Prosím o kontrolu

Zpráva

Iva212 · #1 Příspěvek od **Iva212** » 11 led 2020 08:48

Raz za čas sa objaví modrá obrazovka.
FRST tu:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-01-2020
Ran by Iva (administrator) on IVA-PC (LENOVO 20023) (11-01-2020 08:20:23)
Running from C:\Users\Iva\Desktop
Loaded Profiles: Iva (Available Profiles: Iva)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Lenovo (Beijing) Limited -> Lenovo (Beijing) Limited) C:\Program Files\Lenovo\Energy Management\Energy Management.exe
(Lenovo (Beijing) Limited -> Lenovo Group Limited) C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files\Lenovo\Energy Management\utility.exe
(LENOVO -> Lenovo) [File not signed] C:\Program Files\MagicPlus\MagicPlus_helper.exe
(Lexmark International, Inc.) [File not signed] C:\Windows\System32\LEXBCES.EXE
(Lexmark International, Inc.) [File not signed] C:\Windows\System32\LEXPPS.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\IgrsSvcs.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation -> Intel Corporation)
HKLM\...\Run: [EnergyUtility] => C:\Program Files\Lenovo\Energy Management\utility.exe [4081480 2009-07-15] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKLM\...\Run: [Energy Management] => C:\Program Files\Lenovo\Energy Management\Energy Management.exe [5064520 2009-06-25] (Lenovo (Beijing) Limited -> Lenovo (Beijing) Limited)
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [228120 2019-12-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM\...\Run: [MagicPlusHelper] => C:\Program Files\MagicPlus\MagicPlus_helper.exe [2499208 2015-08-24] (LENOVO -> Lenovo) [File not signed]
HKU\S-1-5-21-30654545-3194649466-4156373986-1003\Software\Policies\...\system: [disablecmd] 0
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\79.0.3945.117\Installer\chrmstp.exe [2020-01-08] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2019-05-03] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\Lenovo\Bluetooth Software\\BtwCP.dll [2009-07-01] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2009-03-30] (Microsoft Corporation -> Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2DD6F659-9040-4FF3-9B3E-3F51EA58FB5F} - System32\Tasks\{5776848F-1F69-40B3-B043-98AC6F2519AA} => C:\windows\system32\pcalua.exe -a C:\windows\system32\pcwrun.exe -c "C:\Program Files\GIMP-2.0\bin\gimp-2.4.exe"
Task: {421CF5CC-A3BF-4207-8FDD-F5E4CB904E1F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
Task: {4704E4C5-FB1F-42C4-802C-06FB1BB50A0F} - System32\Tasks\{FAB74AE7-CF79-45AE-AB0F-6624C9CEBDF6} => C:\windows\system32\pcalua.exe -a C:\Dokumenty_od_29-12-2014\Hry\tetrinst.exe -d C:\Dokumenty_od_29-12-2014\Hry
Task: {4848B36A-807F-4EE7-8844-D47D8AC7DD17} - System32\Tasks\{F2A42AD5-62FA-47B2-B9E1-FB3562B266F6} => C:\windows\system32\pcalua.exe -a "C:\Dokumenty_od_29-12-2014\PROGRAM---Bible-do-PC\THEOPHILOS - Bible do PC - základní program.EXE" -d C:\Dokumenty_od_29-12-2014\PROGRAM---Bible-do-PC
Task: {5A683F93-2FC4-49BE-87D1-70EB88C286DB} - System32\Tasks\{927D828E-ABEF-43FC-9968-E85D61911011} => C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe [795936 2009-07-01] (Broadcom Corporation -> Broadcom Corporation.)
Task: {5FFACF2E-5626-49ED-95BE-393C56EAE365} - System32\Tasks\Opera scheduled Autoupdate 1549224241 => C:\Program Files\Opera\launcher.exe
Task: {6B4A04D0-3368-4795-9231-9854EB2D37FA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
Task: {6F37622D-AC57-4AA6-8A94-6A166F1B927B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [569416 2016-02-23] (Apple Inc. -> Apple Inc.)
Task: {6F51716D-4A9F-49CC-9875-203FDD8E9E33} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files\Avira\Antivirus\avgnt.exe [2757672 2019-11-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {7E272799-9C03-4FB0-86B3-71E3C8248B65} - System32\Tasks\{3EB3C91F-59DD-4A57-B960-89983FF43EBC} => C:\windows\system32\pcalua.exe -a C:\windows\system32\pcwrun.exe -c "C:\Program Files\RarZilla Free Unrar\RarZilla.exe"
Task: {80302D3E-390E-4FBC-A3BD-B4D8ED021081} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {88604855-7D6C-4E11-9DB4-73F1ED06F403} - System32\Tasks\Avast Software\Overseer => C:\Program Files\AVAST Software\Avast\setup\overseer.exe
Task: {A01A5F0A-9524-46AC-899A-15A2A4AD7599} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-15] (Piriform Software Ltd -> Piriform Ltd)
Task: {A22DBA14-D8C0-4927-9298-2257956299D6} - System32\Tasks\{355E2702-06E9-4D0A-A4E8-E130D43F75C7} => C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe [795936 2009-07-01] (Broadcom Corporation -> Broadcom Corporation.)
Task: {C5C526FE-B8B6-43EB-ACED-E54930D05A9D} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\system32\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [1456128 2019-01-13] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {CA63A9E2-17D3-4269-9D1E-28AF57BCAE62} - System32\Tasks\lenovo mobile auto run => C:\Program Files\MagicPlus\MagicPlus_helper.exe [2499208 2015-08-24] (LENOVO -> Lenovo) [File not signed]
Task: {D8D2FD5D-2972-406B-83B6-F4FF951D437A} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2019-01-13] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {FE3599B9-4FED-4B92-8CA0-52D39CB30B6E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-15] (Piriform Software Ltd -> Piriform Software Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134512 2009-03-30] (Microsoft Corporation -> Microsoft Corporation)
Winsock: Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134512 2009-03-30] (Microsoft Corporation -> Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{5A6B09D9-D8F4-4C90-A6A4-7B84A2405D60}: [DhcpNameServer] 192.168.1.1 192.168.1.1
HKLM\System\...\Parameters\PersistentRoutes: [169.254.0.0,255.255.0.0,192.168.1.2,1]

Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-08] (Oracle America, Inc. -> Oracle Corporation)
BHO: Pomocník pri prihlasovaní v konte Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-08] (Oracle America, Inc. -> Oracle Corporation)

FireFox:
========
FF DefaultProfile: my8dsfg6.default-1541086024094
FF ProfilePath: C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\my8dsfg6.default-1541086024094 [2020-01-11]
FF Session Restore: Mozilla\Firefox\Profiles\my8dsfg6.default-1541086024094 -> is enabled.
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-13] (Adobe Systems Incorporated -> )
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.) [File not signed]
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-10-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-10-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.4 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2009-06-09] (Microsoft Corporation -> Microsoft Corp.)
FF Plugin: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files\Sony\Media Go\npmediago.dll [2010-01-20] (Sony Media Software and Services -> Sony Media Software and Services Inc)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-30654545-3194649466-4156373986-1003: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Iva\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2012-10-11] (Skype Technologies SA -> Skype Limited)

Chrome:
=======
CHR DefaultProfile: Default
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default [2020-01-11]
CHR Extension: (IE Tab) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2019-11-24]
CHR Extension: (Printable Templates by YourTemplateFinder) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\mccokphiflkjoppcieamipikjdiagipo [2019-12-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-21]
CHR Extension: (Chrome Media Router) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-26]
CHR Profile: C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-12-16]
CHR Profile: C:\Users\Iva\AppData\Local\Google\Chrome\User Data\System Profile [2019-12-16]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [88136 2019-09-10] (Adobe Inc. -> Adobe Systems)
S2 AntiVirMailService; C:\Program Files\Avira\Antivirus\avmailc7.exe [1210168 2019-12-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\Antivirus\sched.exe [484768 2019-11-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\Antivirus\avguard.exe [484768 2019-11-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\Antivirus\avwebg7.exe [567872 2019-11-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [612944 2019-12-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [582944 2009-07-01] (Broadcom Corporation -> Broadcom Corporation.)
R2 IGRS; C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe [38152 2009-07-14] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
S3 Lenovo ReadyComm AppSvc; C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [414984 2009-07-28] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
S3 Lenovo ReadyComm ConnSvc; C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [472328 2009-07-28] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
R3 LexBceS; C:\windows\System32\LEXBCES.EXE [303104 2003-08-18] (Lexmark International, Inc.) [File not signed]
S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation -> Microsoft Corporation)
S3 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [503080 2010-05-04] (Nero AG -> Nero AG)
S3 PS_MDP; C:\Program Files\Lenovo\ReadyComm\PS_MDP.dll [276296 2009-07-16] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
R2 ReadyComm.DirectRouter; C:\Program Files\Lenovo\ReadyComm\common\router.dll [103688 2009-07-14] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [1533808 2009-03-30] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ACPIVPC; C:\windows\System32\DRIVERS\AcpiVpc.sys [23136 2010-01-20] (Lenovo (Beijing) Limited -> Lenovo Corporation)
R0 avdevprot; C:\windows\System32\DRIVERS\avdevprot.sys [50728 2019-06-18] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [156160 2019-12-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\windows\System32\DRIVERS\avipbb.sys [171568 2019-09-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\windows\System32\DRIVERS\avkmgr.sys [36688 2019-02-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\windows\System32\DRIVERS\avnetflt.sys [60360 2019-02-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R3 b57nd60x; C:\windows\System32\DRIVERS\b57nd60x.sys [415000 2016-11-27] (Broadcom Corporation -> Broadcom Corporation)
R3 BCM43XX; C:\windows\System32\DRIVERS\bcmwl6.sys [7035128 2016-11-27] (Broadcom Corporation -> Broadcom Corporation)
S3 Bridge0; C:\windows\System32\drivers\WDBridge.sys [63240 2009-07-28] (Lenovo (Beijing) Limited -> Lenovo)
R3 Btcsrusb; C:\windows\System32\Drivers\btcusb.sys [47504 2016-11-27] (IVT CORPORATION -> IVT Corporation.)
S3 btwaudio; C:\windows\System32\drivers\btwaudio.sys [86056 2009-07-01] (Broadcom Corporation -> Broadcom Corporation.)
S3 btwavdt; C:\windows\System32\DRIVERS\btwavdt.sys [108072 2009-07-01] (Broadcom Corporation -> Broadcom Corporation.)
S3 btwl2cap; C:\windows\System32\DRIVERS\btwl2cap.sys [29472 2009-04-07] (Broadcom Corporation -> Broadcom Corporation.)
S3 btwrchid; C:\windows\System32\DRIVERS\btwrchid.sys [18344 2009-07-01] (Broadcom Corporation -> Broadcom Corporation.)
R3 CnxtHdAudService; C:\windows\System32\drivers\CHDRT32.sys [475648 2009-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems Inc.)
S3 hwdatacard; C:\windows\System32\DRIVERS\ewusbmdm.sys [92032 2007-02-28] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 HWiNFO32; C:\windows\system32\drivers\HWiNFO32.SYS [23840 2016-11-27] (Martin Malik - REALiX -> REALiX(tm))
R2 npf; C:\windows\System32\drivers\npf.sys [50704 2010-01-27] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
S3 RSUSBSTOR; C:\windows\System32\Drivers\RtsUStor.sys [171520 2009-07-30] (Realtek Semiconductor Corp.) [File not signed]
S3 RTSUER; C:\windows\System32\Drivers\RtsUer.sys [304344 2016-11-27] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
S3 s1039bus; C:\windows\System32\DRIVERS\s1039bus.sys [98672 2010-03-15] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039mdfl; C:\windows\System32\DRIVERS\s1039mdfl.sys [14960 2010-03-15] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039mdm; C:\windows\System32\DRIVERS\s1039mdm.sys [124016 2010-03-15] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039mgmt; C:\windows\System32\DRIVERS\s1039mgmt.sys [117872 2010-03-15] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039nd5; C:\windows\System32\DRIVERS\s1039nd5.sys [25456 2010-03-15] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039obex; C:\windows\System32\DRIVERS\s1039obex.sys [113904 2010-03-15] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039unic; C:\windows\System32\DRIVERS\s1039unic.sys [123504 2010-03-15] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
R3 SmbDrvI; C:\windows\System32\DRIVERS\Smb_driver_Intel.sys [26792 2016-11-27] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SNP2UVC; C:\windows\System32\DRIVERS\snp2uvc.sys [1759616 2009-03-13] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 WDC_SAM; C:\windows\System32\DRIVERS\wdcsam_prewin8.sys [28984 2018-02-26] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
R3 wdmirror; C:\windows\System32\DRIVERS\WDMirror.sys [11792 2009-07-16] (Lenovo (Beijing) Limited -> Windows (R) Codename Longhorn DDK provider)
S3 wsvd; C:\windows\System32\DRIVERS\wsvd.sys [81704 2009-07-21] (CyberLink -> CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-11 08:20 - 2020-01-11 08:24 - 000022262 _____ C:\Users\Iva\Desktop\FRST.txt
2020-01-11 08:20 - 2020-01-11 08:22 - 000000000 ____D C:\FRST
2020-01-11 08:17 - 2020-01-11 08:18 - 002303488 _____ (Farbar) C:\Users\Iva\Desktop\FRST.exe
2020-01-10 18:31 - 2020-01-10 18:31 - 014382039 _____ C:\Users\Iva\Downloads\media_4062155.pdf
2020-01-06 16:50 - 2020-01-06 16:50 - 002860688 _____ C:\Users\Iva\Downloads\Girls_with_Swords_Book_Slovak.pdf
2020-01-06 16:49 - 2020-01-06 16:49 - 002214184 _____ C:\Users\Iva\Downloads\Heart_Ablaze_Book_Preview_Slovak.pdf
2020-01-06 16:38 - 2020-01-06 16:39 - 005879237 _____ C:\Users\Iva\Downloads\Holy_Spirit_Book_Slovak.pdf
2020-01-06 16:37 - 2020-01-06 16:37 - 005904272 _____ C:\Users\Iva\Downloads\Killing_Kryptonite_book_Slovak.pdf
2019-12-16 18:39 - 2019-12-16 18:39 - 000137630 _____ C:\Users\Iva\Desktop\Vizitka Dagmar Strelcova.pdf
2019-12-13 20:23 - 2019-12-13 20:23 - 000549221 _____ C:\Users\Iva\Desktop\certifikat_bajecna-zena-special.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-11 06:43 - 2009-07-14 05:34 - 000018736 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-01-11 06:43 - 2009-07-14 05:34 - 000018736 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-01-11 06:33 - 2010-08-11 18:02 - 000003954 _____ C:\windows\system32\Tasks\User_Feed_Synchronization-{49450825-153F-4695-A1D7-101A8509DE40}
2020-01-11 06:30 - 2016-11-19 16:55 - 000000000 ____D C:\Users\Iva\AppData\LocalLow\Mozilla
2020-01-11 06:28 - 2009-07-14 05:53 - 000000006 ____H C:\windows\Tasks\SA.DAT
2020-01-10 19:20 - 2017-12-03 18:51 - 000000000 ____D C:\KMPlayer
2020-01-08 21:19 - 2014-03-31 17:01 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-01-08 21:18 - 2012-04-25 04:28 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2020-01-08 16:24 - 2018-02-09 16:15 - 000004128 _____ C:\windows\system32\Tasks\CCleaner Update
2020-01-08 06:41 - 2014-11-01 17:28 - 000002182 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-07 11:07 - 2009-09-23 02:25 - 000848194 _____ C:\windows\system32\PerfStringBackup.INI
2020-01-07 11:07 - 2009-07-14 03:37 - 000000000 ____D C:\windows\inf
2020-01-06 13:23 - 2014-12-29 09:54 - 000000000 ____D C:\Dokumenty_od_24-08-2019
2020-01-04 07:41 - 2017-10-05 03:54 - 000003268 _____ C:\windows\system32\Tasks\Avira_Antivirus_Systray
2019-12-30 19:26 - 2019-09-04 19:52 - 000000000 ____D C:\Users\Iva\AppData\Roaming\vlc
2019-12-29 17:27 - 2010-10-10 15:23 - 000000000 ____D C:\DOKUMENTY
2019-12-25 11:30 - 2016-07-03 19:55 - 000000000 ____D C:\ProgramData\Package Cache
2019-12-25 11:30 - 2016-07-03 19:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2019-12-19 19:02 - 2016-04-10 16:06 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-12-17 06:42 - 2012-05-25 22:11 - 000000000 ____D C:\Program Files\CCleaner
2019-12-14 07:53 - 2019-08-18 15:57 - 000000000 ____D C:\windows\rescache
2019-12-13 21:40 - 2018-12-20 05:26 - 000003360 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-13 21:40 - 2018-12-20 05:26 - 000003232 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore

==================== Files in the root of some directories ========

2012-04-04 20:10 - 2010-01-26 10:11 - 000444283 _____ () C:\Program Files\Common Files\WinPcapNmap.exe
2011-09-26 20:23 - 2011-10-01 08:24 - 000007722 _____ () C:\Users\Iva\AppData\Roaming\mdbu.bin
2018-12-21 15:37 - 2018-12-21 16:09 - 000007168 _____ () C:\Users\Iva\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-01-16 09:01 - 2019-08-28 22:29 - 000007603 _____ () C:\Users\Iva\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

LastRegBack: 2020-01-08 13:22
==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 08-01-2020
Ran by Iva (11-01-2020 08:28:21)
Running from C:\Users\Iva\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2010-01-29 16:48:30)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-30654545-3194649466-4156373986-500 - Administrator - Disabled)
Guest (S-1-5-21-30654545-3194649466-4156373986-501 - Limited - Enabled)
Iva (S-1-5-21-30654545-3194649466-4156373986-1003 - Administrator - Enabled) => C:\Users\Iva

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.04 (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}) (Version: 1.0 - Microsoft Corporation) Hidden
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Advertising Center (HKLM\...\{b2ec4a38-b545-4a00-8214-13fe0e915e6d}) (Version: 0.0.0.1 - Nero AG) Hidden
Aktualizácia Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-041B-0000-0000000FF1CE}_HOMESTUDENTR_{9A8C39B0-D27F-4F81-BE74-2FECF164707E}) (Version: - Microsoft)
Aktualizácia Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-041B-0000-0000000FF1CE}_HOMESTUDENTR_{CE23B3DC-18CC-46FC-A309-81D6670F8D3D}) (Version: - Microsoft)
Aktualizácia Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-041B-0000-0000000FF1CE}_HOMESTUDENTR_{D6DBF512-87C0-4F6A-8FB9-AC3A389D9DE5}) (Version: - Microsoft)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - )
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
Asistent pri prihlasovaní v konte Windows Live ID (HKLM\...\{10A44844-4465-456E-8C97-80BDD4F68845}) (Version: 6.500.3146.0 - Microsoft Corporation)
Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5 (HKLM\...\{E031338C-839D-4EDD-9537-99B653C39D81}) (Version: 6.5.5.24 - Autodesk, Inc.)
Avanquest update (HKLM\...\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}) (Version: 1.29 - Avanquest Software)
Avira (HKLM\...\{4e6a365c-99da-4552-bea4-b13f55457be4}) (Version: 1.2.141.10870 - Avira Operations GmbH & Co. KG)
Avira (HKLM\...\{93A3C9E9-C927-43EC-B42F-29C3B5670A2E}) (Version: 1.2.141.10870 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.1912.1683 - Avira Operations GmbH & Co. KG)
Broadcom 802.11 Wireless Driver (HKLM\...\{8991E763-21F5-4DEA-A938-5D9D77DCB488}) (Version: 1.0.0.0 - )
Broadcom Gigabit Integrated Controller (HKLM\...\{49F3D04B-B849-4C89-AB31-2366A004EA28}) (Version: 12.24.01 - Broadcom Corporation)
BS.Player FREE (HKLM\...\BSPlayerf) (Version: 2.70.1080 - AB Team, d.o.o.)
Business Contact Manager for Outlook 2007 SP2 (HKLM\...\{B32C4059-6E7A-41EF-AD20-56DF1872B923}) (Version: 3.0.8619.1 - Microsoft Corporation) Hidden
Business Contact Manager for Outlook 2007 SP2 (HKLM\...\Business Contact Manager) (Version: 3.0.8619.1 - Microsoft Corporation)
Canon IJ Network Scanner Selector EX (HKLM\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - )
Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MP Navigator EX 5.1 (HKLM\...\MP Navigator EX 5.1) (Version: - )
Canon MP550 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series) (Version: - )
Canon MX430 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX430_series) (Version: - Canon Inc.)
Canon My Image Garden (HKLM\...\Canon My Image Garden) (Version: 3.0.1 - Canon Inc.)
Canon Pomôcka na rýchlu voľbu (HKLM\...\Speed Dial Utility) (Version: 1.5.0 - Canon Inc.)
Canon Solution Menu EX (HKLM\...\CanonSolutionMenuEX) (Version: - )
CCEnhancer verze 4.5.3 (HKLM\...\{D621766C-B5EC-42BD-9E10-774C02C17B44}_is1) (Version: 4.5.3 - SingularLabs)
CCleaner (HKLM\...\CCleaner) (Version: 5.57 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5931 - CDBurnerXP)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.98.4.0 - Conexant)
CrystalDiskInfo 6.1.0 (HKLM\...\CrystalDiskInfo_is1) (Version: 6.1.0 - Crystal Dew World)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
doPDF 6.0 printer (HKLM\...\doPDF 6 printer_is1) (Version: - Softland)
Doplnok Microsoft Save as PDF or XPS pre programy balíka 2007 Microsoft Office (HKLM\...\{90120000-00B2-041B-0000-0000000FF1CE}) (Version: 12.0.4518.1039 - Microsoft Corporation)
EasyCapture (HKLM\...\EasyCapture4.0) (Version: V4.0.09.0731 - Lenovo)
EGR-ShellExtension (HKLM\...\EGR-ShellExtension) (Version: 1.1.0.100 - EasternGraphics)
Energy Management (HKLM\...\{AE1E24C2-E720-42D5-B8E1-48F71A97B4DB}) (Version: 4.3.1.1 - Lenovo)
Facebook Video Calling 1.2.0.287 (HKLM\...\{B92C5909-1D37-4C51-8397-A28BB28E5DC3}) (Version: 1.2.287 - Skype Limited)
FileHippo.com Update Checker (HKLM\...\FileHippo.com) (Version: - )
FormatFactory 3.00 (HKLM\...\FormatFactory) (Version: 3.00 - Free Time)
Free M4a to MP3 Converter 7.1 (HKLM\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com)
GIMP 2.4.5 (HKLM\...\WinGimp-2.0_is1) (Version: - )
Google Chrome (HKLM\...\Google Chrome) (Version: 79.0.3945.117 - Google LLC)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HD Tune 2.55 (HKLM\...\HD Tune_is1) (Version: - EFD Software)
HF Designer 2.7 (HKLM\...\HappyFoto-Designer_is1) (Version: - )
HP LaserJet MFP M129-M134 Basic Device Software (HKLM\...\{C5ACDE58-777F-4A77-9B3B-DAA9956F1FF3}) (Version: 44.3.2667.18234 - HP Inc.)
ICQ7.5 (HKLM\...\{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}) (Version: 7.5 - ICQ)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation)
Intel(R) Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.450 - Oracle)
Java(TM) 6 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
K-Lite Codec Pack 10.5.5 Full (HKLM\...\KLiteCodecPack_is1) (Version: 10.5.5 - )
KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version: 4.1.5.6 - PandoraTV)
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9600 - Broadcom Corporation)
Lenovo EasyCamera (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.50.6 - Suyin Optronics Corp.)
Lenovo Mobile Assistant (HKLM\...\{400214B1-6B7B-4AA3-B330-96CF76F89D98}) (Version: 1.4.1.10128 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.0723 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.0723 - CyberLink Corp.)
Lenovo ReadyComm 5 (HKLM\...\{17542DBF-E17C-4562-BC4D-FA3EF3076C45}) (Version: 5.1.1.17 - Lenovo)
Lenovo ReadyComm 5.0 Service (HKLM\...\{76C66170-C538-4E77-B54D-48E136B5B533}) (Version: 5.0.0.1 - Lenovo Group Limited)
LenovoUsbDriver 1.1.15 (HKLM\...\LenovoUsbDriver) (Version: 1.1.15 - Lenovo)
Lexmark X1100 Series (HKLM\...\Lexmark X1100 Series) (Version: - )
Media Go (HKLM\...\{520CD4F0-9DAC-4C5C-8CA1-D0210CFF6062}) (Version: 1.4.269 - Sony)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM\...\{90A40409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.4 (HKLM\...\{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}) (Version: 2.0.3008.0 - Microsoft Corporation)
Microsoft Office Small Business Connectivity Components (HKLM\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{E7084B89-69E0-46B3-A118-8F99D06988CD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mobile Connect (HKLM\...\{3EAAC5FD-E209-4856-8C49-D4EA40F85032}) (Version: 1.00.0000 - Huawei technologies)
Mozilla Firefox 72.0.1 (x86 sk) (HKLM\...\Mozilla Firefox 72.0.1 (x86 sk)) (Version: 72.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MusicJet (HKU\S-1-5-21-30654545-3194649466-4156373986-1003\...\76f4758ca7e15dc6) (Version: 1.0.2.18 - MusicJet)
Nero 9 Essentials (HKLM\...\{faeebf0a-0bd4-44a5-a539-f9ea31b1e084}) (Version: - Nero AG)
Nero BurnLite 10 (HKLM\...\{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}) (Version: 10.0.10600 - Nero AG)
Nero BurnLite 10 (HKLM\...\{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}) (Version: 10.0.10500.5.100 - Nero AG)
Nero Update (HKLM\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
Opera 12.17 (HKLM\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
PC Inspector smart recovery (HKLM\...\{C9A87D86-FDFD-418B-BF96-EF09320973B3}) (Version: 4.50 - )
pCon.planner 6.7 (HKLM\...\{61FFF5E3-1D08-4F66-AC29-EF61963F2619}) (Version: 6.7.0.102 - EasternGraphics) Hidden
pCon.planner 6.7 (HKLM\...\pCon.planner 6.7) (Version: 6.7.0.102 - EasternGraphics)
PlayStation(R)Network Downloader (HKLM\...\{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}) (Version: 2.02.00076 - Sony Computer Entertainment Inc.)
PlayStation(R)Store (HKLM\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 3.1.8.07881 - Sony Computer Entertainment Inc.)
Pluto TV version 0.3.2 (HKU\S-1-5-21-30654545-3194649466-4156373986-1003\...\Pluto TV_is1) (Version: 0.3.2 - Pluto TV)
Power2Go (HKLM\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.4809d1 - CyberLink Corp.)
Puzzle Express Deluxe (HKU\S-1-5-21-30654545-3194649466-4156373986-1003\...\Puzzle Express Deluxe) (Version: 1.0.0 - Zylom Games)
QIP 2012 4.0.6611 (HKU\S-1-5-21-30654545-3194649466-4156373986-1003\...\QIP 2012) (Version: 4.0.6611 - )
QIP Internet Guardian (HKU\S-1-5-21-30654545-3194649466-4156373986-1003\...\QipGuard) (Version: - )
QuickTime 7 (HKLM\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
RAD Video Tools (HKLM\...\RADVideo) (Version: - )
Realtek Card Reader (HKLM\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconduct Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30101 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.45 - Piriform)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tetris Navždy (HKLM\...\Tetris Navždy) (Version: - )
Theophilos 3 (HKLM\...\Theophilos_is1) (Version: - )
Theophilos 3.0 (HKLM\...\Theophilos 3.0_is1) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Windows Driver Package - MediaTek Inc. (wdm_usb) Ports (01/22/2015 3.0.1504.0) (HKLM\...\BD5E2A628C2263FAEC66A4BFF2E88B897427E4C3) (Version: 01/22/2015 3.0.1504.0 - MediaTek Inc.)
WinPcap 4.1.1 (HKLM\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-30654545-3194649466-4156373986-1003_Classes\CLSID\{5C4094D7-4213-4C40-9E33-16A2D2D69EF2}\InprocServer32 -> C:\Program Files\Sony\PlayStation Store\StoreDrmUtility.dll (Sony Computer Entertainment Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-30654545-3194649466-4156373986-1003_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Iva\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Technologies SA -> Skype Limited)
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\windows\system32\webcheck.dll (Microsoft Windows -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files\Avira\Antivirus\shlext.dll [2019-11-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2011-02-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files\Avira\Antivirus\shlext.dll [2019-11-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [msacm.clmp3enc] => C:\Program Files\Lenovo\Power2Go\CLMP3Enc.ACM [217088 2005-05-13] (CyberLink Corp.) [File not signed]
HKLM\...\Drivers32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32: [VIDC.VP80] => vp8vfw.dll

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2010-03-27 18:35 - 2003-07-29 14:27 - 000078336 _____ () [File not signed] C:\windows\system32\spool\PRTPROCS\W32X86\LXBKPP5C.dll
2015-01-11 18:08 - 2012-06-14 17:18 - 000366592 _____ (CANON INC.) [File not signed] C:\windows\System32\CNMNPPM.DLL
2017-12-27 17:37 - 2016-10-04 16:12 - 000049664 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2009-09-23 02:13 - 2009-06-04 20:03 - 000073728 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel Matrix Storage Manager\ENU\IAAMon_ENU.dll
2009-09-23 02:13 - 2009-06-04 20:02 - 000118784 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel Matrix Storage Manager\ENU\PlugInRAID_ENU.dll
2009-09-23 02:13 - 2009-06-04 19:55 - 000208896 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll
2015-08-24 11:11 - 2015-08-24 11:11 - 000109704 _____ (LENOVO -> ) [File not signed] C:\Program Files\MagicPlus\crashreport.dll
2015-08-24 11:11 - 2015-08-24 11:11 - 000354440 _____ (LENOVO -> ) [File not signed] C:\Program Files\MagicPlus\UsbHelper.dll
2015-08-24 11:11 - 2015-08-24 11:11 - 000418952 _____ (LENOVO -> Microsoft Corporation) [File not signed] C:\Program Files\MagicPlus\MSVCP100.dll
2015-08-24 11:11 - 2015-08-24 11:11 - 000771720 _____ (LENOVO -> Microsoft Corporation) [File not signed] C:\Program Files\MagicPlus\MSVCR100.dll
2010-03-27 18:35 - 2003-08-18 18:48 - 000196096 _____ (Lexmark International, Inc.) [File not signed] C:\windows\System32\lex2kusb.dll
2010-03-27 18:35 - 2003-08-18 15:34 - 000147456 _____ (Lexmark International, Inc.) [File not signed] C:\windows\System32\LexBce.dll
2010-03-27 18:35 - 2003-08-18 18:48 - 000192512 _____ (Lexmark International, Inc.) [File not signed] C:\windows\System32\LEXLMPM.DLL
2010-03-27 18:35 - 2003-08-18 18:47 - 000201216 _____ (Lexmark International, Inc.) [File not signed] C:\windows\System32\lexp2p32.dll
2010-03-27 18:35 - 2003-08-19 15:25 - 000073728 _____ (Lexmark International, Inc.) [File not signed] C:\windows\System32\LXBKpwr.dll
2009-01-29 13:04 - 2009-01-29 13:04 - 000134144 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
2019-03-27 22:48 - 2019-03-27 22:48 - 000115200 _____ (Microsoft Corporation) [File not signed] C:\windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2018-02-08 16:21 - 000000035 _____ C:\windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-30654545-3194649466-4156373986-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Iva\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Iva^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PlutoTV.lnk => C:\windows\pss\PlutoTV.lnk.Startup
MSCONFIG\startupreg: Apoint => C:\Program Files\Apoint2K\Apoint.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
MSCONFIG\startupreg: VeriFaceManager => C:\Program Files\Lenovo\VeriFace\PManage.exe

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B15C5458-D4C3-4F39-8188-C73886AB484C}] => (Allow) C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe (Lenovo (Beijing) Limited -> Lenovo Group Limited)
FirewallRules: [{50309CE0-6061-4F45-8387-30F71EABD235}] => (Allow) C:\windows\System32\IgrsSvcs.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{7D4EBB45-7C2D-476A-866E-321EB71387D2}] => (Allow) C:\windows\System32\IgrsSvcs.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{0C0DCF90-E250-4325-8275-9595FECF2D2F}] => (Allow) C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe (Lenovo (Beijing) Limited -> Lenovo Group Limited)
FirewallRules: [{F410BBB9-AE8D-4117-914E-33DD15AD4422}] => (Allow) C:\Program Files\Lenovo\ReadyComm\ReadyComm.exe (Lenovo (Beijing) Limited -> Lenovo Group Limited)
FirewallRules: [{25A04806-39BE-4844-A2DF-38AAD39F517F}] => (Allow) C:\Program Files\Lenovo\ReadyComm\Projectionist.exe (Lenovo (Beijing) Limited -> Lenovo Group Limited)
FirewallRules: [{ECE083BB-B64A-45C8-8029-DB318B4A5F0E}] => (Allow) C:\Program Files\Lenovo\ReadyComm\Projectionist.exe (Lenovo (Beijing) Limited -> Lenovo Group Limited)
FirewallRules: [{33FFBE7A-5CFE-41F7-9C00-901BE47D649F}] => (Allow) C:\Program Files\Lenovo\ReadyComm\AppSvc.exe (Lenovo (Beijing) Limited -> Lenovo Group Limited)
FirewallRules: [{2553EFAB-2FA2-4CAD-8970-224B673EAE70}] => (Allow) C:\Program Files\Lenovo\ReadyComm\AppSvc.exe (Lenovo (Beijing) Limited -> Lenovo Group Limited)
FirewallRules: [{AE86CC13-F845-4BBE-A531-94ACCE01422B}] => (Allow) C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe (Lenovo (Beijing) Limited -> Lenovo Group Limited)
FirewallRules: [{8BCAAD73-86D7-4ACB-8986-D6AE5A52A2FD}] => (Allow) C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe (Lenovo (Beijing) Limited -> Lenovo Group Limited)
FirewallRules: [{3F6E1029-3C60-48E9-B43A-995BD4170373}] => (Allow) C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe (Lenovo (Beijing) Limited -> Lenovo Group Limited)
FirewallRules: [{3DAE2E26-3D52-4E65-B808-9BB50FE05534}] => (Allow) C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe (Lenovo (Beijing) Limited -> Lenovo Group Limited)
FirewallRules: [TCP Query User{C3B652EC-FB8E-4BD2-96A2-7FCA3B2E3CBC}C:\program files\opera\opera.exe] => (Allow) C:\program files\opera\opera.exe (Opera Software ASA -> Opera Software)
FirewallRules: [UDP Query User{F17F7FF8-E5B0-4B99-AA4F-083047336DC2}C:\program files\opera\opera.exe] => (Allow) C:\program files\opera\opera.exe (Opera Software ASA -> Opera Software)
FirewallRules: [TCP Query User{BFB1BD70-4668-4735-9277-BF2C8FC8D96A}C:\program files\opera\opera.exe] => (Block) C:\program files\opera\opera.exe (Opera Software ASA -> Opera Software)
FirewallRules: [UDP Query User{AC1D111C-7049-4C99-A992-CE9054976335}C:\program files\opera\opera.exe] => (Block) C:\program files\opera\opera.exe (Opera Software ASA -> Opera Software)
FirewallRules: [{1279EAB1-AAB1-4993-A899-6C839FFC5300}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{773470E4-2101-421F-860C-F50618287C65}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4F5E48D2-17E9-45AE-A1B9-C9D153C275D3}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2AFED377-0A67-4CB4-9E68-AA17F07CC0E4}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E119330F-0296-41AE-881E-9AB1C7B550E0}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C954B080-78AD-41E4-AC33-CECC4B574CFA}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9A3BD9B4-1B67-4B6C-8DE1-2F477D26F696}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D9947D47-64ED-4E36-A234-F83F84FCBA4D}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8438D759-BD91-4474-87F6-93933ECAF8F6}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{274186CA-8E0F-4083-9020-30B819D51EEB}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{21DD6A2A-2D3F-4565-8803-B815BD409441}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E9B25EC6-C489-49F6-A485-AD6F9EE7EA5B}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F9AE9B17-9BB8-49FD-B76C-225DCEF378EC}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FF4225D5-645C-415B-886F-4B899AE761E8}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{41B2B6CA-4BE9-486B-B867-3A8163B5EF97}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{87865ECB-6BAB-4957-9881-75DC136D889C}C:\program files\icq7.1\icq.exe] => (Block) C:\program files\icq7.1\icq.exe (ICQ -> ICQ, LLC.)
FirewallRules: [UDP Query User{57D7DE28-E332-4309-B5BE-2B1241C996AB}C:\program files\icq7.1\icq.exe] => (Block) C:\program files\icq7.1\icq.exe (ICQ -> ICQ, LLC.)
FirewallRules: [{19FE0E10-D10C-44B1-8B64-D72E6810B046}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{D6915018-2A90-4CAC-8D5C-60427DBFFB57}C:\program files\qip 2012\qip.exe] => (Block) C:\program files\qip 2012\qip.exe (OOO Russkie Internet Reshenija -> QIP) [File not signed]
FirewallRules: [UDP Query User{539F7CB0-327A-4949-A591-7AF2933E4A24}C:\program files\qip 2012\qip.exe] => (Block) C:\program files\qip 2012\qip.exe (OOO Russkie Internet Reshenija -> QIP) [File not signed]
FirewallRules: [{61843223-799F-4909-BBB3-8287FDE853B2}] => (Allow) C:\Program Files\ICQ7.5\ICQ.exe (ICQ -> ICQ, LLC.)
FirewallRules: [{E2195357-D431-4FF9-A4B4-2784FBE2192B}] => (Allow) C:\Program Files\ICQ7.5\ICQ.exe (ICQ -> ICQ, LLC.)
FirewallRules: [{AB13E5EC-657F-4520-B704-16D4FFA77250}] => (Allow) C:\Program Files\ICQ7.5\ICQ.exe (ICQ -> ICQ, LLC.)
FirewallRules: [{59F5D1DB-33D9-4FD9-A312-D1B0EE31FAC6}] => (Allow) C:\Program Files\ICQ7.5\ICQ.exe (ICQ -> ICQ, LLC.)
FirewallRules: [{8DBD9DC6-579B-441F-84E0-7FC12418187A}] => (Allow) C:\Program Files\ICQ7.5\ICQ.exe (ICQ -> ICQ, LLC.)
FirewallRules: [{7E18E430-A132-4C2E-BBD5-7DF8DFE8FA32}] => (Allow) C:\Program Files\ICQ7.5\ICQ.exe (ICQ -> ICQ, LLC.)
FirewallRules: [{78612CBD-2D82-4079-B6FD-13F87AA3E188}] => (Allow) C:\Users\Iva\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe (Skype Technologies SA -> Skype Limited)
FirewallRules: [{DABDD449-D4CF-45EE-B207-BA77CB5E1B22}] => (Allow) C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D6B57271-792A-40FB-93C8-EBBB4F46E218}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5133B4C8-BA48-4B3B-BB33-752780D417FF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{5B9B160A-CED9-45DE-A1A2-D79A245ED541}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{E9D4009A-2910-4592-8CF1-2F545720FB3A}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{ECD4B7E2-16F4-4C80-AD95-3763A1E9E199}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0E0951EB-4215-4CDA-8116-86DA8C9B6E34}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{958DD243-E937-4E74-81FD-46D87DE89556}C:\program files\magicplus\magicplus.exe] => (Allow) C:\program files\magicplus\magicplus.exe (LENOVO -> Lenovo) [File not signed]
FirewallRules: [UDP Query User{4C0EA74A-6EE2-4449-BE98-A142B0CCC08D}C:\program files\magicplus\magicplus.exe] => (Allow) C:\program files\magicplus\magicplus.exe (LENOVO -> Lenovo) [File not signed]
FirewallRules: [{72650204-69F2-4C2A-BAEA-CF78848D00F3}] => (Block) C:\program files\magicplus\magicplus.exe (LENOVO -> Lenovo) [File not signed]
FirewallRules: [{92406B19-38D7-4065-9913-C94A9DA71FAF}] => (Block) C:\program files\magicplus\magicplus.exe (LENOVO -> Lenovo) [File not signed]
FirewallRules: [{18340DEE-D3F2-4219-B50B-EDAEC4C42F3C}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M129-M134\bin\EWSProxy.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{16ACC2D8-990D-44AD-9C48-7F7BC9597445}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M129-M134\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{73834045-AE5A-457C-BADF-EDD3D1108E70}] => (Allow) LPort=5357
FirewallRules: [{4DFA43DB-541D-46C7-A0CC-002E1447206D}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M129-M134\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{7C3092C5-6853-468F-B9C4-CFF26776F823}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M129-M134\bin\DigitalWizards.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{6DF1CA8E-0A15-490A-86EC-C6A7ED0259D0}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M129-M134\bin\FaxPrinterUtility.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{A20155EB-5054-4BCA-B259-0BAC6D932E12}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{06079893-644A-4D5D-9CBA-61C3B5B0A919}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{6A5E3C64-A2EE-4890-AE6F-9FBA7266B231}] => (Allow) C:\Program Files\Opera\42.0.2393.137\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [TCP Query User{42379666-4464-403E-A3F5-34C08411D859}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{E2A85453-C5AD-48AC-A207-B1CF1A54F588}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{A2878E03-CDC2-4C35-A1CC-FA9E02013934}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

11-01-2020 07:35:56 Plánovaný kontrolný bod

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (01/07/2020 11:07:25 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (01/07/2020 11:07:24 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (01/07/2020 08:50:20 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (01/07/2020 08:50:19 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (01/06/2020 08:52:39 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (01/06/2020 08:52:38 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (01/06/2020 12:38:58 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (01/06/2020 12:38:58 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

System errors:
=============
Error: (01/09/2020 04:25:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Windows Search zlyhalo kvôli nasledujúcej chybe:
Služba neodpovedala na riadiaci alebo spúšťací pokyn načas.

Error: (01/09/2020 04:25:10 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Windows Search bol dosiahnutý časový limit (30000 ms).

Error: (01/09/2020 04:25:11 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server:
{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (01/06/2020 10:48:55 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {995C996E-D918-4A8C-A302-45719A6F4EA7} did not register with DCOM within the required timeout.

Error: (01/06/2020 09:28:58 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Služba WMPNetworkSvc sa nespustila správne, pretože sa vo funkcii CoCreateInstance(CLSID_UPnPDeviceFinder) vyskytla chyba 0x80004005. Uistite sa, že je služba UPnPHost spustená a že je súčasť UPnPHost systému Windows správne nainštalovaná.

Error: (01/04/2020 10:44:14 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Windows Modules Installer bola ukončená s nasledujúcou chybou:
%%16405

Error: (01/03/2020 11:29:59 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Službe WerSvc sa nepodarilo s aktuálne nakonfigurovaným heslom prihlásiť ako NT AUTHORITY\SYSTEM kvôli nasledujúcej chybe:
Požiadavka nie je podporovaná.

Ak chcete zabezpečiť správne nakonfigurovanie služby, použite modul Služby konzoly MMC (Microsoft Management Console).

Error: (01/03/2020 09:07:01 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

==================== Memory info ===========================

BIOS: LENOVO 18CN37WW(V2.10) 09/18/2009
Motherboard: LENOVO NITU1
Processor: Pentium(R) Dual-Core CPU T4300 @ 2.10GHz
Percentage of memory in use: 81%
Total physical RAM: 3032.6 MB
Available physical RAM: 572.32 MB
Total Virtual: 6063.57 MB
Available Virtual: 2818.15 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:252.89 GB) (Free:150.16 GB) NTFS
Drive d: (Lenovo) (Fixed) (Total:30.25 GB) (Free:10.36 GB) NTFS

\\?\Volume{26c8cd6d-ce13-11de-b561-806e6f6e6963}\ () (Fixed) (Total:0.2 GB) (Free:0.15 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 397BDB04)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=252.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=30.2 GB) - (Type=0F Extended)
Partition 4: (Not Active) - (Size=14.8 GB) - (Type=12)

==================== End of Addition.txt =======================

#2 Příspěvek od **Rudy** » 11 led 2020 11:19

Zdravím!
Modrá obrazovka (BSOD) většinou bývá problém haedwaru, či problomatických instalací, nežli malware. Zkusíme PC vyčistit. Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Iva212 · #3 Příspěvek od **Iva212** » 11 led 2020 14:21

žiadnu takúto možnosť som tam nenašla

"kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)"

tak som tam na čosi klikla ale čistenie a opravy tam neviem nájsť
???????
píše tam iba čosi o karanténe viď obrázok

#4 Příspěvek od **Rudy** » 11 led 2020 16:00

Dejte do karantény, tam jsou spoubpry neškodné. Následně je můžete smazat.

Iva212 · #5 Příspěvek od **Iva212** » 11 led 2020 16:20

podarilo sa, tu je správa

# -------------------------------
# Malwarebytes AdwCleaner 8.0.1.0
# -------------------------------
# Build: 12-17-2019
# Database: 2020-01-06.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-11-2020
# Duration: 00:01:34
# OS: Windows 7 Home Premium
# Cleaned: 17
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files\Seznam.cz
Deleted C:\ProgramData\IOBIT\Driver Booster
Deleted C:\Users\Iva\AppData\Roaming\IOBIT\Driver Booster
Deleted C:\Users\Iva\AppData\Roaming\Seznam.cz

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Seznam.cz
Deleted HKCU\Software\{DAF8B7E5-449D-4180-8281-10E536E597F2}
Deleted HKLM\Software\IObit\Driver Booster
Deleted HKLM\Software\{DAF8B7E5-449D-4180-8281-10E536E597F2}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.LenovoEnergyManagement Folder C:\Program Files\LENOVO\ENERGY MANAGEMENT
Deleted Preinstalled.LenovoEnergyManagement Folder C:\Users\Iva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LENOVO\ENERGY MANAGEMENT
Deleted Preinstalled.LenovoEnergyManagement Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Energy Management
Deleted Preinstalled.LenovoEnergyManagement Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|EnergyUtility
Deleted Preinstalled.LenovoPower2Go Folder C:\Program Files\LENOVO\POWER2GO
Deleted Preinstalled.LenovoPower2Go Folder C:\Users\Iva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LENOVO\POWER2GO
Deleted Preinstalled.LenovoPower2Go Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{40BF1E83-20EB-11D8-97C5-0009C5020658}
Deleted Preinstalled.LenovoReadyComm Folder C:\Program Files\LENOVO\READYCOMM
Deleted Preinstalled.LenovoReadyComm Folder C:\Windows\System32\config\systemprofile\AppData\Roaming\LENOVO\READYCOMM

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2812 octets] - [11/01/2020 14:15:59]
AdwCleaner[S01].txt - [2873 octets] - [11/01/2020 14:17:02]
AdwCleaner[S02].txt - [2934 octets] - [11/01/2020 16:10:40]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########

#6 Příspěvek od **Rudy** » 11 led 2020 16:59

Dekte nové logy FRST+Addition.

Iva212 · #7 Příspěvek od **Iva212** » 11 led 2020 17:28

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-01-2020
Ran by Iva (administrator) on IVA-PC (LENOVO 20023) (11-01-2020 17:20:11)
Running from C:\Users\Iva\Desktop
Loaded Profiles: Iva (Available Profiles: Iva)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(LENOVO -> Lenovo) [File not signed] C:\Program Files\MagicPlus\MagicPlus_helper.exe
(Lexmark International, Inc.) [File not signed] C:\Windows\System32\LEXBCES.EXE
(Lexmark International, Inc.) [File not signed] C:\Windows\System32\LEXPPS.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation -> Intel Corporation)
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [228120 2019-12-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM\...\Run: [MagicPlusHelper] => C:\Program Files\MagicPlus\MagicPlus_helper.exe [2499208 2015-08-24] (LENOVO -> Lenovo) [File not signed]
HKU\S-1-5-21-30654545-3194649466-4156373986-1003\Software\Policies\...\system: [disablecmd] 0
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\79.0.3945.117\Installer\chrmstp.exe [2020-01-08] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2019-05-03] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\Lenovo\Bluetooth Software\\BtwCP.dll [2009-07-01] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2009-03-30] (Microsoft Corporation -> Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2DD6F659-9040-4FF3-9B3E-3F51EA58FB5F} - System32\Tasks\{5776848F-1F69-40B3-B043-98AC6F2519AA} => C:\windows\system32\pcalua.exe -a C:\windows\system32\pcwrun.exe -c "C:\Program Files\GIMP-2.0\bin\gimp-2.4.exe"
Task: {421CF5CC-A3BF-4207-8FDD-F5E4CB904E1F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
Task: {4704E4C5-FB1F-42C4-802C-06FB1BB50A0F} - System32\Tasks\{FAB74AE7-CF79-45AE-AB0F-6624C9CEBDF6} => C:\windows\system32\pcalua.exe -a C:\Dokumenty_od_29-12-2014\Hry\tetrinst.exe -d C:\Dokumenty_od_29-12-2014\Hry
Task: {4848B36A-807F-4EE7-8844-D47D8AC7DD17} - System32\Tasks\{F2A42AD5-62FA-47B2-B9E1-FB3562B266F6} => C:\windows\system32\pcalua.exe -a "C:\Dokumenty_od_29-12-2014\PROGRAM---Bible-do-PC\THEOPHILOS - Bible do PC - základní program.EXE" -d C:\Dokumenty_od_29-12-2014\PROGRAM---Bible-do-PC
Task: {5A683F93-2FC4-49BE-87D1-70EB88C286DB} - System32\Tasks\{927D828E-ABEF-43FC-9968-E85D61911011} => C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe [795936 2009-07-01] (Broadcom Corporation -> Broadcom Corporation.)
Task: {5FFACF2E-5626-49ED-95BE-393C56EAE365} - System32\Tasks\Opera scheduled Autoupdate 1549224241 => C:\Program Files\Opera\launcher.exe
Task: {6B4A04D0-3368-4795-9231-9854EB2D37FA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
Task: {6F37622D-AC57-4AA6-8A94-6A166F1B927B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [569416 2016-02-23] (Apple Inc. -> Apple Inc.)
Task: {6F51716D-4A9F-49CC-9875-203FDD8E9E33} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files\Avira\Antivirus\avgnt.exe [2757672 2019-11-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {7E272799-9C03-4FB0-86B3-71E3C8248B65} - System32\Tasks\{3EB3C91F-59DD-4A57-B960-89983FF43EBC} => C:\windows\system32\pcalua.exe -a C:\windows\system32\pcwrun.exe -c "C:\Program Files\RarZilla Free Unrar\RarZilla.exe"
Task: {80302D3E-390E-4FBC-A3BD-B4D8ED021081} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {88604855-7D6C-4E11-9DB4-73F1ED06F403} - System32\Tasks\Avast Software\Overseer => C:\Program Files\AVAST Software\Avast\setup\overseer.exe
Task: {A01A5F0A-9524-46AC-899A-15A2A4AD7599} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-15] (Piriform Software Ltd -> Piriform Ltd)
Task: {A22DBA14-D8C0-4927-9298-2257956299D6} - System32\Tasks\{355E2702-06E9-4D0A-A4E8-E130D43F75C7} => C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe [795936 2009-07-01] (Broadcom Corporation -> Broadcom Corporation.)
Task: {C5C526FE-B8B6-43EB-ACED-E54930D05A9D} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\system32\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [1456128 2019-01-13] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {CA63A9E2-17D3-4269-9D1E-28AF57BCAE62} - System32\Tasks\lenovo mobile auto run => C:\Program Files\MagicPlus\MagicPlus_helper.exe [2499208 2015-08-24] (LENOVO -> Lenovo) [File not signed]
Task: {D8D2FD5D-2972-406B-83B6-F4FF951D437A} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2019-01-13] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {FE3599B9-4FED-4B92-8CA0-52D39CB30B6E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-15] (Piriform Software Ltd -> Piriform Software Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134512 2009-03-30] (Microsoft Corporation -> Microsoft Corporation)
Winsock: Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134512 2009-03-30] (Microsoft Corporation -> Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{5A6B09D9-D8F4-4C90-A6A4-7B84A2405D60}: [DhcpNameServer] 192.168.1.1 192.168.1.1
HKLM\System\...\Parameters\PersistentRoutes: [169.254.0.0,255.255.0.0,192.168.1.2,1]

Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-08] (Oracle America, Inc. -> Oracle Corporation)
BHO: Pomocník pri prihlasovaní v konte Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-08] (Oracle America, Inc. -> Oracle Corporation)

FireFox:
========
FF DefaultProfile: my8dsfg6.default-1541086024094
FF ProfilePath: C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\my8dsfg6.default-1541086024094 [2020-01-11]
FF Session Restore: Mozilla\Firefox\Profiles\my8dsfg6.default-1541086024094 -> is enabled.
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-13] (Adobe Systems Incorporated -> )
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.) [File not signed]
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-10-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-10-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.4 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2009-06-09] (Microsoft Corporation -> Microsoft Corp.)
FF Plugin: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files\Sony\Media Go\npmediago.dll [2010-01-20] (Sony Media Software and Services -> Sony Media Software and Services Inc)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-30654545-3194649466-4156373986-1003: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Iva\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2012-10-11] (Skype Technologies SA -> Skype Limited)

Chrome:
=======
CHR DefaultProfile: Default
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default [2020-01-11]
CHR Extension: (IE Tab) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2019-11-24]
CHR Extension: (Printable Templates by YourTemplateFinder) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\mccokphiflkjoppcieamipikjdiagipo [2019-12-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-21]
CHR Extension: (Chrome Media Router) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-26]
CHR Profile: C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-12-16]
CHR Profile: C:\Users\Iva\AppData\Local\Google\Chrome\User Data\System Profile [2019-12-16]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [88136 2019-09-10] (Adobe Inc. -> Adobe Systems)
S2 AntiVirMailService; C:\Program Files\Avira\Antivirus\avmailc7.exe [1210168 2019-12-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\Antivirus\sched.exe [484768 2019-11-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\Antivirus\avguard.exe [484768 2019-11-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\Antivirus\avwebg7.exe [567872 2019-11-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [612944 2019-12-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [582944 2009-07-01] (Broadcom Corporation -> Broadcom Corporation.)
R3 LexBceS; C:\windows\System32\LEXBCES.EXE [303104 2003-08-18] (Lexmark International, Inc.) [File not signed]
S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation -> Microsoft Corporation)
S3 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [503080 2010-05-04] (Nero AG -> Nero AG)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [1533808 2009-03-30] (Microsoft Corporation -> Microsoft Corporation)
S2 IGRS; "C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe" [X]
S3 Lenovo ReadyComm AppSvc; "C:\Program Files\Lenovo\ReadyComm\AppSvc.exe" [X]
S3 Lenovo ReadyComm ConnSvc; "C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe" [X]
S3 PS_MDP; C:\Program Files\Lenovo\ReadyComm\PS_MDP.dll [X]
S2 ReadyComm.DirectRouter; C:\Program Files\Lenovo\ReadyComm\common\router.dll [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ACPIVPC; C:\windows\System32\DRIVERS\AcpiVpc.sys [23136 2010-01-20] (Lenovo (Beijing) Limited -> Lenovo Corporation)
R0 avdevprot; C:\windows\System32\DRIVERS\avdevprot.sys [50728 2019-06-18] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [156160 2019-12-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\windows\System32\DRIVERS\avipbb.sys [171568 2019-09-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\windows\System32\DRIVERS\avkmgr.sys [36688 2019-02-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\windows\System32\DRIVERS\avnetflt.sys [60360 2019-02-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R3 b57nd60x; C:\windows\System32\DRIVERS\b57nd60x.sys [415000 2016-11-27] (Broadcom Corporation -> Broadcom Corporation)
R3 BCM43XX; C:\windows\System32\DRIVERS\bcmwl6.sys [7035128 2016-11-27] (Broadcom Corporation -> Broadcom Corporation)
S3 Bridge0; C:\windows\System32\drivers\WDBridge.sys [63240 2009-07-28] (Lenovo (Beijing) Limited -> Lenovo)
R3 Btcsrusb; C:\windows\System32\Drivers\btcusb.sys [47504 2016-11-27] (IVT CORPORATION -> IVT Corporation.)
S3 btwaudio; C:\windows\System32\drivers\btwaudio.sys [86056 2009-07-01] (Broadcom Corporation -> Broadcom Corporation.)
S3 btwavdt; C:\windows\System32\DRIVERS\btwavdt.sys [108072 2009-07-01] (Broadcom Corporation -> Broadcom Corporation.)
S3 btwl2cap; C:\windows\System32\DRIVERS\btwl2cap.sys [29472 2009-04-07] (Broadcom Corporation -> Broadcom Corporation.)
S3 btwrchid; C:\windows\System32\DRIVERS\btwrchid.sys [18344 2009-07-01] (Broadcom Corporation -> Broadcom Corporation.)
R3 CnxtHdAudService; C:\windows\System32\drivers\CHDRT32.sys [475648 2009-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems Inc.)
S3 hwdatacard; C:\windows\System32\DRIVERS\ewusbmdm.sys [92032 2007-02-28] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 HWiNFO32; C:\windows\system32\drivers\HWiNFO32.SYS [23840 2016-11-27] (Martin Malik - REALiX -> REALiX(tm))
R2 npf; C:\windows\System32\drivers\npf.sys [50704 2010-01-27] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
S3 RSUSBSTOR; C:\windows\System32\Drivers\RtsUStor.sys [171520 2009-07-30] (Realtek Semiconductor Corp.) [File not signed]
S3 RTSUER; C:\windows\System32\Drivers\RtsUer.sys [304344 2016-11-27] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
S3 s1039bus; C:\windows\System32\DRIVERS\s1039bus.sys [98672 2010-03-15] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039mdfl; C:\windows\System32\DRIVERS\s1039mdfl.sys [14960 2010-03-15] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039mdm; C:\windows\System32\DRIVERS\s1039mdm.sys [124016 2010-03-15] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039mgmt; C:\windows\System32\DRIVERS\s1039mgmt.sys [117872 2010-03-15] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039nd5; C:\windows\System32\DRIVERS\s1039nd5.sys [25456 2010-03-15] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039obex; C:\windows\System32\DRIVERS\s1039obex.sys [113904 2010-03-15] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039unic; C:\windows\System32\DRIVERS\s1039unic.sys [123504 2010-03-15] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
R3 SmbDrvI; C:\windows\System32\DRIVERS\Smb_driver_Intel.sys [26792 2016-11-27] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SNP2UVC; C:\windows\System32\DRIVERS\snp2uvc.sys [1759616 2009-03-13] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 WDC_SAM; C:\windows\System32\DRIVERS\wdcsam_prewin8.sys [28984 2018-02-26] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
R3 wdmirror; C:\windows\System32\DRIVERS\WDMirror.sys [11792 2009-07-16] (Lenovo (Beijing) Limited -> Windows (R) Codename Longhorn DDK provider)
S3 wsvd; C:\windows\System32\DRIVERS\wsvd.sys [81704 2009-07-21] (CyberLink -> CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-11 16:42 - 2020-01-11 17:19 - 660770954 _____ C:\Users\Iva\Downloads\V_utajeni(2005)_S01_E02_CZ.avi
2020-01-11 14:13 - 2020-01-11 16:12 - 000000000 ____D C:\AdwCleaner
2020-01-11 14:10 - 2020-01-11 14:10 - 008237744 _____ (Malwarebytes) C:\Users\Iva\Desktop\adwcleaner_8.0.1.exe
2020-01-11 08:28 - 2020-01-11 14:02 - 000038726 _____ C:\Users\Iva\Desktop\Addition.txt
2020-01-11 08:20 - 2020-01-11 17:26 - 000020273 _____ C:\Users\Iva\Desktop\FRST.txt
2020-01-11 08:20 - 2020-01-11 17:23 - 000000000 ____D C:\FRST
2020-01-11 08:17 - 2020-01-11 08:18 - 002303488 _____ (Farbar) C:\Users\Iva\Desktop\FRST.exe
2020-01-10 18:31 - 2020-01-10 18:31 - 014382039 _____ C:\Users\Iva\Downloads\NTB IdeaPad manual media_4062155.pdf
2020-01-06 16:50 - 2020-01-06 16:50 - 002860688 _____ C:\Users\Iva\Downloads\Girls_with_Swords_Book_Slovak.pdf
2020-01-06 16:49 - 2020-01-06 16:49 - 002214184 _____ C:\Users\Iva\Downloads\Heart_Ablaze_Book_Preview_Slovak.pdf
2020-01-06 16:38 - 2020-01-06 16:39 - 005879237 _____ C:\Users\Iva\Downloads\Holy_Spirit_Book_Slovak.pdf
2020-01-06 16:37 - 2020-01-06 16:37 - 005904272 _____ C:\Users\Iva\Downloads\Killing_Kryptonite_book_Slovak.pdf
2019-12-16 18:39 - 2019-12-16 18:39 - 000137630 _____ C:\Users\Iva\Desktop\Vizitka Dagmar Strelcova.pdf
2019-12-13 20:23 - 2019-12-13 20:23 - 000549221 _____ C:\Users\Iva\Desktop\certifikat_bajecna-zena-special.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-11 17:19 - 2016-11-19 16:55 - 000000000 ____D C:\Users\Iva\AppData\LocalLow\Mozilla
2020-01-11 17:07 - 2017-12-03 18:51 - 000000000 ____D C:\KMPlayer
2020-01-11 16:26 - 2009-07-14 05:34 - 000018736 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-01-11 16:26 - 2009-07-14 05:34 - 000018736 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-01-11 16:18 - 2009-07-14 05:53 - 000000006 ____H C:\windows\Tasks\SA.DAT
2020-01-11 16:13 - 2009-09-23 02:28 - 000000000 ____D C:\Program Files\Lenovo
2020-01-11 16:12 - 2016-11-27 19:56 - 000000000 ____D C:\Users\Iva\AppData\Roaming\IObit
2020-01-11 16:12 - 2016-11-27 19:56 - 000000000 ____D C:\ProgramData\IObit
2020-01-11 16:12 - 2010-01-29 17:48 - 000000000 ____D C:\Users\Iva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2020-01-11 14:01 - 2010-08-11 18:02 - 000003954 _____ C:\windows\system32\Tasks\User_Feed_Synchronization-{49450825-153F-4695-A1D7-101A8509DE40}
2020-01-08 21:19 - 2014-03-31 17:01 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-01-08 21:18 - 2012-04-25 04:28 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2020-01-08 16:24 - 2018-02-09 16:15 - 000004128 _____ C:\windows\system32\Tasks\CCleaner Update
2020-01-08 06:41 - 2014-11-01 17:28 - 000002182 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-07 11:07 - 2009-09-23 02:25 - 000848194 _____ C:\windows\system32\PerfStringBackup.INI
2020-01-07 11:07 - 2009-07-14 03:37 - 000000000 ____D C:\windows\inf
2020-01-06 13:23 - 2014-12-29 09:54 - 000000000 ____D C:\Dokumenty_od_24-08-2019
2020-01-04 07:41 - 2017-10-05 03:54 - 000003268 _____ C:\windows\system32\Tasks\Avira_Antivirus_Systray
2019-12-30 19:26 - 2019-09-04 19:52 - 000000000 ____D C:\Users\Iva\AppData\Roaming\vlc
2019-12-29 17:27 - 2010-10-10 15:23 - 000000000 ____D C:\DOKUMENTY
2019-12-25 11:30 - 2016-07-03 19:55 - 000000000 ____D C:\ProgramData\Package Cache
2019-12-25 11:30 - 2016-07-03 19:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2019-12-19 19:02 - 2016-04-10 16:06 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-12-17 06:42 - 2012-05-25 22:11 - 000000000 ____D C:\Program Files\CCleaner
2019-12-14 07:53 - 2019-08-18 15:57 - 000000000 ____D C:\windows\rescache
2019-12-13 21:40 - 2018-12-20 05:26 - 000003360 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-13 21:40 - 2018-12-20 05:26 - 000003232 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore

==================== Files in the root of some directories ========

2012-04-04 20:10 - 2010-01-26 10:11 - 000444283 _____ () C:\Program Files\Common Files\WinPcapNmap.exe
2011-09-26 20:23 - 2011-10-01 08:24 - 000007722 _____ () C:\Users\Iva\AppData\Roaming\mdbu.bin
2018-12-21 15:37 - 2018-12-21 16:09 - 000007168 _____ () C:\Users\Iva\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-01-16 09:01 - 2019-08-28 22:29 - 000007603 _____ () C:\Users\Iva\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

LastRegBack: 2020-01-08 13:22
==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 08-01-2020
Ran by Iva (11-01-2020 17:27:06)
Running from C:\Users\Iva\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2010-01-29 16:48:30)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-30654545-3194649466-4156373986-500 - Administrator - Disabled)
Guest (S-1-5-21-30654545-3194649466-4156373986-501 - Limited - Enabled)
Iva (S-1-5-21-30654545-3194649466-4156373986-1003 - Administrator - Enabled) => C:\Users\Iva

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.04 (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}) (Version: 1.0 - Microsoft Corporation) Hidden
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Advertising Center (HKLM\...\{b2ec4a38-b545-4a00-8214-13fe0e915e6d}) (Version: 0.0.0.1 - Nero AG) Hidden
Aktualizácia Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-041B-0000-0000000FF1CE}_HOMESTUDENTR_{9A8C39B0-D27F-4F81-BE74-2FECF164707E}) (Version: - Microsoft)
Aktualizácia Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-041B-0000-0000000FF1CE}_HOMESTUDENTR_{CE23B3DC-18CC-46FC-A309-81D6670F8D3D}) (Version: - Microsoft)
Aktualizácia Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-041B-0000-0000000FF1CE}_HOMESTUDENTR_{D6DBF512-87C0-4F6A-8FB9-AC3A389D9DE5}) (Version: - Microsoft)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - )
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
Asistent pri prihlasovaní v konte Windows Live ID (HKLM\...\{10A44844-4465-456E-8C97-80BDD4F68845}) (Version: 6.500.3146.0 - Microsoft Corporation)
Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5 (HKLM\...\{E031338C-839D-4EDD-9537-99B653C39D81}) (Version: 6.5.5.24 - Autodesk, Inc.)
Avanquest update (HKLM\...\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}) (Version: 1.29 - Avanquest Software)
Avira (HKLM\...\{4e6a365c-99da-4552-bea4-b13f55457be4}) (Version: 1.2.141.10870 - Avira Operations GmbH & Co. KG)
Avira (HKLM\...\{93A3C9E9-C927-43EC-B42F-29C3B5670A2E}) (Version: 1.2.141.10870 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.1912.1683 - Avira Operations GmbH & Co. KG)
Broadcom 802.11 Wireless Driver (HKLM\...\{8991E763-21F5-4DEA-A938-5D9D77DCB488}) (Version: 1.0.0.0 - )
Broadcom Gigabit Integrated Controller (HKLM\...\{49F3D04B-B849-4C89-AB31-2366A004EA28}) (Version: 12.24.01 - Broadcom Corporation)
BS.Player FREE (HKLM\...\BSPlayerf) (Version: 2.70.1080 - AB Team, d.o.o.)
Business Contact Manager for Outlook 2007 SP2 (HKLM\...\{B32C4059-6E7A-41EF-AD20-56DF1872B923}) (Version: 3.0.8619.1 - Microsoft Corporation) Hidden
Business Contact Manager for Outlook 2007 SP2 (HKLM\...\Business Contact Manager) (Version: 3.0.8619.1 - Microsoft Corporation)
Canon IJ Network Scanner Selector EX (HKLM\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - )
Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MP Navigator EX 5.1 (HKLM\...\MP Navigator EX 5.1) (Version: - )
Canon MP550 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series) (Version: - )
Canon MX430 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX430_series) (Version: - Canon Inc.)
Canon My Image Garden (HKLM\...\Canon My Image Garden) (Version: 3.0.1 - Canon Inc.)
Canon Pomôcka na rýchlu voľbu (HKLM\...\Speed Dial Utility) (Version: 1.5.0 - Canon Inc.)
Canon Solution Menu EX (HKLM\...\CanonSolutionMenuEX) (Version: - )
CCEnhancer verze 4.5.3 (HKLM\...\{D621766C-B5EC-42BD-9E10-774C02C17B44}_is1) (Version: 4.5.3 - SingularLabs)
CCleaner (HKLM\...\CCleaner) (Version: 5.57 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5931 - CDBurnerXP)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.98.4.0 - Conexant)
CrystalDiskInfo 6.1.0 (HKLM\...\CrystalDiskInfo_is1) (Version: 6.1.0 - Crystal Dew World)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
doPDF 6.0 printer (HKLM\...\doPDF 6 printer_is1) (Version: - Softland)
Doplnok Microsoft Save as PDF or XPS pre programy balíka 2007 Microsoft Office (HKLM\...\{90120000-00B2-041B-0000-0000000FF1CE}) (Version: 12.0.4518.1039 - Microsoft Corporation)
EasyCapture (HKLM\...\EasyCapture4.0) (Version: V4.0.09.0731 - Lenovo)
EGR-ShellExtension (HKLM\...\EGR-ShellExtension) (Version: 1.1.0.100 - EasternGraphics)
Energy Management (HKLM\...\{AE1E24C2-E720-42D5-B8E1-48F71A97B4DB}) (Version: 4.3.1.1 - Lenovo)
Facebook Video Calling 1.2.0.287 (HKLM\...\{B92C5909-1D37-4C51-8397-A28BB28E5DC3}) (Version: 1.2.287 - Skype Limited)
FileHippo.com Update Checker (HKLM\...\FileHippo.com) (Version: - )
FormatFactory 3.00 (HKLM\...\FormatFactory) (Version: 3.00 - Free Time)
Free M4a to MP3 Converter 7.1 (HKLM\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com)
GIMP 2.4.5 (HKLM\...\WinGimp-2.0_is1) (Version: - )
Google Chrome (HKLM\...\Google Chrome) (Version: 79.0.3945.117 - Google LLC)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HD Tune 2.55 (HKLM\...\HD Tune_is1) (Version: - EFD Software)
HF Designer 2.7 (HKLM\...\HappyFoto-Designer_is1) (Version: - )
HP LaserJet MFP M129-M134 Basic Device Software (HKLM\...\{C5ACDE58-777F-4A77-9B3B-DAA9956F1FF3}) (Version: 44.3.2667.18234 - HP Inc.)
ICQ7.5 (HKLM\...\{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}) (Version: 7.5 - ICQ)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation)
Intel(R) Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.450 - Oracle)
Java(TM) 6 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
K-Lite Codec Pack 10.5.5 Full (HKLM\...\KLiteCodecPack_is1) (Version: 10.5.5 - )
KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version: 4.1.5.6 - PandoraTV)
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9600 - Broadcom Corporation)
Lenovo EasyCamera (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.50.6 - Suyin Optronics Corp.)
Lenovo Mobile Assistant (HKLM\...\{400214B1-6B7B-4AA3-B330-96CF76F89D98}) (Version: 1.4.1.10128 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.0723 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.0723 - CyberLink Corp.)
Lenovo ReadyComm 5 (HKLM\...\{17542DBF-E17C-4562-BC4D-FA3EF3076C45}) (Version: 5.1.1.17 - Lenovo)
Lenovo ReadyComm 5.0 Service (HKLM\...\{76C66170-C538-4E77-B54D-48E136B5B533}) (Version: 5.0.0.1 - Lenovo Group Limited)
LenovoUsbDriver 1.1.15 (HKLM\...\LenovoUsbDriver) (Version: 1.1.15 - Lenovo)
Lexmark X1100 Series (HKLM\...\Lexmark X1100 Series) (Version: - )
Media Go (HKLM\...\{520CD4F0-9DAC-4C5C-8CA1-D0210CFF6062}) (Version: 1.4.269 - Sony)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM\...\{90A40409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.4 (HKLM\...\{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}) (Version: 2.0.3008.0 - Microsoft Corporation)
Microsoft Office Small Business Connectivity Components (HKLM\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{E7084B89-69E0-46B3-A118-8F99D06988CD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mobile Connect (HKLM\...\{3EAAC5FD-E209-4856-8C49-D4EA40F85032}) (Version: 1.00.0000 - Huawei technologies)
Mozilla Firefox 72.0.1 (x86 sk) (HKLM\...\Mozilla Firefox 72.0.1 (x86 sk)) (Version: 72.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MusicJet (HKU\S-1-5-21-30654545-3194649466-4156373986-1003\...\76f4758ca7e15dc6) (Version: 1.0.2.18 - MusicJet)
Nero 9 Essentials (HKLM\...\{faeebf0a-0bd4-44a5-a539-f9ea31b1e084}) (Version: - Nero AG)
Nero BurnLite 10 (HKLM\...\{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}) (Version: 10.0.10600 - Nero AG)
Nero BurnLite 10 (HKLM\...\{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}) (Version: 10.0.10500.5.100 - Nero AG)
Nero Update (HKLM\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
Opera 12.17 (HKLM\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
PC Inspector smart recovery (HKLM\...\{C9A87D86-FDFD-418B-BF96-EF09320973B3}) (Version: 4.50 - )
pCon.planner 6.7 (HKLM\...\{61FFF5E3-1D08-4F66-AC29-EF61963F2619}) (Version: 6.7.0.102 - EasternGraphics) Hidden
pCon.planner 6.7 (HKLM\...\pCon.planner 6.7) (Version: 6.7.0.102 - EasternGraphics)
PlayStation(R)Network Downloader (HKLM\...\{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}) (Version: 2.02.00076 - Sony Computer Entertainment Inc.)
PlayStation(R)Store (HKLM\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 3.1.8.07881 - Sony Computer Entertainment Inc.)
Pluto TV version 0.3.2 (HKU\S-1-5-21-30654545-3194649466-4156373986-1003\...\Pluto TV_is1) (Version: 0.3.2 - Pluto TV)
Puzzle Express Deluxe (HKU\S-1-5-21-30654545-3194649466-4156373986-1003\...\Puzzle Express Deluxe) (Version: 1.0.0 - Zylom Games)
QIP 2012 4.0.6611 (HKU\S-1-5-21-30654545-3194649466-4156373986-1003\...\QIP 2012) (Version: 4.0.6611 - )
QIP Internet Guardian (HKU\S-1-5-21-30654545-3194649466-4156373986-1003\...\QipGuard) (Version: - )
QuickTime 7 (HKLM\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
RAD Video Tools (HKLM\...\RADVideo) (Version: - )
Realtek Card Reader (HKLM\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconduct Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30101 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.45 - Piriform)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tetris Navždy (HKLM\...\Tetris Navždy) (Version: - )
Theophilos 3 (HKLM\...\Theophilos_is1) (Version: - )
Theophilos 3.0 (HKLM\...\Theophilos 3.0_is1) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Windows Driver Package - MediaTek Inc. (wdm_usb) Ports (01/22/2015 3.0.1504.0) (HKLM\...\BD5E2A628C2263FAEC66A4BFF2E88B897427E4C3) (Version: 01/22/2015 3.0.1504.0 - MediaTek Inc.)
WinPcap 4.1.1 (HKLM\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-30654545-3194649466-4156373986-1003_Classes\CLSID\{5C4094D7-4213-4C40-9E33-16A2D2D69EF2}\InprocServer32 -> C:\Program Files\Sony\PlayStation Store\StoreDrmUtility.dll (Sony Computer Entertainment Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-30654545-3194649466-4156373986-1003_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Iva\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Technologies SA -> Skype Limited)
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\windows\system32\webcheck.dll (Microsoft Windows -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files\Avira\Antivirus\shlext.dll [2019-11-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2011-02-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files\Avira\Antivirus\shlext.dll [2019-11-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [msacm.clmp3enc] => C:\PROGRA~1\Lenovo\Power2Go\CLMP3Enc.ACM
HKLM\...\Drivers32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32: [VIDC.VP80] => vp8vfw.dll

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2010-03-27 18:35 - 2003-07-29 14:27 - 000078336 _____ () [File not signed] C:\windows\system32\spool\PRTPROCS\W32X86\LXBKPP5C.dll
2015-01-11 18:08 - 2012-06-14 17:18 - 000366592 _____ (CANON INC.) [File not signed] C:\windows\System32\CNMNPPM.DLL
2017-12-27 17:37 - 2016-10-04 16:12 - 000049664 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2009-09-23 02:13 - 2009-06-04 20:03 - 000073728 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel Matrix Storage Manager\ENU\IAAMon_ENU.dll
2009-09-23 02:13 - 2009-06-04 20:02 - 000118784 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel Matrix Storage Manager\ENU\PlugInRAID_ENU.dll
2009-09-23 02:13 - 2009-06-04 19:55 - 000208896 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll
2015-08-24 11:11 - 2015-08-24 11:11 - 000109704 _____ (LENOVO -> ) [File not signed] C:\Program Files\MagicPlus\crashreport.dll
2015-08-24 11:11 - 2015-08-24 11:11 - 000354440 _____ (LENOVO -> ) [File not signed] C:\Program Files\MagicPlus\UsbHelper.dll
2015-08-24 11:11 - 2015-08-24 11:11 - 000418952 _____ (LENOVO -> Microsoft Corporation) [File not signed] C:\Program Files\MagicPlus\MSVCP100.dll
2015-08-24 11:11 - 2015-08-24 11:11 - 000771720 _____ (LENOVO -> Microsoft Corporation) [File not signed] C:\Program Files\MagicPlus\MSVCR100.dll
2010-03-27 18:35 - 2003-08-18 18:48 - 000196096 _____ (Lexmark International, Inc.) [File not signed] C:\windows\System32\lex2kusb.dll
2010-03-27 18:35 - 2003-08-18 15:34 - 000147456 _____ (Lexmark International, Inc.) [File not signed] C:\windows\System32\LexBce.dll
2010-03-27 18:35 - 2003-08-18 18:48 - 000192512 _____ (Lexmark International, Inc.) [File not signed] C:\windows\System32\LEXLMPM.DLL
2010-03-27 18:35 - 2003-08-18 18:47 - 000201216 _____ (Lexmark International, Inc.) [File not signed] C:\windows\System32\lexp2p32.dll
2010-03-27 18:35 - 2003-08-19 15:25 - 000073728 _____ (Lexmark International, Inc.) [File not signed] C:\windows\System32\LXBKpwr.dll
2009-01-29 13:04 - 2009-01-29 13:04 - 000134144 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
2019-03-27 22:48 - 2019-03-27 22:48 - 000115200 _____ (Microsoft Corporation) [File not signed] C:\windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2018-02-08 16:21 - 000000035 _____ C:\windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-30654545-3194649466-4156373986-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Iva\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Iva^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PlutoTV.lnk => C:\windows\pss\PlutoTV.lnk.Startup
MSCONFIG\startupreg: Apoint => C:\Program Files\Apoint2K\Apoint.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
MSCONFIG\startupreg: VeriFaceManager => C:\Program Files\Lenovo\VeriFace\PManage.exe

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B15C5458-D4C3-4F39-8188-C73886AB484C}] => (Allow) C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe No File
FirewallRules: [{50309CE0-6061-4F45-8387-30F71EABD235}] => (Allow) C:\windows\System32\IgrsSvcs.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{7D4EBB45-7C2D-476A-866E-321EB71387D2}] => (Allow) C:\windows\System32\IgrsSvcs.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{0C0DCF90-E250-4325-8275-9595FECF2D2F}] => (Allow) C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe No File
FirewallRules: [{F410BBB9-AE8D-4117-914E-33DD15AD4422}] => (Allow) C:\Program Files\Lenovo\ReadyComm\ReadyComm.exe No File
FirewallRules: [{25A04806-39BE-4844-A2DF-38AAD39F517F}] => (Allow) C:\Program Files\Lenovo\ReadyComm\Projectionist.exe No File
FirewallRules: [{ECE083BB-B64A-45C8-8029-DB318B4A5F0E}] => (Allow) C:\Program Files\Lenovo\ReadyComm\Projectionist.exe No File
FirewallRules: [{33FFBE7A-5CFE-41F7-9C00-901BE47D649F}] => (Allow) C:\Program Files\Lenovo\ReadyComm\AppSvc.exe No File
FirewallRules: [{2553EFAB-2FA2-4CAD-8970-224B673EAE70}] => (Allow) C:\Program Files\Lenovo\ReadyComm\AppSvc.exe No File
FirewallRules: [{AE86CC13-F845-4BBE-A531-94ACCE01422B}] => (Allow) C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe No File
FirewallRules: [{8BCAAD73-86D7-4ACB-8986-D6AE5A52A2FD}] => (Allow) C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe No File
FirewallRules: [{3F6E1029-3C60-48E9-B43A-995BD4170373}] => (Allow) C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe No File
FirewallRules: [{3DAE2E26-3D52-4E65-B808-9BB50FE05534}] => (Allow) C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe No File
FirewallRules: [TCP Query User{C3B652EC-FB8E-4BD2-96A2-7FCA3B2E3CBC}C:\program files\opera\opera.exe] => (Allow) C:\program files\opera\opera.exe (Opera Software ASA -> Opera Software)
FirewallRules: [UDP Query User{F17F7FF8-E5B0-4B99-AA4F-083047336DC2}C:\program files\opera\opera.exe] => (Allow) C:\program files\opera\opera.exe (Opera Software ASA -> Opera Software)
FirewallRules: [TCP Query User{BFB1BD70-4668-4735-9277-BF2C8FC8D96A}C:\program files\opera\opera.exe] => (Block) C:\program files\opera\opera.exe (Opera Software ASA -> Opera Software)
FirewallRules: [UDP Query User{AC1D111C-7049-4C99-A992-CE9054976335}C:\program files\opera\opera.exe] => (Block) C:\program files\opera\opera.exe (Opera Software ASA -> Opera Software)
FirewallRules: [{1279EAB1-AAB1-4993-A899-6C839FFC5300}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{773470E4-2101-421F-860C-F50618287C65}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4F5E48D2-17E9-45AE-A1B9-C9D153C275D3}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2AFED377-0A67-4CB4-9E68-AA17F07CC0E4}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E119330F-0296-41AE-881E-9AB1C7B550E0}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C954B080-78AD-41E4-AC33-CECC4B574CFA}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9A3BD9B4-1B67-4B6C-8DE1-2F477D26F696}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D9947D47-64ED-4E36-A234-F83F84FCBA4D}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8438D759-BD91-4474-87F6-93933ECAF8F6}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{274186CA-8E0F-4083-9020-30B819D51EEB}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{21DD6A2A-2D3F-4565-8803-B815BD409441}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E9B25EC6-C489-49F6-A485-AD6F9EE7EA5B}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F9AE9B17-9BB8-49FD-B76C-225DCEF378EC}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FF4225D5-645C-415B-886F-4B899AE761E8}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{41B2B6CA-4BE9-486B-B867-3A8163B5EF97}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{87865ECB-6BAB-4957-9881-75DC136D889C}C:\program files\icq7.1\icq.exe] => (Block) C:\program files\icq7.1\icq.exe (ICQ -> ICQ, LLC.)
FirewallRules: [UDP Query User{57D7DE28-E332-4309-B5BE-2B1241C996AB}C:\program files\icq7.1\icq.exe] => (Block) C:\program files\icq7.1\icq.exe (ICQ -> ICQ, LLC.)
FirewallRules: [{19FE0E10-D10C-44B1-8B64-D72E6810B046}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{D6915018-2A90-4CAC-8D5C-60427DBFFB57}C:\program files\qip 2012\qip.exe] => (Block) C:\program files\qip 2012\qip.exe (OOO Russkie Internet Reshenija -> QIP) [File not signed]
FirewallRules: [UDP Query User{539F7CB0-327A-4949-A591-7AF2933E4A24}C:\program files\qip 2012\qip.exe] => (Block) C:\program files\qip 2012\qip.exe (OOO Russkie Internet Reshenija -> QIP) [File not signed]
FirewallRules: [{61843223-799F-4909-BBB3-8287FDE853B2}] => (Allow) C:\Program Files\ICQ7.5\ICQ.exe (ICQ -> ICQ, LLC.)
FirewallRules: [{E2195357-D431-4FF9-A4B4-2784FBE2192B}] => (Allow) C:\Program Files\ICQ7.5\ICQ.exe (ICQ -> ICQ, LLC.)
FirewallRules: [{AB13E5EC-657F-4520-B704-16D4FFA77250}] => (Allow) C:\Program Files\ICQ7.5\ICQ.exe (ICQ -> ICQ, LLC.)
FirewallRules: [{59F5D1DB-33D9-4FD9-A312-D1B0EE31FAC6}] => (Allow) C:\Program Files\ICQ7.5\ICQ.exe (ICQ -> ICQ, LLC.)
FirewallRules: [{8DBD9DC6-579B-441F-84E0-7FC12418187A}] => (Allow) C:\Program Files\ICQ7.5\ICQ.exe (ICQ -> ICQ, LLC.)
FirewallRules: [{7E18E430-A132-4C2E-BBD5-7DF8DFE8FA32}] => (Allow) C:\Program Files\ICQ7.5\ICQ.exe (ICQ -> ICQ, LLC.)
FirewallRules: [{78612CBD-2D82-4079-B6FD-13F87AA3E188}] => (Allow) C:\Users\Iva\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe (Skype Technologies SA -> Skype Limited)
FirewallRules: [{DABDD449-D4CF-45EE-B207-BA77CB5E1B22}] => (Allow) C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D6B57271-792A-40FB-93C8-EBBB4F46E218}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5133B4C8-BA48-4B3B-BB33-752780D417FF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{5B9B160A-CED9-45DE-A1A2-D79A245ED541}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{E9D4009A-2910-4592-8CF1-2F545720FB3A}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{ECD4B7E2-16F4-4C80-AD95-3763A1E9E199}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0E0951EB-4215-4CDA-8116-86DA8C9B6E34}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{958DD243-E937-4E74-81FD-46D87DE89556}C:\program files\magicplus\magicplus.exe] => (Allow) C:\program files\magicplus\magicplus.exe (LENOVO -> Lenovo) [File not signed]
FirewallRules: [UDP Query User{4C0EA74A-6EE2-4449-BE98-A142B0CCC08D}C:\program files\magicplus\magicplus.exe] => (Allow) C:\program files\magicplus\magicplus.exe (LENOVO -> Lenovo) [File not signed]
FirewallRules: [{72650204-69F2-4C2A-BAEA-CF78848D00F3}] => (Block) C:\program files\magicplus\magicplus.exe (LENOVO -> Lenovo) [File not signed]
FirewallRules: [{92406B19-38D7-4065-9913-C94A9DA71FAF}] => (Block) C:\program files\magicplus\magicplus.exe (LENOVO -> Lenovo) [File not signed]
FirewallRules: [{18340DEE-D3F2-4219-B50B-EDAEC4C42F3C}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M129-M134\bin\EWSProxy.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{16ACC2D8-990D-44AD-9C48-7F7BC9597445}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M129-M134\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{73834045-AE5A-457C-BADF-EDD3D1108E70}] => (Allow) LPort=5357
FirewallRules: [{4DFA43DB-541D-46C7-A0CC-002E1447206D}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M129-M134\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{7C3092C5-6853-468F-B9C4-CFF26776F823}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M129-M134\bin\DigitalWizards.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{6DF1CA8E-0A15-490A-86EC-C6A7ED0259D0}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M129-M134\bin\FaxPrinterUtility.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{A20155EB-5054-4BCA-B259-0BAC6D932E12}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{06079893-644A-4D5D-9CBA-61C3B5B0A919}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{6A5E3C64-A2EE-4890-AE6F-9FBA7266B231}] => (Allow) C:\Program Files\Opera\42.0.2393.137\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [TCP Query User{42379666-4464-403E-A3F5-34C08411D859}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{E2A85453-C5AD-48AC-A207-B1CF1A54F588}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{A2878E03-CDC2-4C35-A1CC-FA9E02013934}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

11-01-2020 07:35:56 Plánovaný kontrolný bod
11-01-2020 16:11:44 AdwCleaner_BeforeCleaning_11/01/2020_16:11:37

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (01/11/2020 04:11:43 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Prístup je odmietnutý.
.
This is often caused by incorrect security settings in either the writer or requestor process.

Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {72b83ac4-a8ca-43f5-8ec3-359ac77d18cb}

Error: (01/07/2020 11:07:25 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (01/07/2020 11:07:24 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (01/07/2020 08:50:20 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (01/07/2020 08:50:19 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (01/06/2020 08:52:39 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (01/06/2020 08:52:38 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (01/06/2020 12:38:58 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

System errors:
=============
Error: (01/11/2020 04:19:27 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba ReadyComm.DirectRouter bola ukončená s nasledujúcou chybou:
Zadaný modul sa nepodarilo nájsť.

Error: (01/11/2020 04:19:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby IGRS zlyhalo kvôli nasledujúcej chybe:
Systém nemôže nájsť zadaný súbor.

Error: (01/11/2020 04:16:53 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.

Cesta k modulu: C:\windows\System32\bcmihvsrv.dll

Error: (01/11/2020 04:16:53 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.

Cesta k modulu: C:\windows\System32\bcmihvsrv.dll

Error: (01/11/2020 04:15:51 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.

Cesta k modulu: C:\windows\System32\bcmihvsrv.dll

Error: (01/11/2020 04:13:03 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Avira Service Host bol dosiahnutý časový limit (30000 ms).

Error: (01/11/2020 04:12:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avira Service Host sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 10000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (01/11/2020 04:12:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba IGRS sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

==================== Memory info ===========================

BIOS: LENOVO 18CN37WW(V2.10) 09/18/2009
Motherboard: LENOVO NITU1
Processor: Pentium(R) Dual-Core CPU T4300 @ 2.10GHz
Percentage of memory in use: 54%
Total physical RAM: 3032.6 MB
Available physical RAM: 1379.12 MB
Total Virtual: 6063.57 MB
Available Virtual: 4014.57 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:252.89 GB) (Free:148.96 GB) NTFS
Drive d: (Lenovo) (Fixed) (Total:30.25 GB) (Free:10.36 GB) NTFS
Drive g: (KINGSTON) (Removable) (Total:28.86 GB) (Free:10.87 GB) FAT32

\\?\Volume{26c8cd6d-ce13-11de-b561-806e6f6e6963}\ () (Fixed) (Total:0.2 GB) (Free:0.15 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 397BDB04)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=252.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=30.2 GB) - (Type=0F Extended)
Partition 4: (Not Active) - (Size=14.8 GB) - (Type=12)

==========================================================
Disk: 1 (Size: 28.9 GB) (Disk ID: 5DA74B42)
Partition 1: (Not Active) - (Size=28.9 GB) - (Type=0B)

==================== End of Addition.txt =======================

#8 Příspěvek od **Rudy** » 11 led 2020 17:58

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
Task: {2DD6F659-9040-4FF3-9B3E-3F51EA58FB5F} - System32\Tasks\{5776848F-1F69-40B3-B043-98AC6F2519AA} => C:\windows\system32\pcalua.exe -a C:\windows\system32\pcwrun.exe -c "C:\Program Files\GIMP-2.0\bin\gimp-2.4.exe"
Task: {421CF5CC-A3BF-4207-8FDD-F5E4CB904E1F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
Task: {4704E4C5-FB1F-42C4-802C-06FB1BB50A0F} - System32\Tasks\{FAB74AE7-CF79-45AE-AB0F-6624C9CEBDF6} => C:\windows\system32\pcalua.exe -a C:\Dokumenty_od_29-12-2014\Hry\tetrinst.exe -d C:\Dokumenty_od_29-12-2014\Hry
Task: {4848B36A-807F-4EE7-8844-D47D8AC7DD17} - System32\Tasks\{F2A42AD5-62FA-47B2-B9E1-FB3562B266F6} => C:\windows\system32\pcalua.exe -a "C:\Dokumenty_od_29-12-2014\PROGRAM---Bible-do-PC\THEOPHILOS - Bible do PC - základní program.EXE" -d C:\Dokumenty_od_29-12-2014\PROGRAM---Bible-do-PC
Task: {6B4A04D0-3368-4795-9231-9854EB2D37FA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
Task: {7E272799-9C03-4FB0-86B3-71E3C8248B65} - System32\Tasks\{3EB3C91F-59DD-4A57-B960-89983FF43EBC} => C:\windows\system32\pcalua.exe -a C:\windows\system32\pcwrun.exe -c "C:\Program Files\RarZilla Free Unrar\RarZilla.exe"
C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Iva\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
FirewallRules: [{B15C5458-D4C3-4F39-8188-C73886AB484C}] => (Allow) C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe No File
FirewallRules: [{0C0DCF90-E250-4325-8275-9595FECF2D2F}] => (Allow) C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe No File
FirewallRules: [{F410BBB9-AE8D-4117-914E-33DD15AD4422}] => (Allow) C:\Program Files\Lenovo\ReadyComm\ReadyComm.exe No File
FirewallRules: [{25A04806-39BE-4844-A2DF-38AAD39F517F}] => (Allow) C:\Program Files\Lenovo\ReadyComm\Projectionist.exe No File
FirewallRules: [{ECE083BB-B64A-45C8-8029-DB318B4A5F0E}] => (Allow) C:\Program Files\Lenovo\ReadyComm\Projectionist.exe No File
FirewallRules: [{33FFBE7A-5CFE-41F7-9C00-901BE47D649F}] => (Allow) C:\Program Files\Lenovo\ReadyComm\AppSvc.exe No File
FirewallRules: [{2553EFAB-2FA2-4CAD-8970-224B673EAE70}] => (Allow) C:\Program Files\Lenovo\ReadyComm\AppSvc.exe No File
FirewallRules: [{AE86CC13-F845-4BBE-A531-94ACCE01422B}] => (Allow) C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe No File
FirewallRules: [{8BCAAD73-86D7-4ACB-8986-D6AE5A52A2FD}] => (Allow) C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe No File
FirewallRules: [{3F6E1029-3C60-48E9-B43A-995BD4170373}] => (Allow) C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe No File
FirewallRules: [{3DAE2E26-3D52-4E65-B808-9BB50FE05534}] => (Allow) C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe No File

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Iva212 · #9 Příspěvek od **Iva212** » 11 led 2020 18:23

Fix result of Farbar Recovery Scan Tool (x86) Version: 08-01-2020
Ran by Iva (11-01-2020 18:17:27) Run:1
Running from C:\Users\Iva\Desktop
Loaded Profiles: Iva (Available Profiles: Iva)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start

CloseProcesses:
Task: {2DD6F659-9040-4FF3-9B3E-3F51EA58FB5F} - System32\Tasks\{5776848F-1F69-40B3-B043-98AC6F2519AA} => C:\windows\system32\pcalua.exe -a C:\windows\system32\pcwrun.exe -c "C:\Program Files\GIMP-2.0\bin\gimp-2.4.exe"
Task: {421CF5CC-A3BF-4207-8FDD-F5E4CB904E1F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
Task: {4704E4C5-FB1F-42C4-802C-06FB1BB50A0F} - System32\Tasks\{FAB74AE7-CF79-45AE-AB0F-6624C9CEBDF6} => C:\windows\system32\pcalua.exe -a C:\Dokumenty_od_29-12-2014\Hry\tetrinst.exe -d C:\Dokumenty_od_29-12-2014\Hry
Task: {4848B36A-807F-4EE7-8844-D47D8AC7DD17} - System32\Tasks\{F2A42AD5-62FA-47B2-B9E1-FB3562B266F6} => C:\windows\system32\pcalua.exe -a "C:\Dokumenty_od_29-12-2014\PROGRAM---Bible-do-PC\THEOPHILOS - Bible do PC - z�kladn� program.EXE" -d C:\Dokumenty_od_29-12-2014\PROGRAM---Bible-do-PC
Task: {6B4A04D0-3368-4795-9231-9854EB2D37FA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
Task: {7E272799-9C03-4FB0-86B3-71E3C8248B65} - System32\Tasks\{3EB3C91F-59DD-4A57-B960-89983FF43EBC} => C:\windows\system32\pcalua.exe -a C:\windows\system32\pcwrun.exe -c "C:\Program Files\RarZilla Free Unrar\RarZilla.exe"
C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Iva\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
FirewallRules: [{B15C5458-D4C3-4F39-8188-C73886AB484C}] => (Allow) C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe No File
FirewallRules: [{0C0DCF90-E250-4325-8275-9595FECF2D2F}] => (Allow) C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe No File
FirewallRules: [{F410BBB9-AE8D-4117-914E-33DD15AD4422}] => (Allow) C:\Program Files\Lenovo\ReadyComm\ReadyComm.exe No File
FirewallRules: [{25A04806-39BE-4844-A2DF-38AAD39F517F}] => (Allow) C:\Program Files\Lenovo\ReadyComm\Projectionist.exe No File
FirewallRules: [{ECE083BB-B64A-45C8-8029-DB318B4A5F0E}] => (Allow) C:\Program Files\Lenovo\ReadyComm\Projectionist.exe No File
FirewallRules: [{33FFBE7A-5CFE-41F7-9C00-901BE47D649F}] => (Allow) C:\Program Files\Lenovo\ReadyComm\AppSvc.exe No File
FirewallRules: [{2553EFAB-2FA2-4CAD-8970-224B673EAE70}] => (Allow) C:\Program Files\Lenovo\ReadyComm\AppSvc.exe No File
FirewallRules: [{AE86CC13-F845-4BBE-A531-94ACCE01422B}] => (Allow) C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe No File
FirewallRules: [{8BCAAD73-86D7-4ACB-8986-D6AE5A52A2FD}] => (Allow) C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe No File
FirewallRules: [{3F6E1029-3C60-48E9-B43A-995BD4170373}] => (Allow) C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe No File
FirewallRules: [{3DAE2E26-3D52-4E65-B808-9BB50FE05534}] => (Allow) C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe No File

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2DD6F659-9040-4FF3-9B3E-3F51EA58FB5F} => removed successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2DD6F659-9040-4FF3-9B3E-3F51EA58FB5F} => removed successfully.
C:\Windows\System32\Tasks\{5776848F-1F69-40B3-B043-98AC6F2519AA} => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5776848F-1F69-40B3-B043-98AC6F2519AA} => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{421CF5CC-A3BF-4207-8FDD-F5E4CB904E1F}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{421CF5CC-A3BF-4207-8FDD-F5E4CB904E1F}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4704E4C5-FB1F-42C4-802C-06FB1BB50A0F} => removed successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4704E4C5-FB1F-42C4-802C-06FB1BB50A0F} => removed successfully.
C:\Windows\System32\Tasks\{FAB74AE7-CF79-45AE-AB0F-6624C9CEBDF6} => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FAB74AE7-CF79-45AE-AB0F-6624C9CEBDF6} => removed successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4848B36A-807F-4EE7-8844-D47D8AC7DD17} => removed successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4848B36A-807F-4EE7-8844-D47D8AC7DD17} => removed successfully.
C:\Windows\System32\Tasks\{F2A42AD5-62FA-47B2-B9E1-FB3562B266F6} => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F2A42AD5-62FA-47B2-B9E1-FB3562B266F6} => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6B4A04D0-3368-4795-9231-9854EB2D37FA}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B4A04D0-3368-4795-9231-9854EB2D37FA}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7E272799-9C03-4FB0-86B3-71E3C8248B65} => removed successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E272799-9C03-4FB0-86B3-71E3C8248B65} => removed successfully.
C:\Windows\System32\Tasks\{3EB3C91F-59DD-4A57-B960-89983FF43EBC} => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3EB3C91F-59DD-4A57-B960-89983FF43EBC} => removed successfully.
"C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Users\Iva\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B15C5458-D4C3-4F39-8188-C73886AB484C}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0C0DCF90-E250-4325-8275-9595FECF2D2F}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F410BBB9-AE8D-4117-914E-33DD15AD4422}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{25A04806-39BE-4844-A2DF-38AAD39F517F}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ECE083BB-B64A-45C8-8029-DB318B4A5F0E}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{33FFBE7A-5CFE-41F7-9C00-901BE47D649F}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2553EFAB-2FA2-4CAD-8970-224B673EAE70}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AE86CC13-F845-4BBE-A531-94ACCE01422B}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8BCAAD73-86D7-4ACB-8986-D6AE5A52A2FD}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3F6E1029-3C60-48E9-B43A-995BD4170373}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3DAE2E26-3D52-4E65-B808-9BB50FE05534}" => removed successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 65117060 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 3925866 B
Edge => 0 B
Chrome => 241596100 B
Firefox => 1112826934 B
Opera => 132064 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
LocalService => 128 B
NetworkService => 6080 B
Iva => 22722549 B

RecycleBin => 0 B
EmptyTemp: => 1.4 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 18:20:18 ====

#10 Příspěvek od **Rudy** » 11 led 2020 18:53

Smazáno. Nastala nějaká změna?

Iva212 · #11 Příspěvek od **Iva212** » 11 led 2020 18:57

Ďakujem veľmi pekne,
myslím, že je to lepšie.

#12 Příspěvek od **Rudy** » 11 led 2020 19:49

Nemáte zač!

Iva212 · #13 Příspěvek od **Iva212** » 11 led 2020 21:05

a čo tomu bolo?

#14 Příspěvek od **Rudy** » 11 led 2020 21:49

Jen několik AdWarů a zbytečnosti. Nejsem si tak zcela jistý, že právě toto bylo příčinou těch pádů.

Iva212 · #15 Příspěvek od **Iva212** » 11 led 2020 21:57

hmm a čo teda navrhujete?

VIRY.CZ

Prosím o kontrolu

Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu