Prosim o kontrolu, antivir nieco včera našiel

Zpráva

Iva212 · #1 Příspěvek od **Iva212** » 16 zář 2018 13:51

Prosim o kontrolu, antivir nieco včera našiel a NTB je nejaký spomalený.

dakujem

Prikladám nalez antiviru a logy FRST tu:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15.09.2018
Ran by Iva (administrator) on IVA-PC (16-09-2018 14:46:08)
Running from C:\Users\Iva\Desktop
Loaded Profiles: Iva (Available Profiles: Iva)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Lexmark International, Inc.) C:\Windows\System32\LEXBCES.EXE
(Lexmark International, Inc.) C:\Windows\System32\LEXPPS.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\sched.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\Energy Management\utility.exe
(Lenovo (Beijing) Limited) C:\Program Files\Lenovo\Energy Management\Energy Management.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avguard.exe
(Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
(Microsoft Corporation) C:\Windows\System32\IgrsSvcs.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(CANON INC.) C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
(CANON INC.) C:\Program Files\Canon\Solution Menu EX\CNSEUPDT.EXE

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [EnergyUtility] => C:\Program Files\Lenovo\Energy Management\utility.exe [4081480 2009-07-15] (Lenovo(beijing) Limited)
HKLM\...\Run: [Energy Management] => C:\Program Files\Lenovo\Energy Management\Energy Management.exe [5064520 2009-06-25] (Lenovo (Beijing) Limited)
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2018-08-17] (Avira Operations GmbH & Co. KG)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5A6B09D9-D8F4-4C90-A6A4-7B84A2405D60}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-30654545-3194649466-4156373986-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue=hxxp://mail.google.com/mail/&scc=1&ltmpl=default&ltmplcache=2
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-30654545-3194649466-4156373986-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-08] (Oracle Corporation)
BHO: Pomocník pri prihlasovaní v konte Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-08] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default [2018-09-16]
FF user.js: detected! => C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\user.js [2016-11-27]
FF Session Restore: Mozilla\Firefox\Profiles\ihm4dqwj.default -> is enabled.
FF Extension: (Flash Video Downloader) - C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\Extensions\artur.dubovoy@gmail.com.xpi [2018-08-17]
FF Extension: (1-Click YouTube Video Downloader) - C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2018-04-15]
FF Extension: (Flash and Video Download) - C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}.xpi [2018-08-28]
FF Extension: (Firefox Monitor) - C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\features\{accdbaad-5dea-482c-b832-ad6a76bc5b86}\fxmonitor@mozilla.org.xpi [2018-09-10]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-04-08] ()
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-10-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-10-08] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.4 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2009-06-09] (Microsoft Corp.)
FF Plugin: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files\Sony\Media Go\npmediago.dll [2010-01-20] (Sony Media Software and Services Inc)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-30654545-3194649466-4156373986-1003: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Iva\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2012-10-12] (Skype Limited)

Chrome:
=======
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default [2018-09-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-06]
CHR Extension: (Chrome Media Router) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-13]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files\Avira\Antivirus\avmailc7.exe [895056 2018-09-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\Antivirus\sched.exe [226000 2018-09-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\Antivirus\avguard.exe [226000 2018-09-04] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\Antivirus\avwebg7.exe [1148568 2018-09-04] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [436848 2018-08-17] (Avira Operations GmbH & Co. KG)
S3 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [582944 2009-07-01] (Broadcom Corporation.)
R2 IGRS; C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe [38152 2009-07-14] (Lenovo Group Limited)
S3 Lenovo ReadyComm AppSvc; C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [414984 2009-07-28] (Lenovo Group Limited)
S3 Lenovo ReadyComm ConnSvc; C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [472328 2009-07-28] (Lenovo Group Limited)
R2 LexBceS; C:\windows\System32\LEXBCES.EXE [303104 2003-08-18] (Lexmark International, Inc.) [File not signed]
S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
S3 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [503080 2010-05-04] (Nero AG)
S3 PS_MDP; C:\Program Files\Lenovo\ReadyComm\PS_MDP.dll [276296 2009-07-16] (Lenovo Group Limited)
R2 ReadyComm.DirectRouter; C:\Program Files\Lenovo\ReadyComm\common\router.dll [103688 2009-07-14] (Lenovo Group Limited)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ACPIVPC; C:\windows\System32\DRIVERS\AcpiVpc.sys [23136 2010-01-20] (Lenovo Corporation)
R0 avdevprot; C:\windows\System32\DRIVERS\avdevprot.sys [46440 2017-06-20] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [132448 2018-07-11] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\windows\System32\DRIVERS\avipbb.sys [147880 2018-07-11] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\windows\System32\DRIVERS\avkmgr.sys [35840 2017-03-23] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\windows\System32\DRIVERS\avnetflt.sys [59000 2017-03-23] (Avira Operations GmbH & Co. KG)
S3 Bridge0; C:\windows\System32\drivers\WDBridge.sys [63240 2009-07-28] (Lenovo)
R3 Btcsrusb; C:\windows\System32\Drivers\btcusb.sys [47504 2016-11-27] (IVT Corporation.)
R1 HWiNFO32; C:\windows\system32\drivers\HWiNFO32.SYS [23840 2016-11-27] (REALiX(tm))
R2 npf; C:\windows\System32\drivers\npf.sys [50704 2010-01-27] (CACE Technologies, Inc.)
S3 RSUSBSTOR; C:\windows\System32\Drivers\RtsUStor.sys [171520 2009-07-30] (Realtek Semiconductor Corp.) [File not signed]
S3 RTSUER; C:\windows\System32\Drivers\RtsUer.sys [304344 2016-11-27] (Realsil Semiconductor Corporation)
S3 s1039mdm; C:\windows\System32\DRIVERS\s1039mdm.sys [124016 2010-03-15] (MCCI Corporation)
R3 SmbDrvI; C:\windows\System32\DRIVERS\Smb_driver_Intel.sys [26792 2016-11-27] (Synaptics Incorporated)
R3 SNP2UVC; C:\windows\System32\DRIVERS\snp2uvc.sys [1759616 2009-03-13] ()
R3 wdmirror; C:\windows\System32\DRIVERS\WDMirror.sys [11792 2009-07-16] (Windows (R) Codename Longhorn DDK provider)
S3 wsvd; C:\windows\System32\DRIVERS\wsvd.sys [81704 2009-07-21] (CyberLink)
U5 AppMgmt; C:\windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
U3 aswbdisk; no ImagePath
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-16 13:49 - 2018-09-16 13:51 - 000037554 _____ C:\Users\Iva\Desktop\Addition.txt
2018-09-16 13:45 - 2018-09-16 14:47 - 000012822 _____ C:\Users\Iva\Desktop\FRST.txt
2018-09-16 13:44 - 2018-09-16 14:46 - 000000000 ____D C:\FRST
2018-09-16 13:43 - 2018-09-16 13:43 - 001774080 _____ (Farbar) C:\Users\Iva\Desktop\FRST.exe
2018-09-16 10:23 - 2018-09-16 10:23 - 000156770 _____ C:\Users\Iva\Downloads\vystavne_skupiny.pdf
2018-09-16 10:23 - 2018-09-16 10:23 - 000156770 _____ C:\Users\Iva\Downloads\vystavne_skupiny(1).pdf
2018-09-12 17:21 - 2018-08-31 17:08 - 001311744 _____ (Microsoft Corporation) C:\windows\system32\msjet40.dll
2018-09-12 17:21 - 2018-08-31 17:08 - 000340480 _____ (Microsoft Corporation) C:\windows\system32\msexcl40.dll
2018-09-12 17:21 - 2018-08-30 03:47 - 001230848 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2018-09-12 17:21 - 2018-08-28 07:41 - 000190976 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ks.sys
2018-09-12 17:21 - 2018-08-24 20:47 - 000350296 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2018-09-12 17:21 - 2018-08-23 23:27 - 020279296 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2018-09-12 17:21 - 2018-08-23 23:25 - 002724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2018-09-12 17:21 - 2018-08-23 23:25 - 000004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2018-09-12 17:21 - 2018-08-23 23:15 - 000497664 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2018-09-12 17:21 - 2018-08-23 23:14 - 000341504 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2018-09-12 17:21 - 2018-08-23 23:14 - 000062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2018-09-12 17:21 - 2018-08-23 23:14 - 000047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2018-09-12 17:21 - 2018-08-23 23:13 - 000064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2018-09-12 17:21 - 2018-08-23 23:12 - 002295808 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2018-09-12 17:21 - 2018-08-23 23:09 - 000047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2018-09-12 17:21 - 2018-08-23 23:09 - 000030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2018-09-12 17:21 - 2018-08-23 23:07 - 000476160 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2018-09-12 17:21 - 2018-08-23 23:06 - 000662016 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2018-09-12 17:21 - 2018-08-23 23:06 - 000620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2018-09-12 17:21 - 2018-08-23 23:06 - 000115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2018-09-12 17:21 - 2018-08-23 23:06 - 000104960 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2018-09-12 17:21 - 2018-08-23 23:02 - 000668160 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2018-09-12 17:21 - 2018-08-23 23:00 - 000416256 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2018-09-12 17:21 - 2018-08-23 22:56 - 000073216 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2018-09-12 17:21 - 2018-08-23 22:56 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2018-09-12 17:21 - 2018-08-23 22:55 - 000091136 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2018-09-12 17:21 - 2018-08-23 22:54 - 000168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2018-09-12 17:21 - 2018-08-23 22:53 - 000076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2018-09-12 17:21 - 2018-08-23 22:52 - 000279040 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2018-09-12 17:21 - 2018-08-23 22:51 - 004494848 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2018-09-12 17:21 - 2018-08-23 22:51 - 000130048 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2018-09-12 17:21 - 2018-08-23 22:48 - 013679616 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2018-09-12 17:21 - 2018-08-23 22:46 - 000230400 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2018-09-12 17:21 - 2018-08-23 22:44 - 002059776 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2018-09-12 17:21 - 2018-08-23 22:44 - 001155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2018-09-12 17:21 - 2018-08-23 22:44 - 000696320 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2018-09-12 17:21 - 2018-08-23 22:44 - 000692224 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2018-09-12 17:21 - 2018-08-23 22:30 - 004037632 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2018-09-12 17:21 - 2018-08-23 22:27 - 001329664 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2018-09-12 17:21 - 2018-08-23 22:24 - 000710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2018-09-12 17:21 - 2018-08-13 17:40 - 012880896 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2018-09-12 17:21 - 2018-08-13 17:40 - 001499648 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll
2018-09-12 17:21 - 2018-08-13 17:40 - 001390080 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2018-09-12 17:21 - 2018-08-13 17:40 - 001241088 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2018-09-12 17:21 - 2018-08-13 17:40 - 000306688 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2018-09-12 17:21 - 2018-08-13 17:40 - 000043008 _____ (Microsoft Corporation) C:\windows\system32\mf3216.dll
2018-09-12 17:21 - 2018-08-13 17:40 - 000004608 _____ (Microsoft Corporation) C:\windows\system32\msimg32.dll
2018-09-12 17:21 - 2018-08-13 17:40 - 000002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2018-09-12 17:21 - 2018-08-13 17:40 - 000002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2018-09-12 17:21 - 2018-08-12 22:18 - 000240808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2018-09-12 17:21 - 2018-08-12 22:17 - 001311400 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2018-09-12 17:21 - 2018-08-12 22:17 - 000187560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2018-09-12 17:21 - 2018-08-12 22:14 - 000018944 _____ (Microsoft Corporation) C:\windows\system32\netevent.dll
2018-09-12 17:21 - 2018-08-10 17:45 - 004054192 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
2018-09-12 17:21 - 2018-08-10 17:45 - 000309424 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2018-09-12 17:21 - 2018-08-10 17:45 - 000139360 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2018-09-12 17:21 - 2018-08-10 17:45 - 000067248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2018-09-12 17:21 - 2018-08-10 17:44 - 003961440 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2018-09-12 17:21 - 2018-08-10 17:44 - 000191072 _____ (Microsoft Corporation) C:\windows\system32\halmacpi.dll
2018-09-12 17:21 - 2018-08-10 17:44 - 000191072 _____ (Microsoft Corporation) C:\windows\system32\hal.dll
2018-09-12 17:21 - 2018-08-10 17:44 - 000136368 _____ (Microsoft Corporation) C:\windows\system32\halacpi.dll
2018-09-12 17:21 - 2018-08-10 17:43 - 001311928 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2018-09-12 17:21 - 2018-08-10 17:41 - 000655360 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2018-09-12 17:21 - 2018-08-10 17:41 - 000564736 _____ (Microsoft Corporation) C:\windows\system32\MPSSVC.dll
2018-09-12 17:21 - 2018-08-10 17:41 - 000400896 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2018-09-12 17:21 - 2018-08-10 17:41 - 000261120 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2018-09-12 17:21 - 2018-08-10 17:41 - 000254464 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2018-09-12 17:21 - 2018-08-10 17:41 - 000223232 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2018-09-12 17:21 - 2018-08-10 17:41 - 000172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2018-09-12 17:21 - 2018-08-10 17:41 - 000146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2018-09-12 17:21 - 2018-08-10 17:41 - 000141312 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2018-09-12 17:21 - 2018-08-10 17:41 - 000111616 _____ (Microsoft Corporation) C:\windows\system32\t2embed.dll
2018-09-12 17:21 - 2018-08-10 17:41 - 000099840 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2018-09-12 17:21 - 2018-08-10 17:41 - 000070144 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2018-09-12 17:21 - 2018-08-10 17:41 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2018-09-12 17:21 - 2018-08-10 17:41 - 000050176 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2018-09-12 17:21 - 2018-08-10 17:41 - 000043008 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2018-09-12 17:21 - 2018-08-10 17:41 - 000022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2018-09-12 17:21 - 2018-08-10 17:40 - 001063424 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2018-09-12 17:21 - 2018-08-10 17:40 - 000554496 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2018-09-12 17:21 - 2018-08-10 17:40 - 000463360 _____ (Microsoft Corporation) C:\windows\system32\FirewallAPI.dll
2018-09-12 17:21 - 2018-08-10 17:40 - 000089088 _____ (Microsoft Corporation) C:\windows\system32\icfupgd.dll
2018-09-12 17:21 - 2018-08-10 17:40 - 000082432 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll
2018-09-12 17:21 - 2018-08-10 17:40 - 000071680 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2018-09-12 17:21 - 2018-08-10 17:40 - 000050688 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2018-09-12 17:21 - 2018-08-10 17:40 - 000038912 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2018-09-12 17:21 - 2018-08-10 17:40 - 000026112 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2018-09-12 17:21 - 2018-08-10 17:40 - 000017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2018-09-12 17:21 - 2018-08-10 17:40 - 000010240 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2018-09-12 17:21 - 2018-08-10 17:40 - 000006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2018-09-12 17:21 - 2018-08-10 17:39 - 000690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2018-09-12 17:21 - 2018-08-10 17:39 - 000644096 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2018-09-12 17:21 - 2018-08-10 17:20 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mpsdrv.sys
2018-09-12 17:21 - 2018-08-10 17:20 - 000018944 _____ (Microsoft Corporation) C:\windows\system32\wfapigp.dll
2018-09-12 17:21 - 2018-08-10 17:16 - 000097792 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2018-09-12 17:21 - 2018-08-10 17:16 - 000050688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2018-09-12 17:21 - 2018-08-10 17:16 - 000029696 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2018-09-12 17:21 - 2018-08-10 17:16 - 000016896 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2018-09-12 17:21 - 2018-08-10 17:15 - 000050176 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2018-09-12 17:21 - 2018-08-10 17:13 - 000262656 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2018-09-12 17:21 - 2018-08-10 17:13 - 000107008 _____ (Microsoft Corporation) C:\windows\system32\Drivers\videoprt.sys
2018-09-12 17:21 - 2018-08-10 17:13 - 000034304 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2018-09-12 17:21 - 2018-08-10 17:10 - 000226304 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2018-09-12 17:21 - 2018-08-10 17:10 - 000124416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2018-09-12 17:21 - 2018-08-10 17:10 - 000098304 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2018-09-12 17:21 - 2018-08-10 17:09 - 000069632 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2018-09-12 17:21 - 2018-08-10 17:09 - 000055296 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdk8.sys
2018-09-12 17:21 - 2018-08-10 17:09 - 000053760 _____ (Microsoft Corporation) C:\windows\system32\Drivers\intelppm.sys
2018-09-12 17:21 - 2018-08-10 17:09 - 000053248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\viac7.sys
2018-09-12 17:21 - 2018-08-10 17:09 - 000052736 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdppm.sys
2018-09-12 17:21 - 2018-08-10 17:09 - 000052224 _____ (Microsoft Corporation) C:\windows\system32\Drivers\processr.sys
2018-09-12 17:21 - 2018-08-10 17:09 - 000036352 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2018-09-12 17:21 - 2018-08-10 17:09 - 000022016 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2018-09-12 17:21 - 2018-08-10 17:09 - 000015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2018-09-12 17:21 - 2018-07-29 17:40 - 000751104 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2018-09-12 17:21 - 2018-07-18 17:14 - 000068608 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bowser.sys
2018-09-12 17:21 - 2018-06-27 15:20 - 000419648 _____ C:\windows\system32\locale.nls
2018-09-09 15:34 - 2018-09-09 15:34 - 000001669 _____ C:\Users\Iva\Desktop\papu-od-09-09-2018_IvaS-stale-aktualne - odkaz.lnk
2018-09-02 10:40 - 2018-09-02 11:48 - 000016266 _____ C:\Users\Iva\Desktop\Zamestnanie.xlsx

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-16 12:16 - 2017-05-12 19:36 - 000000000 ____D C:\windows\rescache
2018-09-16 10:47 - 2017-12-03 19:51 - 000000000 ____D C:\KMPlayer
2018-09-16 10:30 - 2018-06-21 21:15 - 000000000 ____D C:\Users\Iva\Downloads\Kanariky
2018-09-16 08:39 - 2016-11-19 17:55 - 000000000 ____D C:\Users\Iva\AppData\LocalLow\Mozilla
2018-09-16 08:15 - 2009-07-14 06:34 - 000018736 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-09-16 08:15 - 2009-07-14 06:34 - 000018736 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-09-16 08:01 - 2009-07-14 06:53 - 000000006 ____H C:\windows\Tasks\SA.DAT
2018-09-15 22:15 - 2017-12-14 18:43 - 000000000 ____D C:\Users\Iva\Downloads\Doklady
2018-09-15 22:15 - 2015-02-23 18:07 - 000000000 ____D C:\Users\Iva\Downloads\Letaky_LIDL_Planeo_Oriflame
2018-09-15 07:25 - 2009-07-14 04:37 - 000000000 ____D C:\windows\inf
2018-09-13 20:07 - 2009-09-23 03:25 - 000848194 _____ C:\windows\system32\PerfStringBackup.INI
2018-09-12 21:20 - 2009-07-14 06:33 - 000412888 _____ C:\windows\system32\FNTCACHE.DAT
2018-09-12 17:39 - 2013-07-24 20:02 - 000000000 ____D C:\windows\system32\MRT
2018-09-12 17:24 - 2010-01-29 19:41 - 136114104 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2018-09-11 04:42 - 2012-05-25 23:11 - 000000000 ____D C:\Program Files\CCleaner
2018-09-06 16:30 - 2012-04-25 05:28 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2018-09-05 19:51 - 2018-03-21 14:37 - 000000000 ____D C:\Users\Iva\Downloads\Draha spoja
2018-09-05 19:05 - 2014-03-31 18:01 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-09-04 16:58 - 2016-07-03 20:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2018-08-29 08:17 - 2016-07-03 20:55 - 000000000 ____D C:\ProgramData\Package Cache
2018-08-24 04:45 - 2009-07-14 06:53 - 000032564 _____ C:\windows\Tasks\SCHEDLGU.TXT
2018-08-17 23:25 - 2014-06-11 18:15 - 000000000 ____D C:\Users\Iva\AppData\Roaming\MPC-HC
2018-08-17 05:27 - 2016-04-10 17:06 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Files in the root of some directories =======

2012-04-04 21:10 - 2010-01-26 11:11 - 000444283 _____ () C:\Program Files\Common Files\WinPcapNmap.exe
2011-09-26 21:23 - 2011-10-01 09:24 - 000007722 _____ () C:\Users\Iva\AppData\Roaming\mdbu.bin
2010-05-08 20:34 - 2014-01-13 19:21 - 000005632 _____ () C:\Users\Iva\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-01-16 10:01 - 2017-01-23 10:44 - 000007608 _____ () C:\Users\Iva\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-09-16 12:08

==================== End of FRST.txt ============================

a este jeden

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 15.09.2018
Ran by Iva (16-09-2018 14:48:10)
Running from C:\Users\Iva\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2010-01-29 16:48:30)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-30654545-3194649466-4156373986-500 - Administrator - Disabled)
Guest (S-1-5-21-30654545-3194649466-4156373986-501 - Limited - Enabled)
Iva (S-1-5-21-30654545-3194649466-4156373986-1003 - Administrator - Enabled) => C:\Users\Iva

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.04 (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}) (Version: 1.0 - Microsoft Corporation) Hidden
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20058 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Advertising Center (HKLM\...\{b2ec4a38-b545-4a00-8214-13fe0e915e6d}) (Version: 0.0.0.1 - Nero AG) Hidden
Aktualizácia Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-041B-0000-0000000FF1CE}_HOMESTUDENTR_{9A8C39B0-D27F-4F81-BE74-2FECF164707E}) (Version: - Microsoft)
Aktualizácia Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-041B-0000-0000000FF1CE}_HOMESTUDENTR_{CE23B3DC-18CC-46FC-A309-81D6670F8D3D}) (Version: - Microsoft)
Aktualizácia Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-041B-0000-0000000FF1CE}_HOMESTUDENTR_{D6DBF512-87C0-4F6A-8FB9-AC3A389D9DE5}) (Version: - Microsoft)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - )
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
Asistent pri prihlasovaní v konte Windows Live ID (HKLM\...\{10A44844-4465-456E-8C97-80BDD4F68845}) (Version: 6.500.3146.0 - Microsoft Corporation)
Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5 (HKLM\...\{E031338C-839D-4EDD-9537-99B653C39D81}) (Version: 6.5.5.24 - Autodesk, Inc.)
Avanquest update (HKLM\...\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}) (Version: 1.29 - Avanquest Software)
Avira (HKLM\...\{532da46c-2aa3-4588-a4a2-b02bc641bf95}) (Version: 1.2.119.17994 - Avira Operations GmbH & Co. KG)
Avira (HKLM\...\{9620D4C2-CF5B-4DBE-8103-CC9DAB0871C6}) (Version: 1.2.119.17994 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.40.12 - Avira Operations GmbH & Co. KG)
Broadcom 802.11 Wireless Driver (HKLM\...\{8991E763-21F5-4DEA-A938-5D9D77DCB488}) (Version: 1.0.0.0 - )
Broadcom Gigabit Integrated Controller (HKLM\...\{49F3D04B-B849-4C89-AB31-2366A004EA28}) (Version: 12.24.01 - Broadcom Corporation)
BS.Player FREE (HKLM\...\BSPlayerf) (Version: 2.70.1080 - AB Team, d.o.o.)
Business Contact Manager for Outlook 2007 SP2 (HKLM\...\{B32C4059-6E7A-41EF-AD20-56DF1872B923}) (Version: 3.0.8619.1 - Microsoft Corporation) Hidden
Business Contact Manager for Outlook 2007 SP2 (HKLM\...\Business Contact Manager) (Version: 3.0.8619.1 - Microsoft Corporation)
Canon IJ Network Scanner Selector EX (HKLM\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - )
Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MP Navigator EX 5.1 (HKLM\...\MP Navigator EX 5.1) (Version: - )
Canon MP550 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series) (Version: - )
Canon MX430 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX430_series) (Version: - Canon Inc.)
Canon My Image Garden (HKLM\...\Canon My Image Garden) (Version: 3.0.1 - Canon Inc.)
Canon Pomôcka na rýchlu voľbu (HKLM\...\Speed Dial Utility) (Version: 1.5.0 - Canon Inc.)
Canon Solution Menu EX (HKLM\...\CanonSolutionMenuEX) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5931 - CDBurnerXP)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.98.4.0 - Conexant)
CrystalDiskInfo 6.1.0 (HKLM\...\CrystalDiskInfo_is1) (Version: 6.1.0 - Crystal Dew World)
Cubes Trial Version 2.00 (HKLM\...\Cubes Trial Version_is1) (Version: - )
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
doPDF 6.0 printer (HKLM\...\doPDF 6 printer_is1) (Version: - Softland)
Doplnok Microsoft Save as PDF or XPS pre programy balíka 2007 Microsoft Office (HKLM\...\{90120000-00B2-041B-0000-0000000FF1CE}) (Version: 12.0.4518.1039 - Microsoft Corporation)
EasyCapture (HKLM\...\EasyCapture4.0) (Version: V4.0.09.0731 - Lenovo)
EGR-ShellExtension (HKLM\...\EGR-ShellExtension) (Version: 1.1.0.100 - EasternGraphics)
Energy Management (HKLM\...\{AE1E24C2-E720-42D5-B8E1-48F71A97B4DB}) (Version: 4.3.1.1 - Lenovo)
Facebook Video Calling 1.2.0.287 (HKLM\...\{B92C5909-1D37-4C51-8397-A28BB28E5DC3}) (Version: 1.2.287 - Skype Limited)
FileHippo.com Update Checker (HKLM\...\FileHippo.com) (Version: - )
FormatFactory 3.00 (HKLM\...\FormatFactory) (Version: 3.00 - Free Time)
Free M4a to MP3 Converter 7.1 (HKLM\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com)
GIMP 2.4.5 (HKLM\...\WinGimp-2.0_is1) (Version: - )
Google Chrome (HKLM\...\Google Chrome) (Version: 68.0.3440.106 - Spoločnosť Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HD Tune 2.55 (HKLM\...\HD Tune_is1) (Version: - EFD Software)
HF Designer 2.7 (HKLM\...\HappyFoto-Designer_is1) (Version: - )
ICQ7.5 (HKLM\...\{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}) (Version: 7.5 - ICQ)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation)
Intel(R) Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.450 - Oracle)
Java(TM) 6 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
K-Lite Codec Pack 10.5.5 Full (HKLM\...\KLiteCodecPack_is1) (Version: 10.5.5 - )
KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version: 4.1.5.6 - PandoraTV)
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9600 - Broadcom Corporation)
Lenovo EasyCamera (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.50.6 - Suyin Optronics Corp.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.0723 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.0723 - CyberLink Corp.)
Lenovo ReadyComm 5 (HKLM\...\{17542DBF-E17C-4562-BC4D-FA3EF3076C45}) (Version: 5.1.1.17 - Lenovo)
Lenovo ReadyComm 5.0 Service (HKLM\...\{76C66170-C538-4E77-B54D-48E136B5B533}) (Version: 5.0.0.1 - Lenovo Group Limited)
Lexmark X1100 Series (HKLM\...\Lexmark X1100 Series) (Version: - )
Media Go (HKLM\...\{520CD4F0-9DAC-4C5C-8CA1-D0210CFF6062}) (Version: 1.4.269 - Sony)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM\...\{90A40409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.4 (HKLM\...\{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}) (Version: 2.0.3008.0 - Microsoft Corporation)
Microsoft Office Small Business Connectivity Components (HKLM\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{E7084B89-69E0-46B3-A118-8F99D06988CD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mobile Connect (HKLM\...\{3EAAC5FD-E209-4856-8C49-D4EA40F85032}) (Version: 1.00.0000 - Huawei technologies)
Mozilla Firefox 62.0 (x86 sk) (HKLM\...\Mozilla Firefox 62.0 (x86 sk)) (Version: 62.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 62.0.0.6816 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MusicJet (HKU\S-1-5-21-30654545-3194649466-4156373986-1003\...\76f4758ca7e15dc6) (Version: 1.0.2.18 - MusicJet)
Nero 9 Essentials (HKLM\...\{faeebf0a-0bd4-44a5-a539-f9ea31b1e084}) (Version: - Nero AG)
Nero BurnLite 10 (HKLM\...\{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}) (Version: 10.0.10600 - Nero AG)
Nero BurnLite 10 (HKLM\...\{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}) (Version: 10.0.10500.5.100 - Nero AG)
Nero Update (HKLM\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
Opera 12.17 (HKLM\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
Opera Stable 48.0.2685.35 (HKLM\...\Opera 48.0.2685.35) (Version: 48.0.2685.35 - Opera Software)
PC Inspector smart recovery (HKLM\...\{C9A87D86-FDFD-418B-BF96-EF09320973B3}) (Version: 4.50 - )
pCon.planner 6.7 (HKLM\...\{61FFF5E3-1D08-4F66-AC29-EF61963F2619}) (Version: 6.7.0.102 - EasternGraphics) Hidden
pCon.planner 6.7 (HKLM\...\pCon.planner 6.7) (Version: 6.7.0.102 - EasternGraphics)
PlayStation(R)Network Downloader (HKLM\...\{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}) (Version: 2.02.00076 - Sony Computer Entertainment Inc.)
PlayStation(R)Store (HKLM\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 3.1.8.07881 - Sony Computer Entertainment Inc.)
Pluto TV version 0.3.2 (HKU\S-1-5-21-30654545-3194649466-4156373986-1003\...\Pluto TV_is1) (Version: 0.3.2 - Pluto TV)
Power2Go (HKLM\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.4809d1 - CyberLink Corp.)
Puzzle Express Deluxe (HKU\S-1-5-21-30654545-3194649466-4156373986-1003\...\Puzzle Express Deluxe) (Version: 1.0.0 - Zylom Games)
QIP 2012 4.0.6611 (HKU\S-1-5-21-30654545-3194649466-4156373986-1003\...\QIP 2012) (Version: 4.0.6611 - )
QIP Internet Guardian (HKU\S-1-5-21-30654545-3194649466-4156373986-1003\...\QipGuard) (Version: - )
QuickTime 7 (HKLM\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
RAD Video Tools (HKLM\...\RADVideo) (Version: - )
Realtek Card Reader (HKLM\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconduct Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30101 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.45 - Piriform)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Super DX-Ball v1.00 (HKLM\...\Super DX-Ball_is1) (Version: 1.0 - BlitWise Productions, LLC)
swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tetris Navždy (HKLM\...\Tetris Navždy) (Version: - )
Theophilos 3 (HKLM\...\Theophilos_is1) (Version: - )
Theophilos 3.0 (HKLM\...\Theophilos 3.0_is1) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
WinPcap 4.1.1 (HKLM\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-30654545-3194649466-4156373986-1003_Classes\CLSID\{5C4094D7-4213-4C40-9E33-16A2D2D69EF2}\InprocServer32 -> C:\Program Files\Sony\PlayStation Store\StoreDrmUtility.dll (Sony Computer Entertainment Inc.)
CustomCLSID: HKU\S-1-5-21-30654545-3194649466-4156373986-1003_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Iva\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files\Avira\Antivirus\shlext.dll [2018-09-04] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2011-02-11] (Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files\Avira\Antivirus\shlext.dll [2018-09-04] (Avira Operations GmbH & Co. KG)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {097ED442-5C72-4D45-95A6-5B07AFC48265} - \Install_NSS -> No File <==== ATTENTION
Task: {1338EC58-3ED9-49C4-81C3-A6B4B3547CE5} - System32\Tasks\{D817FDD0-775A-4570-BFAE-9154269408A8} => C:\windows\system32\pcalua.exe -a F:\NOVE_USPORIADANIE\Instalacky\Kodeky_instalacky\Codecs6030_allin1_All_in_ONE.exe -d F:\NOVE_USPORIADANIE\Instalacky\Kodeky_instalacky
Task: {2DD6F659-9040-4FF3-9B3E-3F51EA58FB5F} - System32\Tasks\{5776848F-1F69-40B3-B043-98AC6F2519AA} => C:\windows\system32\pcalua.exe -a C:\windows\system32\pcwrun.exe -c "C:\Program Files\GIMP-2.0\bin\gimp-2.4.exe"
Task: {4704E4C5-FB1F-42C4-802C-06FB1BB50A0F} - System32\Tasks\{FAB74AE7-CF79-45AE-AB0F-6624C9CEBDF6} => C:\windows\system32\pcalua.exe -a C:\Dokumenty_od_29-12-2014\Hry\tetrinst.exe -d C:\Dokumenty_od_29-12-2014\Hry
Task: {4848B36A-807F-4EE7-8844-D47D8AC7DD17} - System32\Tasks\{F2A42AD5-62FA-47B2-B9E1-FB3562B266F6} => C:\windows\system32\pcalua.exe -a "C:\Dokumenty_od_29-12-2014\PROGRAM---Bible-do-PC\THEOPHILOS - Bible do PC - základní program.EXE" -d C:\Dokumenty_od_29-12-2014\PROGRAM---Bible-do-PC
Task: {505FCC7F-118E-437E-A34B-521CD049F4B2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {5A683F93-2FC4-49BE-87D1-70EB88C286DB} - System32\Tasks\{927D828E-ABEF-43FC-9968-E85D61911011} => C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe [2009-07-01] (Broadcom Corporation.)
Task: {6F37622D-AC57-4AA6-8A94-6A166F1B927B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {6F51716D-4A9F-49CC-9875-203FDD8E9E33} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files\Avira\Antivirus\avgnt.exe [2018-09-04] (Avira Operations GmbH & Co. KG)
Task: {7714160B-C66A-44B1-A6A9-AEF5D51595AB} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-10] (Piriform Ltd)
Task: {7E272799-9C03-4FB0-86B3-71E3C8248B65} - System32\Tasks\{3EB3C91F-59DD-4A57-B960-89983FF43EBC} => C:\windows\system32\pcalua.exe -a C:\windows\system32\pcwrun.exe -c "C:\Program Files\RarZilla Free Unrar\RarZilla.exe"
Task: {815926C0-E9C1-4241-BF21-9C5DE8D428A0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {87288777-F114-4765-B44B-78BAB217E075} - System32\Tasks\{B9592A61-A346-42FE-B832-D61EECCA6EA3} => C:\windows\system32\pcalua.exe -a C:\ProgramData\F4D55F3B000026F400013E6CB4EB23C1\F4D55F3B000026F400013E6CB4EB23C1.exe -c -u
Task: {88604855-7D6C-4E11-9DB4-73F1ED06F403} - System32\Tasks\Avast Software\Overseer => C:\Program Files\AVAST Software\Avast\setup\overseer.exe
Task: {89A2278B-132D-47B2-9914-D2777C33D3E1} - System32\Tasks\Opera scheduled Autoupdate 1422108017 => C:\Program Files\Opera\launcher.exe [2017-10-02] (Opera Software)
Task: {9E1FC1E2-7DF0-445C-AC33-ACC9D788BF78} - System32\Tasks\{9CEE08D8-D68A-44B1-924C-EA8367A4C2B9} => C:\windows\system32\pcalua.exe -a C:\Moje_dokumenty\NOVE_USPORIADANIE\Instalacky\Virtualna_tlaciaren_pdf_creator_instalacka\dopdf.exe -d C:\Moje_dokumenty\NOVE_USPORIADANIE\Instalacky\Virtualna_tlaciaren_pdf_creator_instalacka
Task: {A01A5F0A-9524-46AC-899A-15A2A4AD7599} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-10] (Piriform Ltd)
Task: {A22DBA14-D8C0-4927-9298-2257956299D6} - System32\Tasks\{355E2702-06E9-4D0A-A4E8-E130D43F75C7} => C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe [2009-07-01] (Broadcom Corporation.)
Task: {B8F2C1F1-8C1C-46BF-9B75-50B06BE1494E} - System32\Tasks\{A6BAE287-7DC6-4DB6-80B8-76EBDC43450B} => C:\windows\system32\pcalua.exe -a "F:\NOVE_USPORIADANIE\Instalacky\Mozilla_Firefox\Firefox Setup 3.0.9.exe" -d F:\NOVE_USPORIADANIE\Instalacky\Mozilla_Firefox
Task: {D0CDCABB-EADB-4E22-8A8B-7E4AE2F95C13} - System32\Tasks\{B7493C4E-3873-46DD-85AC-547AD1DE3955} => C:\windows\system32\pcalua.exe -a F:\NOVE_USPORIADANIE\Instalacky\K_happy_akvariu_na_Facebooku\Shockwave_Installer_Full.exe -d F:\NOVE_USPORIADANIE\Instalacky\K_happy_akvariu_na_Facebooku
Task: {D8D2FD5D-2972-406B-83B6-F4FF951D437A} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-08] (Adobe Systems Incorporated)
Task: {F395AAEC-E18E-4BF2-8D5A-7A6F8C7A7848} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {FA43B367-7AB3-4AB3-893D-6726335727AB} - System32\Tasks\{374E708E-9FD7-43D7-A3CE-AC8E0281C812} => C:\windows\system32\pcalua.exe -a D:\Install\Zipovace\7z465.exe -d D:\Install\Zipovace
Task: {FB0658A6-C3CA-4D41-9BAA-2BED85A4D743} - System32\Tasks\{FCFA5440-6A4B-4887-BB96-3497618D599F} => C:\windows\system32\pcalua.exe -a "F:\NOVE_USPORIADANIE\Instalacky\Adobe Acrobat Reader 6.0 aj 8.0\Adobe_Reader_v8_0_CZ.exe" -d "F:\NOVE_USPORIADANIE\Instalacky\Adobe Acrobat Reader 6.0 aj 8.0"

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2010-03-27 19:35 - 2003-07-29 15:27 - 000078336 _____ () C:\windows\system32\spool\PRTPROCS\W32X86\LXBKPP5C.dll
2009-11-10 18:21 - 2008-12-20 05:20 - 000063304 _____ () C:\Program Files\Lenovo\Energy Management\kbdhook.dll
2009-11-10 18:21 - 2008-12-20 05:20 - 000051016 _____ () C:\Program Files\Lenovo\Energy Management\HookLib.dll
2018-08-12 14:01 - 2018-08-12 13:59 - 001204472 _____ () C:\Program Files\Avira\Antivirus\crypto-42.dll
2018-08-12 14:01 - 2018-08-12 13:59 - 000243352 _____ () C:\Program Files\Avira\Antivirus\ssl-44.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2018-02-08 17:21 - 000000035 _____ C:\windows\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-30654545-3194649466-4156373986-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Iva\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Iva^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PlutoTV.lnk => C:\windows\pss\PlutoTV.lnk.Startup
MSCONFIG\startupreg: Apoint => C:\Program Files\Apoint2K\Apoint.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Avira System Speedup User Starter => "C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe"
MSCONFIG\startupreg: Avira SystrayStartTrigger => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe
MSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
MSCONFIG\startupreg: VeriFaceManager => C:\Program Files\Lenovo\VeriFace\PManage.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B15C5458-D4C3-4F39-8188-C73886AB484C}] => (Allow) C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
FirewallRules: [{50309CE0-6061-4F45-8387-30F71EABD235}] => (Allow) C:\windows\System32\IgrsSvcs.exe
FirewallRules: [{7D4EBB45-7C2D-476A-866E-321EB71387D2}] => (Allow) C:\windows\System32\IgrsSvcs.exe
FirewallRules: [{0C0DCF90-E250-4325-8275-9595FECF2D2F}] => (Allow) C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
FirewallRules: [{F410BBB9-AE8D-4117-914E-33DD15AD4422}] => (Allow) C:\Program Files\Lenovo\ReadyComm\ReadyComm.exe
FirewallRules: [{25A04806-39BE-4844-A2DF-38AAD39F517F}] => (Allow) C:\Program Files\Lenovo\ReadyComm\Projectionist.exe
FirewallRules: [{ECE083BB-B64A-45C8-8029-DB318B4A5F0E}] => (Allow) C:\Program Files\Lenovo\ReadyComm\Projectionist.exe
FirewallRules: [{33FFBE7A-5CFE-41F7-9C00-901BE47D649F}] => (Allow) C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
FirewallRules: [{2553EFAB-2FA2-4CAD-8970-224B673EAE70}] => (Allow) C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
FirewallRules: [{AE86CC13-F845-4BBE-A531-94ACCE01422B}] => (Allow) C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
FirewallRules: [{8BCAAD73-86D7-4ACB-8986-D6AE5A52A2FD}] => (Allow) C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
FirewallRules: [{3F6E1029-3C60-48E9-B43A-995BD4170373}] => (Allow) C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
FirewallRules: [{3DAE2E26-3D52-4E65-B808-9BB50FE05534}] => (Allow) C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
FirewallRules: [TCP Query User{C3B652EC-FB8E-4BD2-96A2-7FCA3B2E3CBC}C:\program files\opera\opera.exe] => (Allow) C:\program files\opera\opera.exe
FirewallRules: [UDP Query User{F17F7FF8-E5B0-4B99-AA4F-083047336DC2}C:\program files\opera\opera.exe] => (Allow) C:\program files\opera\opera.exe
FirewallRules: [TCP Query User{BFB1BD70-4668-4735-9277-BF2C8FC8D96A}C:\program files\opera\opera.exe] => (Block) C:\program files\opera\opera.exe
FirewallRules: [UDP Query User{AC1D111C-7049-4C99-A992-CE9054976335}C:\program files\opera\opera.exe] => (Block) C:\program files\opera\opera.exe
FirewallRules: [{1279EAB1-AAB1-4993-A899-6C839FFC5300}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{773470E4-2101-421F-860C-F50618287C65}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{4F5E48D2-17E9-45AE-A1B9-C9D153C275D3}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{2AFED377-0A67-4CB4-9E68-AA17F07CC0E4}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{E119330F-0296-41AE-881E-9AB1C7B550E0}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{C954B080-78AD-41E4-AC33-CECC4B574CFA}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{9A3BD9B4-1B67-4B6C-8DE1-2F477D26F696}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{D9947D47-64ED-4E36-A234-F83F84FCBA4D}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{8438D759-BD91-4474-87F6-93933ECAF8F6}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{274186CA-8E0F-4083-9020-30B819D51EEB}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{21DD6A2A-2D3F-4565-8803-B815BD409441}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{E9B25EC6-C489-49F6-A485-AD6F9EE7EA5B}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{F9AE9B17-9BB8-49FD-B76C-225DCEF378EC}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{FF4225D5-645C-415B-886F-4B899AE761E8}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{41B2B6CA-4BE9-486B-B867-3A8163B5EF97}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{87865ECB-6BAB-4957-9881-75DC136D889C}C:\program files\icq7.1\icq.exe] => (Block) C:\program files\icq7.1\icq.exe
FirewallRules: [UDP Query User{57D7DE28-E332-4309-B5BE-2B1241C996AB}C:\program files\icq7.1\icq.exe] => (Block) C:\program files\icq7.1\icq.exe
FirewallRules: [{19FE0E10-D10C-44B1-8B64-D72E6810B046}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [TCP Query User{D6915018-2A90-4CAC-8D5C-60427DBFFB57}C:\program files\qip 2012\qip.exe] => (Block) C:\program files\qip 2012\qip.exe
FirewallRules: [UDP Query User{539F7CB0-327A-4949-A591-7AF2933E4A24}C:\program files\qip 2012\qip.exe] => (Block) C:\program files\qip 2012\qip.exe
FirewallRules: [{61843223-799F-4909-BBB3-8287FDE853B2}] => (Allow) C:\Program Files\ICQ7.5\ICQ.exe
FirewallRules: [{E2195357-D431-4FF9-A4B4-2784FBE2192B}] => (Allow) C:\Program Files\ICQ7.5\ICQ.exe
FirewallRules: [{AB13E5EC-657F-4520-B704-16D4FFA77250}] => (Allow) C:\Program Files\ICQ7.5\ICQ.exe
FirewallRules: [{59F5D1DB-33D9-4FD9-A312-D1B0EE31FAC6}] => (Allow) C:\Program Files\ICQ7.5\ICQ.exe
FirewallRules: [{8DBD9DC6-579B-441F-84E0-7FC12418187A}] => (Allow) C:\Program Files\ICQ7.5\ICQ.exe
FirewallRules: [{7E18E430-A132-4C2E-BBD5-7DF8DFE8FA32}] => (Allow) C:\Program Files\ICQ7.5\ICQ.exe
FirewallRules: [{78612CBD-2D82-4079-B6FD-13F87AA3E188}] => (Allow) C:\Users\Iva\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{DABDD449-D4CF-45EE-B207-BA77CB5E1B22}] => (Allow) C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{D6B57271-792A-40FB-93C8-EBBB4F46E218}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{5133B4C8-BA48-4B3B-BB33-752780D417FF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{5B9B160A-CED9-45DE-A1A2-D79A245ED541}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{E9D4009A-2910-4592-8CF1-2F545720FB3A}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{ECD4B7E2-16F4-4C80-AD95-3763A1E9E199}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{0E0951EB-4215-4CDA-8116-86DA8C9B6E34}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{C8DA4E42-DF17-4C3C-83EB-BDAC890BE4FB}] => (Allow) C:\Program Files\Opera\47.0.2631.80\opera.exe
FirewallRules: [{183CC8A7-E2B2-4702-8FF5-BF3C8F1132E5}] => (Allow) C:\Program Files\Opera\48.0.2685.35\opera.exe
FirewallRules: [{238328FC-1196-4C46-92A4-2A96E1851C52}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{A20155EB-5054-4BCA-B259-0BAC6D932E12}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{06079893-644A-4D5D-9CBA-61C3B5B0A919}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe

==================== Restore Points =========================

08-09-2018 14:32:53 Plánovaný kontrolný bod
12-09-2018 17:22:35 Windows Update

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (09/16/2018 11:17:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybovej aplikácie: CNSEUPDT.EXE, verzia: 1.4.1.0, časová značka: 0x5073a809
Názov chybového modulu: CNMDWLD.DLL, verzia: 1.0.0.0, časová značka: 0x4cad61a4
Kód výnimky: 0xc0000005
Odstup chyby: 0x000024c0
Identifikácia chybného procesu: 0x1344
Čas spustenia chybnej aplikácie: 0x01d44d9e01883865
Cesta chybnej aplikácie: C:\Program Files\Canon\Solution Menu EX\CNSEUPDT.EXE
Cesta chybného modulu: C:\Program Files\Canon\Solution Menu EX\CNMDWLD.DLL
Identifikácia hlásenia: 4d5beceb-b991-11e8-b580-002622d474ed

Error: (09/15/2018 05:15:54 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - There was a failure initializing profiling API attach infrastructure. This process will not allow a profiler to attach. HRESULT: 0x80004005. Process ID (decimal): 5844. Message ID: [0x2509].

Error: (09/15/2018 05:15:18 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - There was a failure initializing profiling API attach infrastructure. This process will not allow a profiler to attach. HRESULT: 0x80004005. Process ID (decimal): 4864. Message ID: [0x2509].

Error: (09/15/2018 04:32:22 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - There was a failure initializing profiling API attach infrastructure. This process will not allow a profiler to attach. HRESULT: 0x80004005. Process ID (decimal): 5852. Message ID: [0x2509].

Error: (09/15/2018 08:04:43 AM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - There was a failure initializing profiling API attach infrastructure. This process will not allow a profiler to attach. HRESULT: 0x80004005. Process ID (decimal): 6012. Message ID: [0x2509].

Error: (09/14/2018 11:12:57 PM) (Source: ESENT) (EventID: 104) (User: )
Description: Windows (1924) Windows: The database engine stopped the instance (0) with error (-510).

Error: (09/14/2018 11:12:53 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Služba Windows Search sa zastavuje, pretože sa vyskytol problém s indexovaním, The catalog is corrupt.

Context: Windows Application, SystemIndex Catalog

Details:
Metaúdaje indexu obsahu sa nedajú prečítať. (HRESULT : 0xc0041801) (0xc0041801)

Error: (09/14/2018 11:12:53 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vyhľadávacia služba zistila v indexe {id=3800} súbory s poškodenými údajmi. Služba sa pokúsi o automatické opravenie tohto problému opätovným vytvorením indexu.

Context: Windows Application, SystemIndex Catalog

Details:
Metaúdaje indexu obsahu sa nedajú prečítať. (HRESULT : 0xc0041801) (0xc0041801)

System errors:
=============
Error: (09/16/2018 01:39:05 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (09/16/2018 01:23:18 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (09/16/2018 01:23:16 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (09/16/2018 12:55:40 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (09/16/2018 12:49:57 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (09/16/2018 12:49:56 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (09/16/2018 12:49:53 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (09/15/2018 10:38:37 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Windows Update sa po prijatí ovládacieho príkazu pred vypnutím nevypla správne.

==================== Memory info ===========================

Processor: Pentium(R) Dual-Core CPU T4300 @ 2.10GHz
Percentage of memory in use: 63%
Total physical RAM: 3032.6 MB
Available physical RAM: 1111.16 MB
Total Virtual: 6063.57 MB
Available Virtual: 3048.16 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:252.89 GB) (Free:7.29 GB) NTFS
Drive d: (Lenovo) (Fixed) (Total:30.25 GB) (Free:0.51 GB) NTFS

\\?\Volume{26c8cd6d-ce13-11de-b561-806e6f6e6963}\ () (Fixed) (Total:0.2 GB) (Free:0.15 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 397BDB04)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=252.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=30.2 GB) - (Type=0F Extended)
Partition 4: (Not Active) - (Size=14.8 GB) - (Type=12)

==================== End of Addition.txt ============================

#2 Příspěvek od **Rudy** » 16 zář 2018 14:52

Zdravím!
Jde o podezřelé soubory (HDTune je určitě v pořádku). Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Iva212 · #3 Příspěvek od **Iva212** » 16 zář 2018 17:40

# -------------------------------
# Malwarebytes AdwCleaner 7.2.3.0
# -------------------------------
# Build: 08-30-2018
# Database: 2018-09-14.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-16-2018
# Duration: 00:00:16
# OS: Windows 7 Home Premium
# Cleaned: 6
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Windows\Installer\{773A8CA8-3876-4AA1-AB78-EECA231BFF3A}

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\Software\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B}
Deleted HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-30654545-3194649466-4156373986-1003\Software\ICQ\ICQToolbar
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Avira System Speedup User Starter
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Avira SystrayStartTrigger

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted ICQ Search

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1809 octets] - [16/09/2018 18:13:48]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

#4 Příspěvek od **Rudy** » 16 zář 2018 17:58

Dejte nový log FRST.

Iva212 · #5 Příspěvek od **Iva212** » 16 zář 2018 19:02

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15.09.2018
Ran by Iva (administrator) on IVA-PC (16-09-2018 19:55:25)
Running from C:\Users\Iva\Desktop
Loaded Profiles: Iva (Available Profiles: Iva)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Lexmark International, Inc.) C:\Windows\System32\LEXBCES.EXE
(Lexmark International, Inc.) C:\Windows\System32\LEXPPS.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avguard.exe
(Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\Energy Management\utility.exe
(Microsoft Corporation) C:\Windows\System32\IgrsSvcs.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Lenovo (Beijing) Limited) C:\Program Files\Lenovo\Energy Management\Energy Management.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [EnergyUtility] => C:\Program Files\Lenovo\Energy Management\utility.exe [4081480 2009-07-15] (Lenovo(beijing) Limited)
HKLM\...\Run: [Energy Management] => C:\Program Files\Lenovo\Energy Management\Energy Management.exe [5064520 2009-06-25] (Lenovo (Beijing) Limited)
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2018-08-17] (Avira Operations GmbH & Co. KG)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5A6B09D9-D8F4-4C90-A6A4-7B84A2405D60}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-30654545-3194649466-4156373986-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue=hxxp://mail.google.com/mail/&scc=1&ltmpl=default&ltmplcache=2
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-30654545-3194649466-4156373986-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-08] (Oracle Corporation)
BHO: Pomocník pri prihlasovaní v konte Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-08] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default [2018-09-16]
FF user.js: detected! => C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\user.js [2016-11-27]
FF Session Restore: Mozilla\Firefox\Profiles\ihm4dqwj.default -> is enabled.
FF Extension: (Flash Video Downloader) - C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\Extensions\artur.dubovoy@gmail.com.xpi [2018-08-17]
FF Extension: (1-Click YouTube Video Downloader) - C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2018-04-15]
FF Extension: (Flash and Video Download) - C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}.xpi [2018-08-28]
FF Extension: (Firefox Monitor) - C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\features\{accdbaad-5dea-482c-b832-ad6a76bc5b86}\fxmonitor@mozilla.org.xpi [2018-09-10]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-04-08] ()
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-10-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-10-08] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.4 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2009-06-09] (Microsoft Corp.)
FF Plugin: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files\Sony\Media Go\npmediago.dll [2010-01-20] (Sony Media Software and Services Inc)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-30654545-3194649466-4156373986-1003: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Iva\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2012-10-12] (Skype Limited)

Chrome:
=======
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default [2018-09-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-06]
CHR Extension: (Chrome Media Router) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-13]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files\Avira\Antivirus\avmailc7.exe [895056 2018-09-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\Antivirus\sched.exe [226000 2018-09-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\Antivirus\avguard.exe [226000 2018-09-04] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\Antivirus\avwebg7.exe [1148568 2018-09-04] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [436848 2018-08-17] (Avira Operations GmbH & Co. KG)
S3 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [582944 2009-07-01] (Broadcom Corporation.)
R2 IGRS; C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe [38152 2009-07-14] (Lenovo Group Limited)
S3 Lenovo ReadyComm AppSvc; C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [414984 2009-07-28] (Lenovo Group Limited)
S3 Lenovo ReadyComm ConnSvc; C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [472328 2009-07-28] (Lenovo Group Limited)
R2 LexBceS; C:\windows\System32\LEXBCES.EXE [303104 2003-08-18] (Lexmark International, Inc.) [File not signed]
S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
S3 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [503080 2010-05-04] (Nero AG)
S3 PS_MDP; C:\Program Files\Lenovo\ReadyComm\PS_MDP.dll [276296 2009-07-16] (Lenovo Group Limited)
R2 ReadyComm.DirectRouter; C:\Program Files\Lenovo\ReadyComm\common\router.dll [103688 2009-07-14] (Lenovo Group Limited)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ACPIVPC; C:\windows\System32\DRIVERS\AcpiVpc.sys [23136 2010-01-20] (Lenovo Corporation)
R0 avdevprot; C:\windows\System32\DRIVERS\avdevprot.sys [46440 2017-06-20] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [132448 2018-07-11] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\windows\System32\DRIVERS\avipbb.sys [147880 2018-07-11] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\windows\System32\DRIVERS\avkmgr.sys [35840 2017-03-23] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\windows\System32\DRIVERS\avnetflt.sys [59000 2017-03-23] (Avira Operations GmbH & Co. KG)
S3 Bridge0; C:\windows\System32\drivers\WDBridge.sys [63240 2009-07-28] (Lenovo)
R3 Btcsrusb; C:\windows\System32\Drivers\btcusb.sys [47504 2016-11-27] (IVT Corporation.)
R1 HWiNFO32; C:\windows\system32\drivers\HWiNFO32.SYS [23840 2016-11-27] (REALiX(tm))
R2 npf; C:\windows\System32\drivers\npf.sys [50704 2010-01-27] (CACE Technologies, Inc.)
S3 RSUSBSTOR; C:\windows\System32\Drivers\RtsUStor.sys [171520 2009-07-30] (Realtek Semiconductor Corp.) [File not signed]
S3 RTSUER; C:\windows\System32\Drivers\RtsUer.sys [304344 2016-11-27] (Realsil Semiconductor Corporation)
S3 s1039mdm; C:\windows\System32\DRIVERS\s1039mdm.sys [124016 2010-03-15] (MCCI Corporation)
R3 SmbDrvI; C:\windows\System32\DRIVERS\Smb_driver_Intel.sys [26792 2016-11-27] (Synaptics Incorporated)
R3 SNP2UVC; C:\windows\System32\DRIVERS\snp2uvc.sys [1759616 2009-03-13] ()
R3 wdmirror; C:\windows\System32\DRIVERS\WDMirror.sys [11792 2009-07-16] (Windows (R) Codename Longhorn DDK provider)
S3 wsvd; C:\windows\System32\DRIVERS\wsvd.sys [81704 2009-07-21] (CyberLink)
U5 AppMgmt; C:\windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
U3 aswbdisk; no ImagePath
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-16 18:12 - 2018-09-16 18:15 - 000000000 ____D C:\AdwCleaner
2018-09-16 18:09 - 2018-09-16 18:09 - 007567568 _____ (Malwarebytes) C:\Users\Iva\Desktop\AdwCleaner.exe
2018-09-16 13:49 - 2018-09-16 14:48 - 000037555 _____ C:\Users\Iva\Desktop\Addition.txt
2018-09-16 13:45 - 2018-09-16 19:58 - 000012212 _____ C:\Users\Iva\Desktop\FRST.txt
2018-09-16 13:44 - 2018-09-16 19:55 - 000000000 ____D C:\FRST
2018-09-16 13:43 - 2018-09-16 13:43 - 001774080 _____ (Farbar) C:\Users\Iva\Desktop\FRST.exe
2018-09-12 17:21 - 2018-08-31 17:08 - 001311744 _____ (Microsoft Corporation) C:\windows\system32\msjet40.dll
2018-09-12 17:21 - 2018-08-31 17:08 - 000340480 _____ (Microsoft Corporation) C:\windows\system32\msexcl40.dll
2018-09-12 17:21 - 2018-08-30 03:47 - 001230848 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2018-09-12 17:21 - 2018-08-28 07:41 - 000190976 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ks.sys
2018-09-12 17:21 - 2018-08-24 20:47 - 000350296 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2018-09-12 17:21 - 2018-08-23 23:27 - 020279296 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2018-09-12 17:21 - 2018-08-23 23:25 - 002724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2018-09-12 17:21 - 2018-08-23 23:25 - 000004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2018-09-12 17:21 - 2018-08-23 23:15 - 000497664 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2018-09-12 17:21 - 2018-08-23 23:14 - 000341504 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2018-09-12 17:21 - 2018-08-23 23:14 - 000062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2018-09-12 17:21 - 2018-08-23 23:14 - 000047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2018-09-12 17:21 - 2018-08-23 23:13 - 000064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2018-09-12 17:21 - 2018-08-23 23:12 - 002295808 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2018-09-12 17:21 - 2018-08-23 23:09 - 000047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2018-09-12 17:21 - 2018-08-23 23:09 - 000030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2018-09-12 17:21 - 2018-08-23 23:07 - 000476160 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2018-09-12 17:21 - 2018-08-23 23:06 - 000662016 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2018-09-12 17:21 - 2018-08-23 23:06 - 000620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2018-09-12 17:21 - 2018-08-23 23:06 - 000115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2018-09-12 17:21 - 2018-08-23 23:06 - 000104960 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2018-09-12 17:21 - 2018-08-23 23:02 - 000668160 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2018-09-12 17:21 - 2018-08-23 23:00 - 000416256 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2018-09-12 17:21 - 2018-08-23 22:56 - 000073216 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2018-09-12 17:21 - 2018-08-23 22:56 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2018-09-12 17:21 - 2018-08-23 22:55 - 000091136 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2018-09-12 17:21 - 2018-08-23 22:54 - 000168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2018-09-12 17:21 - 2018-08-23 22:53 - 000076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2018-09-12 17:21 - 2018-08-23 22:52 - 000279040 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2018-09-12 17:21 - 2018-08-23 22:51 - 004494848 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2018-09-12 17:21 - 2018-08-23 22:51 - 000130048 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2018-09-12 17:21 - 2018-08-23 22:48 - 013679616 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2018-09-12 17:21 - 2018-08-23 22:46 - 000230400 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2018-09-12 17:21 - 2018-08-23 22:44 - 002059776 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2018-09-12 17:21 - 2018-08-23 22:44 - 001155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2018-09-12 17:21 - 2018-08-23 22:44 - 000696320 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2018-09-12 17:21 - 2018-08-23 22:44 - 000692224 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2018-09-12 17:21 - 2018-08-23 22:30 - 004037632 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2018-09-12 17:21 - 2018-08-23 22:27 - 001329664 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2018-09-12 17:21 - 2018-08-23 22:24 - 000710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2018-09-12 17:21 - 2018-08-13 17:40 - 012880896 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2018-09-12 17:21 - 2018-08-13 17:40 - 001499648 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll
2018-09-12 17:21 - 2018-08-13 17:40 - 001390080 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2018-09-12 17:21 - 2018-08-13 17:40 - 001241088 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2018-09-12 17:21 - 2018-08-13 17:40 - 000306688 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2018-09-12 17:21 - 2018-08-13 17:40 - 000043008 _____ (Microsoft Corporation) C:\windows\system32\mf3216.dll
2018-09-12 17:21 - 2018-08-13 17:40 - 000004608 _____ (Microsoft Corporation) C:\windows\system32\msimg32.dll
2018-09-12 17:21 - 2018-08-13 17:40 - 000002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2018-09-12 17:21 - 2018-08-13 17:40 - 000002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2018-09-12 17:21 - 2018-08-12 22:18 - 000240808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2018-09-12 17:21 - 2018-08-12 22:17 - 001311400 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2018-09-12 17:21 - 2018-08-12 22:17 - 000187560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2018-09-12 17:21 - 2018-08-12 22:14 - 000018944 _____ (Microsoft Corporation) C:\windows\system32\netevent.dll
2018-09-12 17:21 - 2018-08-10 17:45 - 004054192 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
2018-09-12 17:21 - 2018-08-10 17:45 - 000309424 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2018-09-12 17:21 - 2018-08-10 17:45 - 000139360 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2018-09-12 17:21 - 2018-08-10 17:45 - 000067248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2018-09-12 17:21 - 2018-08-10 17:44 - 003961440 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2018-09-12 17:21 - 2018-08-10 17:44 - 000191072 _____ (Microsoft Corporation) C:\windows\system32\halmacpi.dll
2018-09-12 17:21 - 2018-08-10 17:44 - 000191072 _____ (Microsoft Corporation) C:\windows\system32\hal.dll
2018-09-12 17:21 - 2018-08-10 17:44 - 000136368 _____ (Microsoft Corporation) C:\windows\system32\halacpi.dll
2018-09-12 17:21 - 2018-08-10 17:43 - 001311928 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2018-09-12 17:21 - 2018-08-10 17:41 - 000655360 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2018-09-12 17:21 - 2018-08-10 17:41 - 000564736 _____ (Microsoft Corporation) C:\windows\system32\MPSSVC.dll
2018-09-12 17:21 - 2018-08-10 17:41 - 000400896 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2018-09-12 17:21 - 2018-08-10 17:41 - 000261120 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2018-09-12 17:21 - 2018-08-10 17:41 - 000254464 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2018-09-12 17:21 - 2018-08-10 17:41 - 000223232 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2018-09-12 17:21 - 2018-08-10 17:41 - 000172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2018-09-12 17:21 - 2018-08-10 17:41 - 000146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2018-09-12 17:21 - 2018-08-10 17:41 - 000141312 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2018-09-12 17:21 - 2018-08-10 17:41 - 000111616 _____ (Microsoft Corporation) C:\windows\system32\t2embed.dll
2018-09-12 17:21 - 2018-08-10 17:41 - 000099840 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2018-09-12 17:21 - 2018-08-10 17:41 - 000070144 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2018-09-12 17:21 - 2018-08-10 17:41 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2018-09-12 17:21 - 2018-08-10 17:41 - 000050176 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2018-09-12 17:21 - 2018-08-10 17:41 - 000043008 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2018-09-12 17:21 - 2018-08-10 17:41 - 000022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2018-09-12 17:21 - 2018-08-10 17:40 - 001063424 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2018-09-12 17:21 - 2018-08-10 17:40 - 000554496 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2018-09-12 17:21 - 2018-08-10 17:40 - 000463360 _____ (Microsoft Corporation) C:\windows\system32\FirewallAPI.dll
2018-09-12 17:21 - 2018-08-10 17:40 - 000089088 _____ (Microsoft Corporation) C:\windows\system32\icfupgd.dll
2018-09-12 17:21 - 2018-08-10 17:40 - 000082432 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll
2018-09-12 17:21 - 2018-08-10 17:40 - 000071680 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2018-09-12 17:21 - 2018-08-10 17:40 - 000050688 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2018-09-12 17:21 - 2018-08-10 17:40 - 000038912 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2018-09-12 17:21 - 2018-08-10 17:40 - 000026112 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2018-09-12 17:21 - 2018-08-10 17:40 - 000017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2018-09-12 17:21 - 2018-08-10 17:40 - 000010240 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2018-09-12 17:21 - 2018-08-10 17:40 - 000006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2018-09-12 17:21 - 2018-08-10 17:39 - 000690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2018-09-12 17:21 - 2018-08-10 17:39 - 000644096 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2018-09-12 17:21 - 2018-08-10 17:20 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mpsdrv.sys
2018-09-12 17:21 - 2018-08-10 17:20 - 000018944 _____ (Microsoft Corporation) C:\windows\system32\wfapigp.dll
2018-09-12 17:21 - 2018-08-10 17:16 - 000097792 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2018-09-12 17:21 - 2018-08-10 17:16 - 000050688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2018-09-12 17:21 - 2018-08-10 17:16 - 000029696 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2018-09-12 17:21 - 2018-08-10 17:16 - 000016896 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2018-09-12 17:21 - 2018-08-10 17:15 - 000050176 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2018-09-12 17:21 - 2018-08-10 17:13 - 000262656 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2018-09-12 17:21 - 2018-08-10 17:13 - 000107008 _____ (Microsoft Corporation) C:\windows\system32\Drivers\videoprt.sys
2018-09-12 17:21 - 2018-08-10 17:13 - 000034304 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2018-09-12 17:21 - 2018-08-10 17:10 - 000226304 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2018-09-12 17:21 - 2018-08-10 17:10 - 000124416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2018-09-12 17:21 - 2018-08-10 17:10 - 000098304 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2018-09-12 17:21 - 2018-08-10 17:09 - 000069632 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2018-09-12 17:21 - 2018-08-10 17:09 - 000055296 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdk8.sys
2018-09-12 17:21 - 2018-08-10 17:09 - 000053760 _____ (Microsoft Corporation) C:\windows\system32\Drivers\intelppm.sys
2018-09-12 17:21 - 2018-08-10 17:09 - 000053248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\viac7.sys
2018-09-12 17:21 - 2018-08-10 17:09 - 000052736 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdppm.sys
2018-09-12 17:21 - 2018-08-10 17:09 - 000052224 _____ (Microsoft Corporation) C:\windows\system32\Drivers\processr.sys
2018-09-12 17:21 - 2018-08-10 17:09 - 000036352 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2018-09-12 17:21 - 2018-08-10 17:09 - 000022016 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2018-09-12 17:21 - 2018-08-10 17:09 - 000015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2018-09-12 17:21 - 2018-07-29 17:40 - 000751104 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2018-09-12 17:21 - 2018-07-18 17:14 - 000068608 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bowser.sys
2018-09-12 17:21 - 2018-06-27 15:20 - 000419648 _____ C:\windows\system32\locale.nls
2018-09-09 15:34 - 2018-09-09 15:34 - 000001669 _____ C:\Users\Iva\Desktop\papu-od-09-09-2018_IvaS-stale-aktualne - odkaz.lnk
2018-09-02 10:40 - 2018-09-02 11:48 - 000016266 _____ C:\Users\Iva\Desktop\Zamestnanie.xlsx

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-16 19:54 - 2016-11-19 17:55 - 000000000 ____D C:\Users\Iva\AppData\LocalLow\Mozilla
2018-09-16 18:49 - 2017-12-03 19:51 - 000000000 ____D C:\KMPlayer
2018-09-16 18:26 - 2009-07-14 06:34 - 000018736 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-09-16 18:26 - 2009-07-14 06:34 - 000018736 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-09-16 18:17 - 2009-07-14 06:53 - 000000006 ____H C:\windows\Tasks\SA.DAT
2018-09-16 14:54 - 2018-06-21 21:15 - 000000000 ____D C:\Users\Iva\Downloads\Kanariky
2018-09-16 12:16 - 2017-05-12 19:36 - 000000000 ____D C:\windows\rescache
2018-09-15 22:15 - 2017-12-14 18:43 - 000000000 ____D C:\Users\Iva\Downloads\Doklady
2018-09-15 22:15 - 2015-02-23 18:07 - 000000000 ____D C:\Users\Iva\Downloads\Letaky_LIDL_Planeo_Oriflame
2018-09-15 07:25 - 2009-07-14 04:37 - 000000000 ____D C:\windows\inf
2018-09-13 20:07 - 2009-09-23 03:25 - 000848194 _____ C:\windows\system32\PerfStringBackup.INI
2018-09-12 21:20 - 2009-07-14 06:33 - 000412888 _____ C:\windows\system32\FNTCACHE.DAT
2018-09-12 17:39 - 2013-07-24 20:02 - 000000000 ____D C:\windows\system32\MRT
2018-09-12 17:24 - 2010-01-29 19:41 - 136114104 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2018-09-11 04:42 - 2012-05-25 23:11 - 000000000 ____D C:\Program Files\CCleaner
2018-09-06 16:30 - 2012-04-25 05:28 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2018-09-05 19:51 - 2018-03-21 14:37 - 000000000 ____D C:\Users\Iva\Downloads\Draha spoja
2018-09-05 19:05 - 2014-03-31 18:01 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-09-04 16:58 - 2016-07-03 20:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2018-08-29 08:17 - 2016-07-03 20:55 - 000000000 ____D C:\ProgramData\Package Cache
2018-08-24 04:45 - 2009-07-14 06:53 - 000032564 _____ C:\windows\Tasks\SCHEDLGU.TXT
2018-08-17 23:25 - 2014-06-11 18:15 - 000000000 ____D C:\Users\Iva\AppData\Roaming\MPC-HC
2018-08-17 05:27 - 2016-04-10 17:06 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Files in the root of some directories =======

2012-04-04 21:10 - 2010-01-26 11:11 - 000444283 _____ () C:\Program Files\Common Files\WinPcapNmap.exe
2011-09-26 21:23 - 2011-10-01 09:24 - 000007722 _____ () C:\Users\Iva\AppData\Roaming\mdbu.bin
2010-05-08 20:34 - 2014-01-13 19:21 - 000005632 _____ () C:\Users\Iva\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-01-16 10:01 - 2017-01-23 10:44 - 000007608 _____ () C:\Users\Iva\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-09-16 12:08

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 15.09.2018
Ran by Iva (16-09-2018 19:59:24)
Running from C:\Users\Iva\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2010-01-29 16:48:30)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-30654545-3194649466-4156373986-500 - Administrator - Disabled)
Guest (S-1-5-21-30654545-3194649466-4156373986-501 - Limited - Enabled)
Iva (S-1-5-21-30654545-3194649466-4156373986-1003 - Administrator - Enabled) => C:\Users\Iva

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.04 (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}) (Version: 1.0 - Microsoft Corporation) Hidden
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20058 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Advertising Center (HKLM\...\{b2ec4a38-b545-4a00-8214-13fe0e915e6d}) (Version: 0.0.0.1 - Nero AG) Hidden
Aktualizácia Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-041B-0000-0000000FF1CE}_HOMESTUDENTR_{9A8C39B0-D27F-4F81-BE74-2FECF164707E}) (Version: - Microsoft)
Aktualizácia Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-041B-0000-0000000FF1CE}_HOMESTUDENTR_{CE23B3DC-18CC-46FC-A309-81D6670F8D3D}) (Version: - Microsoft)
Aktualizácia Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-041B-0000-0000000FF1CE}_HOMESTUDENTR_{D6DBF512-87C0-4F6A-8FB9-AC3A389D9DE5}) (Version: - Microsoft)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - )
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
Asistent pri prihlasovaní v konte Windows Live ID (HKLM\...\{10A44844-4465-456E-8C97-80BDD4F68845}) (Version: 6.500.3146.0 - Microsoft Corporation)
Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5 (HKLM\...\{E031338C-839D-4EDD-9537-99B653C39D81}) (Version: 6.5.5.24 - Autodesk, Inc.)
Avanquest update (HKLM\...\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}) (Version: 1.29 - Avanquest Software)
Avira (HKLM\...\{532da46c-2aa3-4588-a4a2-b02bc641bf95}) (Version: 1.2.119.17994 - Avira Operations GmbH & Co. KG)
Avira (HKLM\...\{9620D4C2-CF5B-4DBE-8103-CC9DAB0871C6}) (Version: 1.2.119.17994 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.40.12 - Avira Operations GmbH & Co. KG)
Broadcom 802.11 Wireless Driver (HKLM\...\{8991E763-21F5-4DEA-A938-5D9D77DCB488}) (Version: 1.0.0.0 - )
Broadcom Gigabit Integrated Controller (HKLM\...\{49F3D04B-B849-4C89-AB31-2366A004EA28}) (Version: 12.24.01 - Broadcom Corporation)
BS.Player FREE (HKLM\...\BSPlayerf) (Version: 2.70.1080 - AB Team, d.o.o.)
Business Contact Manager for Outlook 2007 SP2 (HKLM\...\{B32C4059-6E7A-41EF-AD20-56DF1872B923}) (Version: 3.0.8619.1 - Microsoft Corporation) Hidden
Business Contact Manager for Outlook 2007 SP2 (HKLM\...\Business Contact Manager) (Version: 3.0.8619.1 - Microsoft Corporation)
Canon IJ Network Scanner Selector EX (HKLM\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - )
Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MP Navigator EX 5.1 (HKLM\...\MP Navigator EX 5.1) (Version: - )
Canon MP550 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series) (Version: - )
Canon MX430 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX430_series) (Version: - Canon Inc.)
Canon My Image Garden (HKLM\...\Canon My Image Garden) (Version: 3.0.1 - Canon Inc.)
Canon Pomôcka na rýchlu voľbu (HKLM\...\Speed Dial Utility) (Version: 1.5.0 - Canon Inc.)
Canon Solution Menu EX (HKLM\...\CanonSolutionMenuEX) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5931 - CDBurnerXP)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.98.4.0 - Conexant)
CrystalDiskInfo 6.1.0 (HKLM\...\CrystalDiskInfo_is1) (Version: 6.1.0 - Crystal Dew World)
Cubes Trial Version 2.00 (HKLM\...\Cubes Trial Version_is1) (Version: - )
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
doPDF 6.0 printer (HKLM\...\doPDF 6 printer_is1) (Version: - Softland)
Doplnok Microsoft Save as PDF or XPS pre programy balíka 2007 Microsoft Office (HKLM\...\{90120000-00B2-041B-0000-0000000FF1CE}) (Version: 12.0.4518.1039 - Microsoft Corporation)
EasyCapture (HKLM\...\EasyCapture4.0) (Version: V4.0.09.0731 - Lenovo)
EGR-ShellExtension (HKLM\...\EGR-ShellExtension) (Version: 1.1.0.100 - EasternGraphics)
Energy Management (HKLM\...\{AE1E24C2-E720-42D5-B8E1-48F71A97B4DB}) (Version: 4.3.1.1 - Lenovo)
Facebook Video Calling 1.2.0.287 (HKLM\...\{B92C5909-1D37-4C51-8397-A28BB28E5DC3}) (Version: 1.2.287 - Skype Limited)
FileHippo.com Update Checker (HKLM\...\FileHippo.com) (Version: - )
FormatFactory 3.00 (HKLM\...\FormatFactory) (Version: 3.00 - Free Time)
Free M4a to MP3 Converter 7.1 (HKLM\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com)
GIMP 2.4.5 (HKLM\...\WinGimp-2.0_is1) (Version: - )
Google Chrome (HKLM\...\Google Chrome) (Version: 68.0.3440.106 - Spoločnosť Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HD Tune 2.55 (HKLM\...\HD Tune_is1) (Version: - EFD Software)
HF Designer 2.7 (HKLM\...\HappyFoto-Designer_is1) (Version: - )
ICQ7.5 (HKLM\...\{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}) (Version: 7.5 - ICQ)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation)
Intel(R) Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.450 - Oracle)
Java(TM) 6 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
K-Lite Codec Pack 10.5.5 Full (HKLM\...\KLiteCodecPack_is1) (Version: 10.5.5 - )
KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version: 4.1.5.6 - PandoraTV)
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9600 - Broadcom Corporation)
Lenovo EasyCamera (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.50.6 - Suyin Optronics Corp.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.0723 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.0723 - CyberLink Corp.)
Lenovo ReadyComm 5 (HKLM\...\{17542DBF-E17C-4562-BC4D-FA3EF3076C45}) (Version: 5.1.1.17 - Lenovo)
Lenovo ReadyComm 5.0 Service (HKLM\...\{76C66170-C538-4E77-B54D-48E136B5B533}) (Version: 5.0.0.1 - Lenovo Group Limited)
Lexmark X1100 Series (HKLM\...\Lexmark X1100 Series) (Version: - )
Media Go (HKLM\...\{520CD4F0-9DAC-4C5C-8CA1-D0210CFF6062}) (Version: 1.4.269 - Sony)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM\...\{90A40409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.4 (HKLM\...\{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}) (Version: 2.0.3008.0 - Microsoft Corporation)
Microsoft Office Small Business Connectivity Components (HKLM\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{E7084B89-69E0-46B3-A118-8F99D06988CD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mobile Connect (HKLM\...\{3EAAC5FD-E209-4856-8C49-D4EA40F85032}) (Version: 1.00.0000 - Huawei technologies)
Mozilla Firefox 62.0 (x86 sk) (HKLM\...\Mozilla Firefox 62.0 (x86 sk)) (Version: 62.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 62.0.0.6816 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MusicJet (HKU\S-1-5-21-30654545-3194649466-4156373986-1003\...\76f4758ca7e15dc6) (Version: 1.0.2.18 - MusicJet)
Nero 9 Essentials (HKLM\...\{faeebf0a-0bd4-44a5-a539-f9ea31b1e084}) (Version: - Nero AG)
Nero BurnLite 10 (HKLM\...\{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}) (Version: 10.0.10600 - Nero AG)
Nero BurnLite 10 (HKLM\...\{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}) (Version: 10.0.10500.5.100 - Nero AG)
Nero Update (HKLM\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
Opera 12.17 (HKLM\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
Opera Stable 48.0.2685.35 (HKLM\...\Opera 48.0.2685.35) (Version: 48.0.2685.35 - Opera Software)
PC Inspector smart recovery (HKLM\...\{C9A87D86-FDFD-418B-BF96-EF09320973B3}) (Version: 4.50 - )
pCon.planner 6.7 (HKLM\...\{61FFF5E3-1D08-4F66-AC29-EF61963F2619}) (Version: 6.7.0.102 - EasternGraphics) Hidden
pCon.planner 6.7 (HKLM\...\pCon.planner 6.7) (Version: 6.7.0.102 - EasternGraphics)
PlayStation(R)Network Downloader (HKLM\...\{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}) (Version: 2.02.00076 - Sony Computer Entertainment Inc.)
PlayStation(R)Store (HKLM\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 3.1.8.07881 - Sony Computer Entertainment Inc.)
Pluto TV version 0.3.2 (HKU\S-1-5-21-30654545-3194649466-4156373986-1003\...\Pluto TV_is1) (Version: 0.3.2 - Pluto TV)
Power2Go (HKLM\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.4809d1 - CyberLink Corp.)
Puzzle Express Deluxe (HKU\S-1-5-21-30654545-3194649466-4156373986-1003\...\Puzzle Express Deluxe) (Version: 1.0.0 - Zylom Games)
QIP 2012 4.0.6611 (HKU\S-1-5-21-30654545-3194649466-4156373986-1003\...\QIP 2012) (Version: 4.0.6611 - )
QIP Internet Guardian (HKU\S-1-5-21-30654545-3194649466-4156373986-1003\...\QipGuard) (Version: - )
QuickTime 7 (HKLM\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
RAD Video Tools (HKLM\...\RADVideo) (Version: - )
Realtek Card Reader (HKLM\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconduct Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30101 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.45 - Piriform)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Super DX-Ball v1.00 (HKLM\...\Super DX-Ball_is1) (Version: 1.0 - BlitWise Productions, LLC)
swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tetris Navždy (HKLM\...\Tetris Navždy) (Version: - )
Theophilos 3 (HKLM\...\Theophilos_is1) (Version: - )
Theophilos 3.0 (HKLM\...\Theophilos 3.0_is1) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
WinPcap 4.1.1 (HKLM\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-30654545-3194649466-4156373986-1003_Classes\CLSID\{5C4094D7-4213-4C40-9E33-16A2D2D69EF2}\InprocServer32 -> C:\Program Files\Sony\PlayStation Store\StoreDrmUtility.dll (Sony Computer Entertainment Inc.)
CustomCLSID: HKU\S-1-5-21-30654545-3194649466-4156373986-1003_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Iva\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files\Avira\Antivirus\shlext.dll [2018-09-04] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2011-02-11] (Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files\Avira\Antivirus\shlext.dll [2018-09-04] (Avira Operations GmbH & Co. KG)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {097ED442-5C72-4D45-95A6-5B07AFC48265} - \Install_NSS -> No File <==== ATTENTION
Task: {1338EC58-3ED9-49C4-81C3-A6B4B3547CE5} - System32\Tasks\{D817FDD0-775A-4570-BFAE-9154269408A8} => C:\windows\system32\pcalua.exe -a F:\NOVE_USPORIADANIE\Instalacky\Kodeky_instalacky\Codecs6030_allin1_All_in_ONE.exe -d F:\NOVE_USPORIADANIE\Instalacky\Kodeky_instalacky
Task: {2DD6F659-9040-4FF3-9B3E-3F51EA58FB5F} - System32\Tasks\{5776848F-1F69-40B3-B043-98AC6F2519AA} => C:\windows\system32\pcalua.exe -a C:\windows\system32\pcwrun.exe -c "C:\Program Files\GIMP-2.0\bin\gimp-2.4.exe"
Task: {4704E4C5-FB1F-42C4-802C-06FB1BB50A0F} - System32\Tasks\{FAB74AE7-CF79-45AE-AB0F-6624C9CEBDF6} => C:\windows\system32\pcalua.exe -a C:\Dokumenty_od_29-12-2014\Hry\tetrinst.exe -d C:\Dokumenty_od_29-12-2014\Hry
Task: {4848B36A-807F-4EE7-8844-D47D8AC7DD17} - System32\Tasks\{F2A42AD5-62FA-47B2-B9E1-FB3562B266F6} => C:\windows\system32\pcalua.exe -a "C:\Dokumenty_od_29-12-2014\PROGRAM---Bible-do-PC\THEOPHILOS - Bible do PC - základní program.EXE" -d C:\Dokumenty_od_29-12-2014\PROGRAM---Bible-do-PC
Task: {505FCC7F-118E-437E-A34B-521CD049F4B2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {5A683F93-2FC4-49BE-87D1-70EB88C286DB} - System32\Tasks\{927D828E-ABEF-43FC-9968-E85D61911011} => C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe [2009-07-01] (Broadcom Corporation.)
Task: {6F37622D-AC57-4AA6-8A94-6A166F1B927B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {6F51716D-4A9F-49CC-9875-203FDD8E9E33} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files\Avira\Antivirus\avgnt.exe [2018-09-04] (Avira Operations GmbH & Co. KG)
Task: {7714160B-C66A-44B1-A6A9-AEF5D51595AB} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-10] (Piriform Ltd)
Task: {7E272799-9C03-4FB0-86B3-71E3C8248B65} - System32\Tasks\{3EB3C91F-59DD-4A57-B960-89983FF43EBC} => C:\windows\system32\pcalua.exe -a C:\windows\system32\pcwrun.exe -c "C:\Program Files\RarZilla Free Unrar\RarZilla.exe"
Task: {815926C0-E9C1-4241-BF21-9C5DE8D428A0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {87288777-F114-4765-B44B-78BAB217E075} - System32\Tasks\{B9592A61-A346-42FE-B832-D61EECCA6EA3} => C:\windows\system32\pcalua.exe -a C:\ProgramData\F4D55F3B000026F400013E6CB4EB23C1\F4D55F3B000026F400013E6CB4EB23C1.exe -c -u
Task: {88604855-7D6C-4E11-9DB4-73F1ED06F403} - System32\Tasks\Avast Software\Overseer => C:\Program Files\AVAST Software\Avast\setup\overseer.exe
Task: {89A2278B-132D-47B2-9914-D2777C33D3E1} - System32\Tasks\Opera scheduled Autoupdate 1422108017 => C:\Program Files\Opera\launcher.exe [2017-10-02] (Opera Software)
Task: {9E1FC1E2-7DF0-445C-AC33-ACC9D788BF78} - System32\Tasks\{9CEE08D8-D68A-44B1-924C-EA8367A4C2B9} => C:\windows\system32\pcalua.exe -a C:\Moje_dokumenty\NOVE_USPORIADANIE\Instalacky\Virtualna_tlaciaren_pdf_creator_instalacka\dopdf.exe -d C:\Moje_dokumenty\NOVE_USPORIADANIE\Instalacky\Virtualna_tlaciaren_pdf_creator_instalacka
Task: {A01A5F0A-9524-46AC-899A-15A2A4AD7599} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-10] (Piriform Ltd)
Task: {A22DBA14-D8C0-4927-9298-2257956299D6} - System32\Tasks\{355E2702-06E9-4D0A-A4E8-E130D43F75C7} => C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe [2009-07-01] (Broadcom Corporation.)
Task: {B8F2C1F1-8C1C-46BF-9B75-50B06BE1494E} - System32\Tasks\{A6BAE287-7DC6-4DB6-80B8-76EBDC43450B} => C:\windows\system32\pcalua.exe -a "F:\NOVE_USPORIADANIE\Instalacky\Mozilla_Firefox\Firefox Setup 3.0.9.exe" -d F:\NOVE_USPORIADANIE\Instalacky\Mozilla_Firefox
Task: {D0CDCABB-EADB-4E22-8A8B-7E4AE2F95C13} - System32\Tasks\{B7493C4E-3873-46DD-85AC-547AD1DE3955} => C:\windows\system32\pcalua.exe -a F:\NOVE_USPORIADANIE\Instalacky\K_happy_akvariu_na_Facebooku\Shockwave_Installer_Full.exe -d F:\NOVE_USPORIADANIE\Instalacky\K_happy_akvariu_na_Facebooku
Task: {D8D2FD5D-2972-406B-83B6-F4FF951D437A} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-08] (Adobe Systems Incorporated)
Task: {F395AAEC-E18E-4BF2-8D5A-7A6F8C7A7848} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {FA43B367-7AB3-4AB3-893D-6726335727AB} - System32\Tasks\{374E708E-9FD7-43D7-A3CE-AC8E0281C812} => C:\windows\system32\pcalua.exe -a D:\Install\Zipovace\7z465.exe -d D:\Install\Zipovace
Task: {FB0658A6-C3CA-4D41-9BAA-2BED85A4D743} - System32\Tasks\{FCFA5440-6A4B-4887-BB96-3497618D599F} => C:\windows\system32\pcalua.exe -a "F:\NOVE_USPORIADANIE\Instalacky\Adobe Acrobat Reader 6.0 aj 8.0\Adobe_Reader_v8_0_CZ.exe" -d "F:\NOVE_USPORIADANIE\Instalacky\Adobe Acrobat Reader 6.0 aj 8.0"

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2010-03-27 19:35 - 2003-07-29 15:27 - 000078336 _____ () C:\windows\system32\spool\PRTPROCS\W32X86\LXBKPP5C.dll
2018-08-12 14:01 - 2018-08-12 13:59 - 001204472 _____ () C:\Program Files\Avira\Antivirus\crypto-42.dll
2018-08-12 14:01 - 2018-08-12 13:59 - 000243352 _____ () C:\Program Files\Avira\Antivirus\ssl-44.dll
2009-11-10 18:21 - 2008-12-20 05:20 - 000063304 _____ () C:\Program Files\Lenovo\Energy Management\kbdhook.dll
2009-11-10 18:21 - 2008-12-20 05:20 - 000051016 _____ () C:\Program Files\Lenovo\Energy Management\HookLib.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2018-02-08 17:21 - 000000035 _____ C:\windows\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-30654545-3194649466-4156373986-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Iva\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Iva^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PlutoTV.lnk => C:\windows\pss\PlutoTV.lnk.Startup
MSCONFIG\startupreg: Apoint => C:\Program Files\Apoint2K\Apoint.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
MSCONFIG\startupreg: VeriFaceManager => C:\Program Files\Lenovo\VeriFace\PManage.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B15C5458-D4C3-4F39-8188-C73886AB484C}] => (Allow) C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
FirewallRules: [{50309CE0-6061-4F45-8387-30F71EABD235}] => (Allow) C:\windows\System32\IgrsSvcs.exe
FirewallRules: [{7D4EBB45-7C2D-476A-866E-321EB71387D2}] => (Allow) C:\windows\System32\IgrsSvcs.exe
FirewallRules: [{0C0DCF90-E250-4325-8275-9595FECF2D2F}] => (Allow) C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
FirewallRules: [{F410BBB9-AE8D-4117-914E-33DD15AD4422}] => (Allow) C:\Program Files\Lenovo\ReadyComm\ReadyComm.exe
FirewallRules: [{25A04806-39BE-4844-A2DF-38AAD39F517F}] => (Allow) C:\Program Files\Lenovo\ReadyComm\Projectionist.exe
FirewallRules: [{ECE083BB-B64A-45C8-8029-DB318B4A5F0E}] => (Allow) C:\Program Files\Lenovo\ReadyComm\Projectionist.exe
FirewallRules: [{33FFBE7A-5CFE-41F7-9C00-901BE47D649F}] => (Allow) C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
FirewallRules: [{2553EFAB-2FA2-4CAD-8970-224B673EAE70}] => (Allow) C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
FirewallRules: [{AE86CC13-F845-4BBE-A531-94ACCE01422B}] => (Allow) C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
FirewallRules: [{8BCAAD73-86D7-4ACB-8986-D6AE5A52A2FD}] => (Allow) C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
FirewallRules: [{3F6E1029-3C60-48E9-B43A-995BD4170373}] => (Allow) C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
FirewallRules: [{3DAE2E26-3D52-4E65-B808-9BB50FE05534}] => (Allow) C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
FirewallRules: [TCP Query User{C3B652EC-FB8E-4BD2-96A2-7FCA3B2E3CBC}C:\program files\opera\opera.exe] => (Allow) C:\program files\opera\opera.exe
FirewallRules: [UDP Query User{F17F7FF8-E5B0-4B99-AA4F-083047336DC2}C:\program files\opera\opera.exe] => (Allow) C:\program files\opera\opera.exe
FirewallRules: [TCP Query User{BFB1BD70-4668-4735-9277-BF2C8FC8D96A}C:\program files\opera\opera.exe] => (Block) C:\program files\opera\opera.exe
FirewallRules: [UDP Query User{AC1D111C-7049-4C99-A992-CE9054976335}C:\program files\opera\opera.exe] => (Block) C:\program files\opera\opera.exe
FirewallRules: [{1279EAB1-AAB1-4993-A899-6C839FFC5300}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{773470E4-2101-421F-860C-F50618287C65}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{4F5E48D2-17E9-45AE-A1B9-C9D153C275D3}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{2AFED377-0A67-4CB4-9E68-AA17F07CC0E4}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{E119330F-0296-41AE-881E-9AB1C7B550E0}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{C954B080-78AD-41E4-AC33-CECC4B574CFA}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{9A3BD9B4-1B67-4B6C-8DE1-2F477D26F696}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{D9947D47-64ED-4E36-A234-F83F84FCBA4D}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{8438D759-BD91-4474-87F6-93933ECAF8F6}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{274186CA-8E0F-4083-9020-30B819D51EEB}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{21DD6A2A-2D3F-4565-8803-B815BD409441}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{E9B25EC6-C489-49F6-A485-AD6F9EE7EA5B}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{F9AE9B17-9BB8-49FD-B76C-225DCEF378EC}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{FF4225D5-645C-415B-886F-4B899AE761E8}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{41B2B6CA-4BE9-486B-B867-3A8163B5EF97}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{87865ECB-6BAB-4957-9881-75DC136D889C}C:\program files\icq7.1\icq.exe] => (Block) C:\program files\icq7.1\icq.exe
FirewallRules: [UDP Query User{57D7DE28-E332-4309-B5BE-2B1241C996AB}C:\program files\icq7.1\icq.exe] => (Block) C:\program files\icq7.1\icq.exe
FirewallRules: [{19FE0E10-D10C-44B1-8B64-D72E6810B046}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [TCP Query User{D6915018-2A90-4CAC-8D5C-60427DBFFB57}C:\program files\qip 2012\qip.exe] => (Block) C:\program files\qip 2012\qip.exe
FirewallRules: [UDP Query User{539F7CB0-327A-4949-A591-7AF2933E4A24}C:\program files\qip 2012\qip.exe] => (Block) C:\program files\qip 2012\qip.exe
FirewallRules: [{61843223-799F-4909-BBB3-8287FDE853B2}] => (Allow) C:\Program Files\ICQ7.5\ICQ.exe
FirewallRules: [{E2195357-D431-4FF9-A4B4-2784FBE2192B}] => (Allow) C:\Program Files\ICQ7.5\ICQ.exe
FirewallRules: [{AB13E5EC-657F-4520-B704-16D4FFA77250}] => (Allow) C:\Program Files\ICQ7.5\ICQ.exe
FirewallRules: [{59F5D1DB-33D9-4FD9-A312-D1B0EE31FAC6}] => (Allow) C:\Program Files\ICQ7.5\ICQ.exe
FirewallRules: [{8DBD9DC6-579B-441F-84E0-7FC12418187A}] => (Allow) C:\Program Files\ICQ7.5\ICQ.exe
FirewallRules: [{7E18E430-A132-4C2E-BBD5-7DF8DFE8FA32}] => (Allow) C:\Program Files\ICQ7.5\ICQ.exe
FirewallRules: [{78612CBD-2D82-4079-B6FD-13F87AA3E188}] => (Allow) C:\Users\Iva\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{DABDD449-D4CF-45EE-B207-BA77CB5E1B22}] => (Allow) C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{D6B57271-792A-40FB-93C8-EBBB4F46E218}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{5133B4C8-BA48-4B3B-BB33-752780D417FF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{5B9B160A-CED9-45DE-A1A2-D79A245ED541}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{E9D4009A-2910-4592-8CF1-2F545720FB3A}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{ECD4B7E2-16F4-4C80-AD95-3763A1E9E199}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{0E0951EB-4215-4CDA-8116-86DA8C9B6E34}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{C8DA4E42-DF17-4C3C-83EB-BDAC890BE4FB}] => (Allow) C:\Program Files\Opera\47.0.2631.80\opera.exe
FirewallRules: [{183CC8A7-E2B2-4702-8FF5-BF3C8F1132E5}] => (Allow) C:\Program Files\Opera\48.0.2685.35\opera.exe
FirewallRules: [{238328FC-1196-4C46-92A4-2A96E1851C52}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{A20155EB-5054-4BCA-B259-0BAC6D932E12}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{06079893-644A-4D5D-9CBA-61C3B5B0A919}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe

==================== Restore Points =========================

08-09-2018 14:32:53 Plánovaný kontrolný bod
12-09-2018 17:22:35 Windows Update

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (09/16/2018 07:00:06 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Zálohovanie sa nedokončilo v dôsledku chyby zápisu do umiestnenia zálohy F:\. Vyskytla sa chyba: Umiestnenie zálohy sa nedá nájsť alebo nie je platné. Skontrolujte svoje nastavenie zálohovania a umiestnenie zálohy. (0x81000006).

Error: (09/16/2018 05:21:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program KMPlayer.exe version 4.1.5.6 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 14b0

Start Time: 01d44dbc96399cd1

Termination Time: 60000

Application Path: C:\KMPlayer\KMPlayer.exe

Report Id:

Error: (09/16/2018 11:17:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybovej aplikácie: CNSEUPDT.EXE, verzia: 1.4.1.0, časová značka: 0x5073a809
Názov chybového modulu: CNMDWLD.DLL, verzia: 1.0.0.0, časová značka: 0x4cad61a4
Kód výnimky: 0xc0000005
Odstup chyby: 0x000024c0
Identifikácia chybného procesu: 0x1344
Čas spustenia chybnej aplikácie: 0x01d44d9e01883865
Cesta chybnej aplikácie: C:\Program Files\Canon\Solution Menu EX\CNSEUPDT.EXE
Cesta chybného modulu: C:\Program Files\Canon\Solution Menu EX\CNMDWLD.DLL
Identifikácia hlásenia: 4d5beceb-b991-11e8-b580-002622d474ed

Error: (09/15/2018 05:15:54 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - There was a failure initializing profiling API attach infrastructure. This process will not allow a profiler to attach. HRESULT: 0x80004005. Process ID (decimal): 5844. Message ID: [0x2509].

Error: (09/15/2018 05:15:18 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - There was a failure initializing profiling API attach infrastructure. This process will not allow a profiler to attach. HRESULT: 0x80004005. Process ID (decimal): 4864. Message ID: [0x2509].

Error: (09/15/2018 04:32:22 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - There was a failure initializing profiling API attach infrastructure. This process will not allow a profiler to attach. HRESULT: 0x80004005. Process ID (decimal): 5852. Message ID: [0x2509].

Error: (09/15/2018 08:04:43 AM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - There was a failure initializing profiling API attach infrastructure. This process will not allow a profiler to attach. HRESULT: 0x80004005. Process ID (decimal): 6012. Message ID: [0x2509].

Error: (09/14/2018 11:12:57 PM) (Source: ESENT) (EventID: 104) (User: )
Description: Windows (1924) Windows: The database engine stopped the instance (0) with error (-510).

System errors:
=============
Error: (09/16/2018 06:48:55 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (09/16/2018 06:48:54 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (09/16/2018 06:48:42 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (09/16/2018 06:48:40 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (09/16/2018 06:48:36 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (09/16/2018 06:48:31 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (09/16/2018 06:16:37 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.

Cesta k modulu: C:\windows\System32\bcmihvsrv.dll

Error: (09/16/2018 06:16:37 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.

Cesta k modulu: C:\windows\System32\bcmihvsrv.dll

==================== Memory info ===========================

Processor: Pentium(R) Dual-Core CPU T4300 @ 2.10GHz
Percentage of memory in use: 24%
Total physical RAM: 3032.6 MB
Available physical RAM: 2279.18 MB
Total Virtual: 6063.57 MB
Available Virtual: 4950.95 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:252.89 GB) (Free:7.25 GB) NTFS
Drive d: (Lenovo) (Fixed) (Total:30.25 GB) (Free:0.51 GB) NTFS
Drive g: () (Removable) (Total:28.63 GB) (Free:26.62 GB) FAT32

\\?\Volume{26c8cd6d-ce13-11de-b561-806e6f6e6963}\ () (Fixed) (Total:0.2 GB) (Free:0.15 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 397BDB04)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=252.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=30.2 GB) - (Type=0F Extended)
Partition 4: (Not Active) - (Size=14.8 GB) - (Type=12)

========================================================
Disk: 1 (Protective MBR) (Size: 28.6 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

#6 Příspěvek od **Rudy** » 16 zář 2018 21:06

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-30654545-3194649466-4156373986-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
U3 aswbdisk; no ImagePath
C:\Users\Iva\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Task: {097ED442-5C72-4D45-95A6-5B07AFC48265} - \Install_NSS -> No File <==== ATTENTION
Task: {505FCC7F-118E-437E-A34B-521CD049F4B2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {F395AAEC-E18E-4BF2-8D5A-7A6F8C7A7848} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {FA43B367-7AB3-4AB3-893D-6726335727AB} - System32\Tasks\{374E708E-9FD7-43D7-A3CE-AC8E0281C812} => C:\windows\system32\pcalua.exe -a D:\Install\Zipovace\7z465.exe -d D:\Install\Zipovace
Task: {FB0658A6-C3CA-4D41-9BAA-2BED85A4D743} - System32\Tasks\{FCFA5440-6A4B-4887-BB96-3497618D599F} => C:\windows\system32\pcalua.exe -a "F:\NOVE_USPORIADANIE\Instalacky\Adobe Acrobat Reader 6.0 aj

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Iva212 · #7 Příspěvek od **Iva212** » 17 zář 2018 07:51

Fix result of Farbar Recovery Scan Tool (x86) Version: 15.09.2018
Ran by Iva (17-09-2018 08:07:32) Run:1
Running from C:\Users\Iva\Desktop
Loaded Profiles: Iva (Available Profiles: Iva)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start

CloseProcesses:
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-30654545-3194649466-4156373986-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
U3 aswbdisk; no ImagePath
C:\Users\Iva\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Task: {097ED442-5C72-4D45-95A6-5B07AFC48265} - \Install_NSS -> No File <==== ATTENTION
Task: {505FCC7F-118E-437E-A34B-521CD049F4B2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {F395AAEC-E18E-4BF2-8D5A-7A6F8C7A7848} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {FA43B367-7AB3-4AB3-893D-6726335727AB} - System32\Tasks\{374E708E-9FD7-43D7-A3CE-AC8E0281C812} => C:\windows\system32\pcalua.exe -a D:\Install\Zipovace\7z465.exe -d D:\Install\Zipovace
Task: {FB0658A6-C3CA-4D41-9BAA-2BED85A4D743} - System32\Tasks\{FCFA5440-6A4B-4887-BB96-3497618D599F} => C:\windows\system32\pcalua.exe -a "F:\NOVE_USPORIADANIE\Instalacky\Adobe Acrobat Reader 6.0 aj

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removed successfully.
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
"HKU\S-1-5-21-30654545-3194649466-4156373986-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => removed successfully.
"HKLM\System\CurrentControlSet\Services\aswbdisk" => removed successfully.
aswbdisk => service removed successfully.
C:\Users\Iva\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{097ED442-5C72-4D45-95A6-5B07AFC48265}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{097ED442-5C72-4D45-95A6-5B07AFC48265}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Install_NSS" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{505FCC7F-118E-437E-A34B-521CD049F4B2}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{505FCC7F-118E-437E-A34B-521CD049F4B2}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F395AAEC-E18E-4BF2-8D5A-7A6F8C7A7848}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F395AAEC-E18E-4BF2-8D5A-7A6F8C7A7848}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FA43B367-7AB3-4AB3-893D-6726335727AB}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FA43B367-7AB3-4AB3-893D-6726335727AB}" => removed successfully.
C:\Windows\System32\Tasks\{374E708E-9FD7-43D7-A3CE-AC8E0281C812} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{374E708E-9FD7-43D7-A3CE-AC8E0281C812}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FB0658A6-C3CA-4D41-9BAA-2BED85A4D743}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FB0658A6-C3CA-4D41-9BAA-2BED85A4D743}" => removed successfully.
C:\Windows\System32\Tasks\{FCFA5440-6A4B-4887-BB96-3497618D599F} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FCFA5440-6A4B-4887-BB96-3497618D599F}" => removed successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 5821006 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 4439025 B
Edge => 0 B
Chrome => 1260521 B
Firefox => 291302535 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
LocalService => 0 B
NetworkService => 0 B
Iva => 3560061 B

RecycleBin => 0 B
EmptyTemp: => 300.2 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 08:08:57 ====

#8 Příspěvek od **Rudy** » 17 zář 2018 09:23

Smazáno. Nastala nějaká změna?

Iva212 · #9 Příspěvek od **Iva212** » 17 zář 2018 10:22

Tak vyzerá to o čosi lepšie.
A čo tomu bolo?

#10 Příspěvek od **Rudy** » 17 zář 2018 12:00

Smaány byly nějaké zbytečnosti a pár malwarů. Podstatné je, zda antivir již nic nenajde.

Iva212 · #11 Příspěvek od **Iva212** » 17 zář 2018 14:05

Ďakujem veľmi pekne za pomoc.

#12 Příspěvek od **Rudy** » 17 zář 2018 16:37

Nemáte zač!

VIRY.CZ

Prosim o kontrolu, antivir nieco včera našiel

Prosim o kontrolu, antivir nieco včera našiel

Re: Prosim o kontrolu, antivir nieco včera našiel

Re: Prosim o kontrolu, antivir nieco včera našiel

Re: Prosim o kontrolu, antivir nieco včera našiel

Re: Prosim o kontrolu, antivir nieco včera našiel

Re: Prosim o kontrolu, antivir nieco včera našiel

Re: Prosim o kontrolu, antivir nieco včera našiel

Re: Prosim o kontrolu, antivir nieco včera našiel

Re: Prosim o kontrolu, antivir nieco včera našiel

Re: Prosim o kontrolu, antivir nieco včera našiel

Re: Prosim o kontrolu, antivir nieco včera našiel

Re: Prosim o kontrolu, antivir nieco včera našiel