BF4F-4449-B113-2B65804BAD79}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{E076289D-73E9-41F2-9B01-8D43DE6DD295}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{045522F6-F307-4377-AE85-D132E23C0DC1}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{11D592E5-548C-47B1-BC6B-68F6D497D7F8}] => (Allow) C:\Program Files\IObit\Advanced SystemCare Ultimate\AutoUpdate.exe No File
FirewallRules: [{886A4B04-2830-4689-937B-FA5DF749A1C2}] => (Allow) C:\Program Files\IObit\Advanced SystemCare Ultimate\AutoUpdate.exe No File
FirewallRules: [{71667C8A-EC59-41E8-BCBE-2DE2AC3C4B76}] => (Allow) C:\Program Files\Opera\67.0.3575.97\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{08F91FC4-67FB-4480-88D3-4D34B97F4E14}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EFA72629-1F8C-436D-AEBC-D493B861D5A7}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{ACF778C6-2B8B-49A2-A136-5753E622B68F}] => (Allow) C:\Program Files\Opera\67.0.3575.115\opera.exe (Opera Software AS -> Opera Software)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (04/04/2020 07:15:56 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/03/2020 08:08:52 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/02/2020 07:17:16 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/01/2020 08:15:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/31/2020 12:33:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/30/2020 09:39:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/29/2020 08:37:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/28/2020 04:15:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybovej aplikácie: MBAMService.exe, verzia: 3.2.0.890, časová značka: 0x5e4bf985
Názov chybového modulu: ntdll.dll, verzia: 6.1.7601.24545, časová značka: 0x5e0eb7a5
Kód výnimky: 0xc0000005
Odstup chyby: 0x00031d3a
Identifikácia chybného procesu: 0xaa0
Čas spustenia chybnej aplikácie: 0x01d604ce7c2cd05b
Cesta chybnej aplikácie: C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
Cesta chybného modulu: C:\Windows\SYSTEM32\ntdll.dll
Identifikácia hlásenia: 9b364ee4-70fe-11ea-9631-0016d45ccdd5


System errors:
=============
Error: (04/04/2020 03:26:35 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (04/02/2020 07:31:23 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Klient skupinovej politiky sa po prijatí ovládacieho príkazu pred vypnutím nevypla správne.

Error: (04/01/2020 03:57:31 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (03/29/2020 09:09:28 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (03/28/2020 08:47:17 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 20.

Error: (03/28/2020 04:27:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Malwarebytes Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 5000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (03/27/2020 01:10:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby WMI Performance Adapter zlyhalo kvôli nasledujúcej chybe: 
Služba neodpovedala na riadiaci alebo spúšťací pokyn načas.

Error: (03/27/2020 01:10:04 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby WMI Performance Adapter bol dosiahnutý časový limit (30000 ms).


==================== Memory info =========================== 

BIOS: Acer V3.01 10/25/2006
Motherboard: Acer Grapevine
Processor: Intel(R) Celeron(R) M CPU 420 @ 1.60GHz
Percentage of memory in use: 68%
Total physical RAM: 2038.12 MB
Available physical RAM: 643.13 MB
Total Virtual: 4076.23 MB
Available Virtual: 2158.14 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:34.08 GB) (Free:8.88 GB) NTFS
Drive d: () (Fixed) (Total:35.46 GB) (Free:28.54 GB) NTFS

\\?\Volume{f2c0eb95-7108-11e7-ae7c-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 74.5 GB) (Disk ID: B8F0FFA4)
Partition 1: (Not Active) - (Size=4.9 GB) - (Type=12)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=34.1 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=35.5 GB) - (Type=0F Extended)

==================== End of Addition.txt =======================