Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Kontrola
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Kontrola
Ahoj 
Zalozil si viac samostatnych tem, budeme pokracovat v tejto jednej. Log z FRST (v predchadzajucej teme) vsak nie je uplny. Vytvor logy z FRST este raz a posli ich (obidva) do tejto temy. Ak sa nezmestia do 1 prispevku (odpovede), mozes ich rozdelit do viacerych prispevkov
Zalozil si viac samostatnych tem, budeme pokracovat v tejto jednej. Log z FRST (v predchadzajucej teme) vsak nie je uplny. Vytvor logy z FRST este raz a posli ich (obidva) do tejto temy. Ak sa nezmestia do 1 prispevku (odpovede), mozes ich rozdelit do viacerych prispevkov
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Kontrola
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-02-2020 02
Ran by pc (09-02-2020 18:06:52)
Running from C:\Users\pc\Desktop
Windows 7 Professional Service Pack 1 (X64) (2015-10-03 17:11:34)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3134211295-3072908730-4118665192-500 - Administrator - Disabled)
Guest (S-1-5-21-3134211295-3072908730-4118665192-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3134211295-3072908730-4118665192-1002 - Limited - Enabled)
pc (S-1-5-21-3134211295-3072908730-4118665192-1000 - Administrator - Enabled) => C:\Users\pc
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {8EAC8D5C-B3AA-95AA-3DF1-2845CDD09CBE}
AS: Avira Antivirus (Enabled - Up to date) {35CD6CB8-9590-9A24-0741-1337B657D603}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (HKLM\...\{55D55008-E5F6-47D6-B16F-B2A40D4D145F}) (Version: 6.2.1 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.314 - Adobe)
AirDroid 3.2.1.1 (HKLM-x32\...\AirDroid) (Version: 3.2.1.1 - Sand Studio)
Avira (HKLM-x32\...\{59bab6b1-f615-42c3-9614-8dc338ac8ed4}) (Version: 1.2.143.109 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{82B6E5B0-3F76-446B-9FDE-0200B5B36B37}) (Version: 1.2.143.109 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2001.1707 - Avira Operations GmbH & Co. KG)
Avira Home Guard (HKLM-x32\...\{B44A6ACF-D50A-4CAC-9A8E-246402BDC101}) (Version: 1.1.10.773 - Avira Operations GmbH & Co. KG)
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.31.4.26498 - Avira Operations GmbH & Co. KG)
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.0.22.7684 - Avira Operations GmbH & Co. KG)
Avira Software Updater (HKLM-x32\...\{3BEE2703-942D-401D-93E1-7950CCF54769}) (Version: 2.0.6.25416 - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.4.1.10871 - Avira Operations GmbH & Co. KG)
BrLauncher (HKLM-x32\...\{42D26B47-887C-45FC-BCAE-0BE485C5C0BB}) (Version: 2.0.11.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{190861E7-09C5-42D8-BB4B-0AFB234BCFC1}) (Version: 1.0.3.1 - Brother Industries Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{613ce488-8460-4831-ad3a-dd0b4c39fdaf}) (Version: 4.3.2.0 - Brother Industries, Ltd.)
Brother iPrint&Scan (HKLM-x32\...\{A7B27ABE-950F-48B4-B74F-F3F87C9E9BCD}) (Version: 4.3.2.0 - Brother Industries, Ltd.) Hidden
Brother Port Driver (HKLM-x32\...\{0F6B8799-05C1-44C3-B6BE-CAC670D40E4A}) (Version: 1.0.4.4 - Brother Industries Ltd.) Hidden
Brother Printer Driver (HKLM-x32\...\{113D31E0-0791-4654-9000-5F77221E99F7}) (Version: 1.4.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{F921362C-796E-4BC7-9385-86CED819E73D}) (Version: 1.0.22.1 - Brother Industries Ltd.) Hidden
BrSupportTools (HKLM-x32\...\{32F47565-84B1-42CC-B09A-4CDDD9A32F94}) (Version: 1.0.20.0 - Brother Industries Ltd.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
ControlCenter4 (HKLM-x32\...\{9091B952-8719-49C3-9CC7-6E20EC61081F}) (Version: 4.6.6.1 - Brother Industries, Ltd.) Hidden
ControlCenter4 CSDK (HKLM-x32\...\{FD8A9511-BFC9-43B5-BB75-9CEC0EA03CF0}) (Version: 4.6.1.1 - Brother Industries, Ltd.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Etron USB3.0 Host Controller (HKLM-x32\...\{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.118 - Etron Technology) Hidden
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.118 - Etron Technology)
Freemake Video Converter verze 4.1.10 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.10 - Mixbyte Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 9.1.0.300 - )
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.225 - Intel Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.6.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01590 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Mozilla Firefox 72.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 72.0.2 (x64 cs)) (Version: 72.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.2 - Mozilla)
NetworkRepairTool (HKLM-x32\...\{86E68F57-FAFE-4052-BDD4-3B90C38236AE}) (Version: 1.2.16.0 - Brother Industries, Ltd.) Hidden
Nuance PaperPort 14 (HKLM-x32\...\{24510774-4424-46C2-8FB7-5DE0C945ED2B}) (Version: 14.5.0006 - Nuance Communications, Inc.)
Nuance PDF Viewer SE (HKLM-x32\...\{D8151965-282B-4EB6-A3F1-68AB555D8423}) (Version: 7.20.3230 - Nuance Communications, Inc.)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0002 - Nuance Communications, Inc.)
Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.) Hidden
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
ScannerUtilityInstaller (HKLM-x32\...\{5B645FE2-19E9-4B15-B5B2-3D8766F6FA27}) (Version: 1.0.0.0 - Brother) Hidden
Scansoft PDF Professional (HKLM-x32\...\{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}) (Version: - ) Hidden
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype verze 8.44 (HKLM-x32\...\Skype_is1) (Version: 8.44 - Skype Technologies S.A.)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
SoftwareUpdateNotification (HKLM-x32\...\{34F12379-C924-41E6-921D-51C71217F58C}) (Version: 1.0.9.0 - Brother Industries, Ltd.) Hidden
StatusMonitor (HKLM-x32\...\{40578A7A-6E36-457F-A4F0-45BC37EB61FD}) (Version: 1.20.1.0 - Brother Insutries Ltd.) Hidden
UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden
VIA Platforma Ovladače zařízení (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WinPcap for Avira 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Domotz, Inc)
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3134211295-3072908730-4118665192-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-26] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> No File
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-11-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> No File
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2015-08-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-11-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
==================== Loaded Modules (Whitelisted) =============
2016-11-25 09:18 - 2016-11-25 09:18 - 000139264 _____ () [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2017-03-22 16:21 - 2018-01-18 14:39 - 000519168 _____ () [File not signed] C:\Program Files (x86)\Browny02\BrMonitor.dll
2016-10-04 13:25 - 2018-01-18 14:39 - 001720832 _____ () [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonWRes.dll
2019-08-17 10:09 - 2005-04-22 12:36 - 000143360 _____ () [File not signed] C:\Windows\system32\BrSNMP64.dll
2012-12-05 11:29 - 2012-12-05 11:29 - 004883456 _____ (BCGSoft Ltd) [File not signed] C:\Program Files (x86)\Nuance\PaperPort\BCGCBPRO1100u100.dll
2012-12-05 11:29 - 2012-12-05 11:29 - 000036864 _____ (Black Ice Software, Inc.) [File not signed] C:\Program Files (x86)\Nuance\PaperPort\blicectr.dll
2019-08-17 10:09 - 2016-11-01 10:27 - 000090112 _____ (Brother Industries, Ltd.) [File not signed] C:\Windows\system32\BrNetSti.dll
2008-12-03 20:05 - 2008-12-03 20:05 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2008-12-03 20:05 - 2008-12-03 20:05 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2015-10-04 07:59 - 2012-03-27 00:12 - 000073728 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
2016-07-14 12:50 - 2016-07-14 12:50 - 000112128 _____ (Microsoft Corporation) [File not signed] C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\pc\Desktop\kreditní karta.jpeg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\pc\Desktop\kreditní karta.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Skype\Phone\
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\pc\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\startupreg: BingSvc => C:\Users\pc\AppData\Local\Microsoft\BingSvc\BingSvc.exe
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: RealProtect => "C:\Program Files\McAfee\Real Protect\RealProtect.exe" --run
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [{7EDBE83D-A91B-43BA-B2B8-D3379401E632}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{34DBB26E-4D58-487E-8071-1E89F4B9C1F4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EB42A5AF-340B-4CF0-82B1-715623576B60}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F85EB37E-3D00-405E-BB93-4166EA6F8854}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C9060CA3-F841-490F-87AE-E71C9F03E470}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{735D1E0A-0536-4F60-A673-190D55ADC47D}] => (Allow) C:\Users\pc\AppData\Local\Apowersoft\Online Video Downloader\Online Video Downloader.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{488DA788-BD68-4843-9530-0F3BE5EBFC67}] => (Allow) C:\Users\pc\AppData\Local\Apowersoft\Online Video Downloader\Online Video Downloader.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{786D6B37-BCE4-435D-A2F0-D11B623C54AE}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C1FCEAEF-77A2-4F63-BCFF-82361175C1CF}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{15B84800-6EC2-4231-A6BC-0A3C9E670F4F}] => (Allow) LPort=54950
FirewallRules: [{8CEE420C-BB4C-4682-B9CB-EA3878D9C15E}] => (Allow) LPort=54955
FirewallRules: [{B3AB3542-EB6F-4DD2-B3AC-0C93D4394C2B}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{4CA5478B-23D0-4DF1-A4E1-F815B9753C5B}G:\stažené\airdroid\airdroid.exe] => (Allow) G:\stažené\airdroid\airdroid.exe (SAND STUDIO LIMITED -> Sand Studio)
FirewallRules: [UDP Query User{216FEFF5-1DB7-46B9-B7A6-13093D18DE17}G:\stažené\airdroid\airdroid.exe] => (Allow) G:\stažené\airdroid\airdroid.exe (SAND STUDIO LIMITED -> Sand Studio)
FirewallRules: [{F37C197D-03AA-4A55-8A36-7E39B32A5270}] => (Allow) C:\Program Files (x86)\Avira\Home Guard\Avira.HomeGuard.Service.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG;)
FirewallRules: [{C9260966-C2A7-45CF-B6D1-E3183F97AA90}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{968AAA3A-30B8-4440-B52A-02FE8432EF03}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{7AE1CB45-368E-4D0A-895C-7CF2CDF5D578}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{81FFBF36-BF95-4651-8764-CD11A76A3971}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
==================== Restore Points =========================
30-01-2020 18:46:15 Avira System Speedup Optimization
06-02-2020 12:18:21 Instalace balíčku ovladače zařízení: Phantom TAP-Windows Provider V9 Síťové adaptéry
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (02/09/2020 01:37:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/09/2020 01:37:45 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Broadcast Receiver Server...
Error: (02/09/2020 01:37:45 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Wait Workflow Commands request from device.
Error: (02/09/2020 01:37:45 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...
Error: (02/09/2020 01:37:45 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...
Error: (02/09/2020 01:37:44 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[1]: 192.168.0.102
Error: (02/09/2020 01:37:44 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[0]: fe80:
7e65:9b0d:f57f%11
Error: (02/09/2020 01:37:44 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList.Length: 2
System errors:
=============
Error: (02/09/2020 01:38:44 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/09/2020 01:37:58 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\SYSTEM SID (S-1-5-18) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/09/2020 01:37:39 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Avira Home Guard bylo dosaženo časového limitu (30000 ms).
Error: (02/09/2020 01:36:26 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {3EB3C877-1F16-487C-9050-104DBCD66683} se v daném časovém limitu neregistroval u služby DCOM.
Error: (02/09/2020 01:36:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.
Error: (02/09/2020 01:36:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.
Error: (02/09/2020 01:36:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.
Error: (02/09/2020 01:36:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.
==================== Memory info ===========================
BIOS: American Megatrends Inc. F11 08/21/2012
Motherboard: Gigabyte Technology Co., Ltd. H77-D3H
Processor: Intel(R) Core(TM) i3-3240 CPU @ 3.40GHz
Percentage of memory in use: 92%
Total physical RAM: 3983.69 MB
Available physical RAM: 311.27 MB
Total Virtual: 11981.83 MB
Available Virtual: 6162.65 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:247.82 GB) (Free:188.97 GB) NTFS
Drive g: (Nový svazek) (Fixed) (Total:683.59 GB) (Free:618.63 GB) NTFS
\\?\Volume{096315ba-69f0-11e5-8e97-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: F4EC8D8C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=247.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=683.6 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-02-2020 02
Ran by pc (administrator) on PC-PC (Gigabyte Technology Co., Ltd. To be filled by O.E.M.) (09-02-2020 18:05:39)
Running from C:\Users\pc\Desktop
Loaded Profiles: pc (Available Profiles: pc)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogRx.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Flexera Software LLC -> Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\agent.exe
(Flexera Software LLC -> Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Media Player\WMPDMC.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe
(Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe
(Mixbyte Inc -> ) C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(Mixbyte Inc -> Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Professional 7\PdfPro7Hook.exe
(VIA Technologies Inc. -> VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(VIA Technologies Inc. -> VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [4689072 2013-12-26] (VIA Technologies Inc. -> VIA)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [228136 2020-01-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [331368 2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [240512 2020-01-24] (Mixbyte Inc -> )
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {3be12e9e-e065-11e8-8899-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {6f577b62-20aa-11e9-9be8-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {b58a395e-d9ec-11e8-955c-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {b58a3966-d9ec-11e8-955c-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {ba87168b-ccde-11e9-a63f-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {ce24eea9-acde-11e8-9206-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {ce24eeb1-acde-11e8-9206-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {e03ea406-772a-11e9-b928-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-21] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-17] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0091C116-423E-4E9D-91AB-520A29AD3013} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\8 => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [146584 2017-11-07] (Brother Industries, Ltd. -> Brother Industries, Ltd.)
Task: {0E80CC8C-1851-40B8-A884-364354B665BF} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\4 => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2075480 2013-06-24] (Flexera Software LLC -> Flexera Software LLC.)
Task: {1550FB16-D3BF-4755-99CD-4F245004933A} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\5 => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [17600 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
Task: {1C3CC299-4A29-436B-80D6-94C519752F25} - System32\Tasks\Avira_Security_Update => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [226512 2020-01-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {2CF68739-9EEE-4CF4-92CA-42BFB82D7EB8} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\1 => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-27] (Intel Corporation -> Intel Corporation)
Task: {2D95AAD4-65AA-41D6-811B-536AD4C188D1} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\10 => C:\Windows\twain_32\Brimm17a\Common\TwDsUiLaunch.exe [86120 2018-11-14] (Microsoft Windows Hardware Compatibility Publisher -> )
Task: {31B19C4B-A9B3-46E4-B9F1-E4E9ED302EA7} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {38D9F871-2514-49AF-AE3E-DB4903A7F775} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\2 => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe
Task: {41D59C8D-DE44-41CB-98C3-7DE63726C449} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [331368 2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {4C9B1B25-2B48-4118-A740-2EE7FE836255} - System32\Tasks\EOSv3 Scheduler onTime => G:\Stažené 1\esetonlinescanner_csy.exe [8150840 2020-02-01] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {4F1E12C2-0FA5-491E-B743-5645CE8B346A} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2757672 2019-11-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {6C9BA513-4C14-4A1E-83D4-8F796017C7F1} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\7 => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [35648 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
Task: {813A7E4E-EFEB-48CD-952C-FD9DB88A6F09} - System32\Tasks\{39B5C276-1A9D-43B4-8C12-7172F9BB81B3} => C:\Windows\system32\pcalua.exe -a G:\Stažené\AirDroid\AirDroid.exe -d G:\Stažené\AirDroid
Task: {887A7CBA-37F7-4917-94E4-C4A1300F7DBC} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\6 => C:\Program Files (x86)\Nuance\PDF Professional 7\pdfpro7hook.exe [641864 2013-03-20] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
Task: {8890F42E-6F77-4566-8348-F487A126D1ED} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {9E0B7398-9FD4-4C16-9AAC-A0B0D319E75A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
Task: {B1B57EEC-9392-4DB5-A0EB-FF81F005A4F9} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\9 => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2976256 2018-01-19] (Brother Industries, Ltd.) [File not signed]
Task: {B6E80232-9734-447D-92AE-FD54FB893340} - System32\Tasks\EOSv3 Scheduler onLogOn => G:\Stažené 1\esetonlinescanner_csy.exe [8150840 2020-02-01] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {B9F45050-51C0-49F6-87F2-9134096B88CC} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_314_Plugin.exe [1457720 2020-01-14] (Adobe Inc. -> Adobe)
Task: {C155E00F-8A00-4E14-9291-0A2D32EC8C34} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\3 => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [3581952 2017-04-05] (Brother Industries, Ltd.) [File not signed]
Task: {C85FE6EB-C49D-4E66-87F1-A538531F6FA5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DD874520-290E-4969-9CCC-00F12511DF8D} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [27848432 2020-01-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG )
Task: {E0258D2F-8B8E-46AD-BA65-EDA1ADAE1466} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-09-12] (Google Inc -> Google Inc.)
Task: {ED00AC10-3D0C-457C-80B9-C4CBA73C47EE} - System32\Tasks\{3E3ECA1A-4F65-48F5-B46C-FF824D3A4D51} => C:\Windows\system32\pcalua.exe -a C:\Users\pc\AppData\Local\Temp\Temp1_marioforever.zip\MarioForever.exe <==== ATTENTION
Task: {F610E5AF-9CEA-47AF-BA55-27821F23A93A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-09-12] (Google Inc -> Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8AD0EA77-6D2E-4116-BECC-986037DC3EC5}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\PlusIEContextMenu.dll [2011-06-30] (Zeon Corporation -> Zeon Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-08] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-08] (Oracle America, Inc. -> Oracle Corporation)
FireFox:
========
FF DefaultProfile: 957wrn3t.default-1444066114328
FF ProfilePath: C:\Users\pc\AppData\Roaming\TomTom\HOME\Profiles\96r80l69.default [2019-03-06]
FF ProfilePath: C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\957wrn3t.default-1444066114328 [2020-02-09]
FF DownloadDir: G:\Stažené 1
FF Homepage: Mozilla\Firefox\Profiles\957wrn3t.default-1444066114328 -> hxxps://www.seznam.cz/
FF Notifications: Mozilla\Firefox\Profiles\957wrn3t.default-1444066114328 -> hxxps://www.kupi.cz
FF Extension: (Plná Peněženka Lištička) - C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\957wrn3t.default-1444066114328\Extensions\@plnapenezenkacz-firefox-extension.xpi [2018-03-09]
FF Extension: (Seznam pro Firefox - Email) - C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\957wrn3t.default-1444066114328\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2017-10-25]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_314.dll [2020-01-14] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=3.0.8 -> G:\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_314.dll [2020-01-14] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Professional 7\bin\nppdf.dll [2011-07-15] (Zeon Corporation -> Zeon Corporation)
Chrome:
=======
CHR Profile: C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default [2020-02-09]
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Extension: (Prezentace) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-09-12]
CHR Extension: (Dokumenty) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-09-12]
CHR Extension: (YouTube) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-09-12]
CHR Extension: (Tabulky) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-09-12]
CHR Extension: (Avira Browser Safety) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2019-09-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-09-12]
CHR Extension: (Skype) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2019-09-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-09-12]
CHR Extension: (Gmail) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-09-12]
CHR Extension: (Chrome Media Router) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-12]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1210168 2019-12-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [484768 2019-11-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [484768 2019-11-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [574848 2020-01-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 Avira.HomeGuard; C:\Program Files (x86)\Avira\Home Guard\Avira.HomeGuard.Service.exe [32064 2019-04-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG;)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [617520 2020-01-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2989888 2020-01-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [380680 2020-01-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [240408 2020-01-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [150648 2019-12-23] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-01-18] (Brother Industries, Ltd.) [File not signed]
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [81280 2020-01-24] (Mixbyte Inc -> Freemake)
S3 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-10-22] (Huawei Technologies Co., Ltd. -> ) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation - pGFX -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
S3 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [77336 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [12288 2019-05-17] (Microsoft) [File not signed]
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2012-12-11] (VIA Technologies Inc. -> VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
R2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe [20480 2019-05-17] (Microsoft) [File not signed]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [68152 2019-06-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [222888 2019-12-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [175808 2019-09-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36072 2019-03-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2017-03-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R3 EtronHub3; C:\Windows\System32\Drivers\EtronHub3.sys [65408 2013-08-05] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
R3 EtronXHCI; C:\Windows\System32\Drivers\EtronXHCI.sys [94208 2013-08-05] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [18944 2018-10-22] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-10-22] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2013-07-18] (Qualcomm Atheros -> Qualcomm Atheros Co., Ltd.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2018-12-19] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 phantomtap; C:\Windows\System32\DRIVERS\phantomtap.sys [35664 2020-01-08] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [690864 2013-12-16] (VIA Technologies Inc. -> VIA Technologies, Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-02-09 18:05 - 2020-02-09 18:06 - 000025918 _____ C:\Users\pc\Desktop\FRST.txt
2020-02-09 14:08 - 2020-02-09 18:06 - 000000000 ____D C:\FRST
2020-02-09 14:02 - 2020-02-09 14:02 - 002279424 _____ (Farbar) C:\Users\pc\Desktop\FRST64.exe
2020-02-09 13:35 - 2020-02-09 13:36 - 000171244 _____ C:\Windows\ntbtlog.txt
2020-02-09 09:55 - 2020-02-09 09:55 - 000000000 ____D C:\Users\pc\AppData\Local\FreemakeVideoConverter
2020-02-09 09:54 - 2020-02-09 09:55 - 000000000 ____D C:\Program Files (x86)\Freemake
2020-02-09 06:56 - 2020-02-09 06:56 - 000004706 _____ C:\Users\pc\Documents\cc_20200209_065611.reg
2020-02-01 23:06 - 2020-02-01 23:06 - 000000981 _____ C:\Users\pc\Desktop\adwcleaner_8.0.2 – zástupce.lnk
2020-02-01 21:55 - 2020-02-01 21:56 - 000000613 _____ C:\Users\pc\Desktop\ESET Online Scanner.lnk
2020-02-01 21:47 - 2020-02-01 21:49 - 000000000 ____D C:\AdwCleaner
2020-02-01 10:08 - 2020-02-01 10:08 - 000003680 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onLogOn
2020-02-01 10:08 - 2020-02-01 10:08 - 000003240 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onTime
2020-02-01 09:58 - 2020-02-01 09:58 - 000001026 _____ C:\Users\pc\Desktop\esetonlinescanner_csy – zástupce.lnk
2020-02-01 09:57 - 2020-02-01 09:57 - 000000000 ____D C:\Users\pc\AppData\Local\ESET
2020-01-30 18:38 - 2020-01-30 18:38 - 000000206 _____ C:\Users\pc\Documents\cc_20200130_183843.reg
2020-01-29 17:56 - 2020-01-29 17:56 - 000000000 ____D C:\Windows\system32\Tasks\Avira
2020-01-28 20:01 - 2020-01-28 20:01 - 000000000 ____D C:\Users\Public\Security Sessions
2020-01-28 19:51 - 2020-01-28 19:51 - 000003454 _____ C:\Windows\system32\Tasks\Avira_Security_Update
2020-01-28 19:50 - 2020-02-09 13:37 - 000000000 ____D C:\Users\Public\Speedup Sessions
2020-01-28 19:49 - 2020-01-31 18:08 - 000003662 _____ C:\Windows\system32\Tasks\AviraSystemSpeedupUpdate
2020-01-28 19:39 - 2020-01-28 19:39 - 000001116 _____ C:\Users\Public\Desktop\Avira.lnk
2020-01-28 19:39 - 2020-01-28 19:39 - 000001116 _____ C:\ProgramData\Desktop\Avira.lnk
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-02-09 13:42 - 2009-07-14 05:45 - 000021504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-02-09 13:42 - 2009-07-14 05:45 - 000021504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-02-09 13:38 - 2016-11-20 09:50 - 000000000 ____D C:\Users\pc\AppData\LocalLow\Mozilla
2020-02-09 13:37 - 2016-01-24 11:37 - 000000000 __SHD C:\Users\pc\IntelGraphicsProfiles
2020-02-09 13:37 - 2015-10-05 19:11 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-02-09 13:36 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-02-09 09:55 - 2016-04-22 20:17 - 000001324 _____ C:\Users\Public\Desktop\Freemake Video Converter.lnk
2020-02-09 09:55 - 2016-04-22 20:17 - 000001324 _____ C:\ProgramData\Desktop\Freemake Video Converter.lnk
2020-02-09 09:55 - 2016-04-22 20:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2020-02-09 09:55 - 2016-04-22 20:17 - 000000000 ____D C:\ProgramData\Freemake
2020-02-09 06:57 - 2019-09-12 14:42 - 000002798 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-02-09 06:57 - 2019-09-12 14:41 - 000003390 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-02-09 06:57 - 2019-09-12 14:41 - 000003262 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-02-09 06:57 - 2019-02-24 14:00 - 000004518 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-02-09 06:57 - 2015-11-27 19:40 - 000003122 _____ C:\Windows\system32\Tasks\{3E3ECA1A-4F65-48F5-B46C-FF824D3A4D51}
2020-02-09 06:56 - 2015-10-05 18:29 - 000004478 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-02-08 11:38 - 2019-11-11 19:55 - 000000000 ____D C:\Users\pc\AppData\Roaming\vlc
2020-02-06 12:20 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2020-02-06 12:18 - 2015-10-04 16:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2020-02-05 01:48 - 2009-07-14 05:45 - 000027648 _____ C:\Windows\system32\umstartup.etl
2020-01-30 18:37 - 2015-12-23 17:26 - 000000000 ____D C:\Windows\Minidump
2020-01-30 17:34 - 2019-12-27 10:41 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-01-30 17:34 - 2015-10-04 16:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-01-29 17:55 - 2009-07-14 05:45 - 000413224 _____ C:\Windows\system32\FNTCACHE.DAT
2020-01-28 20:01 - 2016-03-20 12:24 - 000000000 ____D C:\Users\pc\AppData\Local\Avira
2020-01-28 19:51 - 2015-10-04 16:39 - 000000000 ____D C:\ProgramData\Avira
2020-01-28 19:51 - 2015-10-04 16:39 - 000000000 ____D C:\Program Files (x86)\Avira
2020-01-28 19:39 - 2015-10-04 16:39 - 000000000 ____D C:\ProgramData\Package Cache
2020-01-28 19:39 - 2015-10-04 07:24 - 000110088 _____ C:\Users\pc\AppData\Local\GDIPFONTCACHEV1.DAT
2020-01-17 09:39 - 2019-09-12 14:41 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-17 09:39 - 2019-09-12 14:41 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-01-17 09:39 - 2019-09-12 14:41 - 000002183 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-01-14 20:28 - 2015-10-05 19:11 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-01-14 20:28 - 2015-10-05 19:11 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-01-14 20:28 - 2015-10-05 19:11 - 000000000 ____D C:\Windows\system32\Macromed
2020-01-14 20:28 - 2015-10-05 18:25 - 000000000 ____D C:\Users\pc\AppData\Local\Adobe
==================== Files in the root of some directories ========
2017-12-25 13:48 - 2018-06-27 09:22 - 000000136 _____ () C:\Users\pc\AppData\Roaming\downloads.json
2016-01-05 17:12 - 2016-04-22 10:00 - 000004608 _____ () C:\Users\pc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-05-14 17:01 - 2018-12-01 16:50 - 000007605 _____ () C:\Users\pc\AppData\Local\resmon.resmoncfg
2016-08-05 20:15 - 2016-08-05 20:15 - 000032038 _____ () C:\Users\pc\AppData\Local\SquareClock.Production_Home_Siko_WebIcon.ico
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2020-02-07 08:13
==================== End of FRST.txt ========================
Ran by pc (09-02-2020 18:06:52)
Running from C:\Users\pc\Desktop
Windows 7 Professional Service Pack 1 (X64) (2015-10-03 17:11:34)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3134211295-3072908730-4118665192-500 - Administrator - Disabled)
Guest (S-1-5-21-3134211295-3072908730-4118665192-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3134211295-3072908730-4118665192-1002 - Limited - Enabled)
pc (S-1-5-21-3134211295-3072908730-4118665192-1000 - Administrator - Enabled) => C:\Users\pc
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {8EAC8D5C-B3AA-95AA-3DF1-2845CDD09CBE}
AS: Avira Antivirus (Enabled - Up to date) {35CD6CB8-9590-9A24-0741-1337B657D603}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (HKLM\...\{55D55008-E5F6-47D6-B16F-B2A40D4D145F}) (Version: 6.2.1 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.314 - Adobe)
AirDroid 3.2.1.1 (HKLM-x32\...\AirDroid) (Version: 3.2.1.1 - Sand Studio)
Avira (HKLM-x32\...\{59bab6b1-f615-42c3-9614-8dc338ac8ed4}) (Version: 1.2.143.109 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{82B6E5B0-3F76-446B-9FDE-0200B5B36B37}) (Version: 1.2.143.109 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2001.1707 - Avira Operations GmbH & Co. KG)
Avira Home Guard (HKLM-x32\...\{B44A6ACF-D50A-4CAC-9A8E-246402BDC101}) (Version: 1.1.10.773 - Avira Operations GmbH & Co. KG)
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.31.4.26498 - Avira Operations GmbH & Co. KG)
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.0.22.7684 - Avira Operations GmbH & Co. KG)
Avira Software Updater (HKLM-x32\...\{3BEE2703-942D-401D-93E1-7950CCF54769}) (Version: 2.0.6.25416 - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.4.1.10871 - Avira Operations GmbH & Co. KG)
BrLauncher (HKLM-x32\...\{42D26B47-887C-45FC-BCAE-0BE485C5C0BB}) (Version: 2.0.11.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{190861E7-09C5-42D8-BB4B-0AFB234BCFC1}) (Version: 1.0.3.1 - Brother Industries Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{613ce488-8460-4831-ad3a-dd0b4c39fdaf}) (Version: 4.3.2.0 - Brother Industries, Ltd.)
Brother iPrint&Scan (HKLM-x32\...\{A7B27ABE-950F-48B4-B74F-F3F87C9E9BCD}) (Version: 4.3.2.0 - Brother Industries, Ltd.) Hidden
Brother Port Driver (HKLM-x32\...\{0F6B8799-05C1-44C3-B6BE-CAC670D40E4A}) (Version: 1.0.4.4 - Brother Industries Ltd.) Hidden
Brother Printer Driver (HKLM-x32\...\{113D31E0-0791-4654-9000-5F77221E99F7}) (Version: 1.4.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{F921362C-796E-4BC7-9385-86CED819E73D}) (Version: 1.0.22.1 - Brother Industries Ltd.) Hidden
BrSupportTools (HKLM-x32\...\{32F47565-84B1-42CC-B09A-4CDDD9A32F94}) (Version: 1.0.20.0 - Brother Industries Ltd.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
ControlCenter4 (HKLM-x32\...\{9091B952-8719-49C3-9CC7-6E20EC61081F}) (Version: 4.6.6.1 - Brother Industries, Ltd.) Hidden
ControlCenter4 CSDK (HKLM-x32\...\{FD8A9511-BFC9-43B5-BB75-9CEC0EA03CF0}) (Version: 4.6.1.1 - Brother Industries, Ltd.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Etron USB3.0 Host Controller (HKLM-x32\...\{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.118 - Etron Technology) Hidden
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.118 - Etron Technology)
Freemake Video Converter verze 4.1.10 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.10 - Mixbyte Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 9.1.0.300 - )
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.225 - Intel Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.6.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01590 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Mozilla Firefox 72.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 72.0.2 (x64 cs)) (Version: 72.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.2 - Mozilla)
NetworkRepairTool (HKLM-x32\...\{86E68F57-FAFE-4052-BDD4-3B90C38236AE}) (Version: 1.2.16.0 - Brother Industries, Ltd.) Hidden
Nuance PaperPort 14 (HKLM-x32\...\{24510774-4424-46C2-8FB7-5DE0C945ED2B}) (Version: 14.5.0006 - Nuance Communications, Inc.)
Nuance PDF Viewer SE (HKLM-x32\...\{D8151965-282B-4EB6-A3F1-68AB555D8423}) (Version: 7.20.3230 - Nuance Communications, Inc.)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0002 - Nuance Communications, Inc.)
Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.) Hidden
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
ScannerUtilityInstaller (HKLM-x32\...\{5B645FE2-19E9-4B15-B5B2-3D8766F6FA27}) (Version: 1.0.0.0 - Brother) Hidden
Scansoft PDF Professional (HKLM-x32\...\{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}) (Version: - ) Hidden
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype verze 8.44 (HKLM-x32\...\Skype_is1) (Version: 8.44 - Skype Technologies S.A.)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
SoftwareUpdateNotification (HKLM-x32\...\{34F12379-C924-41E6-921D-51C71217F58C}) (Version: 1.0.9.0 - Brother Industries, Ltd.) Hidden
StatusMonitor (HKLM-x32\...\{40578A7A-6E36-457F-A4F0-45BC37EB61FD}) (Version: 1.20.1.0 - Brother Insutries Ltd.) Hidden
UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden
VIA Platforma Ovladače zařízení (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WinPcap for Avira 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Domotz, Inc)
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3134211295-3072908730-4118665192-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-26] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> No File
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-11-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> No File
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2015-08-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-11-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
==================== Loaded Modules (Whitelisted) =============
2016-11-25 09:18 - 2016-11-25 09:18 - 000139264 _____ () [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2017-03-22 16:21 - 2018-01-18 14:39 - 000519168 _____ () [File not signed] C:\Program Files (x86)\Browny02\BrMonitor.dll
2016-10-04 13:25 - 2018-01-18 14:39 - 001720832 _____ () [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonWRes.dll
2019-08-17 10:09 - 2005-04-22 12:36 - 000143360 _____ () [File not signed] C:\Windows\system32\BrSNMP64.dll
2012-12-05 11:29 - 2012-12-05 11:29 - 004883456 _____ (BCGSoft Ltd) [File not signed] C:\Program Files (x86)\Nuance\PaperPort\BCGCBPRO1100u100.dll
2012-12-05 11:29 - 2012-12-05 11:29 - 000036864 _____ (Black Ice Software, Inc.) [File not signed] C:\Program Files (x86)\Nuance\PaperPort\blicectr.dll
2019-08-17 10:09 - 2016-11-01 10:27 - 000090112 _____ (Brother Industries, Ltd.) [File not signed] C:\Windows\system32\BrNetSti.dll
2008-12-03 20:05 - 2008-12-03 20:05 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2008-12-03 20:05 - 2008-12-03 20:05 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2015-10-04 07:59 - 2012-03-27 00:12 - 000073728 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
2016-07-14 12:50 - 2016-07-14 12:50 - 000112128 _____ (Microsoft Corporation) [File not signed] C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\pc\Desktop\kreditní karta.jpeg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\pc\Desktop\kreditní karta.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Skype\Phone\
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\pc\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\startupreg: BingSvc => C:\Users\pc\AppData\Local\Microsoft\BingSvc\BingSvc.exe
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: RealProtect => "C:\Program Files\McAfee\Real Protect\RealProtect.exe" --run
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [{7EDBE83D-A91B-43BA-B2B8-D3379401E632}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{34DBB26E-4D58-487E-8071-1E89F4B9C1F4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EB42A5AF-340B-4CF0-82B1-715623576B60}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F85EB37E-3D00-405E-BB93-4166EA6F8854}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C9060CA3-F841-490F-87AE-E71C9F03E470}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{735D1E0A-0536-4F60-A673-190D55ADC47D}] => (Allow) C:\Users\pc\AppData\Local\Apowersoft\Online Video Downloader\Online Video Downloader.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{488DA788-BD68-4843-9530-0F3BE5EBFC67}] => (Allow) C:\Users\pc\AppData\Local\Apowersoft\Online Video Downloader\Online Video Downloader.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{786D6B37-BCE4-435D-A2F0-D11B623C54AE}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C1FCEAEF-77A2-4F63-BCFF-82361175C1CF}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{15B84800-6EC2-4231-A6BC-0A3C9E670F4F}] => (Allow) LPort=54950
FirewallRules: [{8CEE420C-BB4C-4682-B9CB-EA3878D9C15E}] => (Allow) LPort=54955
FirewallRules: [{B3AB3542-EB6F-4DD2-B3AC-0C93D4394C2B}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{4CA5478B-23D0-4DF1-A4E1-F815B9753C5B}G:\stažené\airdroid\airdroid.exe] => (Allow) G:\stažené\airdroid\airdroid.exe (SAND STUDIO LIMITED -> Sand Studio)
FirewallRules: [UDP Query User{216FEFF5-1DB7-46B9-B7A6-13093D18DE17}G:\stažené\airdroid\airdroid.exe] => (Allow) G:\stažené\airdroid\airdroid.exe (SAND STUDIO LIMITED -> Sand Studio)
FirewallRules: [{F37C197D-03AA-4A55-8A36-7E39B32A5270}] => (Allow) C:\Program Files (x86)\Avira\Home Guard\Avira.HomeGuard.Service.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG;)
FirewallRules: [{C9260966-C2A7-45CF-B6D1-E3183F97AA90}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{968AAA3A-30B8-4440-B52A-02FE8432EF03}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{7AE1CB45-368E-4D0A-895C-7CF2CDF5D578}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{81FFBF36-BF95-4651-8764-CD11A76A3971}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
==================== Restore Points =========================
30-01-2020 18:46:15 Avira System Speedup Optimization
06-02-2020 12:18:21 Instalace balíčku ovladače zařízení: Phantom TAP-Windows Provider V9 Síťové adaptéry
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (02/09/2020 01:37:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/09/2020 01:37:45 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Broadcast Receiver Server...
Error: (02/09/2020 01:37:45 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Wait Workflow Commands request from device.
Error: (02/09/2020 01:37:45 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...
Error: (02/09/2020 01:37:45 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...
Error: (02/09/2020 01:37:44 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[1]: 192.168.0.102
Error: (02/09/2020 01:37:44 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[0]: fe80:
7e65:9b0d:f57f%11Error: (02/09/2020 01:37:44 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList.Length: 2
System errors:
=============
Error: (02/09/2020 01:38:44 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/09/2020 01:37:58 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\SYSTEM SID (S-1-5-18) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/09/2020 01:37:39 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Avira Home Guard bylo dosaženo časového limitu (30000 ms).
Error: (02/09/2020 01:36:26 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {3EB3C877-1F16-487C-9050-104DBCD66683} se v daném časovém limitu neregistroval u služby DCOM.
Error: (02/09/2020 01:36:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.
Error: (02/09/2020 01:36:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.
Error: (02/09/2020 01:36:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.
Error: (02/09/2020 01:36:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.
==================== Memory info ===========================
BIOS: American Megatrends Inc. F11 08/21/2012
Motherboard: Gigabyte Technology Co., Ltd. H77-D3H
Processor: Intel(R) Core(TM) i3-3240 CPU @ 3.40GHz
Percentage of memory in use: 92%
Total physical RAM: 3983.69 MB
Available physical RAM: 311.27 MB
Total Virtual: 11981.83 MB
Available Virtual: 6162.65 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:247.82 GB) (Free:188.97 GB) NTFS
Drive g: (Nový svazek) (Fixed) (Total:683.59 GB) (Free:618.63 GB) NTFS
\\?\Volume{096315ba-69f0-11e5-8e97-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: F4EC8D8C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=247.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=683.6 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-02-2020 02
Ran by pc (administrator) on PC-PC (Gigabyte Technology Co., Ltd. To be filled by O.E.M.) (09-02-2020 18:05:39)
Running from C:\Users\pc\Desktop
Loaded Profiles: pc (Available Profiles: pc)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogRx.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Flexera Software LLC -> Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\agent.exe
(Flexera Software LLC -> Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Media Player\WMPDMC.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe
(Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe
(Mixbyte Inc -> ) C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(Mixbyte Inc -> Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Professional 7\PdfPro7Hook.exe
(VIA Technologies Inc. -> VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(VIA Technologies Inc. -> VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [4689072 2013-12-26] (VIA Technologies Inc. -> VIA)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [228136 2020-01-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [331368 2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [240512 2020-01-24] (Mixbyte Inc -> )
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {3be12e9e-e065-11e8-8899-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {6f577b62-20aa-11e9-9be8-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {b58a395e-d9ec-11e8-955c-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {b58a3966-d9ec-11e8-955c-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {ba87168b-ccde-11e9-a63f-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {ce24eea9-acde-11e8-9206-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {ce24eeb1-acde-11e8-9206-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {e03ea406-772a-11e9-b928-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-21] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-17] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0091C116-423E-4E9D-91AB-520A29AD3013} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\8 => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [146584 2017-11-07] (Brother Industries, Ltd. -> Brother Industries, Ltd.)
Task: {0E80CC8C-1851-40B8-A884-364354B665BF} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\4 => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2075480 2013-06-24] (Flexera Software LLC -> Flexera Software LLC.)
Task: {1550FB16-D3BF-4755-99CD-4F245004933A} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\5 => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [17600 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
Task: {1C3CC299-4A29-436B-80D6-94C519752F25} - System32\Tasks\Avira_Security_Update => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [226512 2020-01-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {2CF68739-9EEE-4CF4-92CA-42BFB82D7EB8} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\1 => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-27] (Intel Corporation -> Intel Corporation)
Task: {2D95AAD4-65AA-41D6-811B-536AD4C188D1} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\10 => C:\Windows\twain_32\Brimm17a\Common\TwDsUiLaunch.exe [86120 2018-11-14] (Microsoft Windows Hardware Compatibility Publisher -> )
Task: {31B19C4B-A9B3-46E4-B9F1-E4E9ED302EA7} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {38D9F871-2514-49AF-AE3E-DB4903A7F775} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\2 => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe
Task: {41D59C8D-DE44-41CB-98C3-7DE63726C449} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [331368 2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {4C9B1B25-2B48-4118-A740-2EE7FE836255} - System32\Tasks\EOSv3 Scheduler onTime => G:\Stažené 1\esetonlinescanner_csy.exe [8150840 2020-02-01] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {4F1E12C2-0FA5-491E-B743-5645CE8B346A} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2757672 2019-11-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {6C9BA513-4C14-4A1E-83D4-8F796017C7F1} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\7 => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [35648 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
Task: {813A7E4E-EFEB-48CD-952C-FD9DB88A6F09} - System32\Tasks\{39B5C276-1A9D-43B4-8C12-7172F9BB81B3} => C:\Windows\system32\pcalua.exe -a G:\Stažené\AirDroid\AirDroid.exe -d G:\Stažené\AirDroid
Task: {887A7CBA-37F7-4917-94E4-C4A1300F7DBC} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\6 => C:\Program Files (x86)\Nuance\PDF Professional 7\pdfpro7hook.exe [641864 2013-03-20] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
Task: {8890F42E-6F77-4566-8348-F487A126D1ED} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {9E0B7398-9FD4-4C16-9AAC-A0B0D319E75A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
Task: {B1B57EEC-9392-4DB5-A0EB-FF81F005A4F9} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\9 => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2976256 2018-01-19] (Brother Industries, Ltd.) [File not signed]
Task: {B6E80232-9734-447D-92AE-FD54FB893340} - System32\Tasks\EOSv3 Scheduler onLogOn => G:\Stažené 1\esetonlinescanner_csy.exe [8150840 2020-02-01] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {B9F45050-51C0-49F6-87F2-9134096B88CC} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_314_Plugin.exe [1457720 2020-01-14] (Adobe Inc. -> Adobe)
Task: {C155E00F-8A00-4E14-9291-0A2D32EC8C34} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\3 => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [3581952 2017-04-05] (Brother Industries, Ltd.) [File not signed]
Task: {C85FE6EB-C49D-4E66-87F1-A538531F6FA5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DD874520-290E-4969-9CCC-00F12511DF8D} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [27848432 2020-01-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG )
Task: {E0258D2F-8B8E-46AD-BA65-EDA1ADAE1466} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-09-12] (Google Inc -> Google Inc.)
Task: {ED00AC10-3D0C-457C-80B9-C4CBA73C47EE} - System32\Tasks\{3E3ECA1A-4F65-48F5-B46C-FF824D3A4D51} => C:\Windows\system32\pcalua.exe -a C:\Users\pc\AppData\Local\Temp\Temp1_marioforever.zip\MarioForever.exe <==== ATTENTION
Task: {F610E5AF-9CEA-47AF-BA55-27821F23A93A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-09-12] (Google Inc -> Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8AD0EA77-6D2E-4116-BECC-986037DC3EC5}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\PlusIEContextMenu.dll [2011-06-30] (Zeon Corporation -> Zeon Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-08] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-08] (Oracle America, Inc. -> Oracle Corporation)
FireFox:
========
FF DefaultProfile: 957wrn3t.default-1444066114328
FF ProfilePath: C:\Users\pc\AppData\Roaming\TomTom\HOME\Profiles\96r80l69.default [2019-03-06]
FF ProfilePath: C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\957wrn3t.default-1444066114328 [2020-02-09]
FF DownloadDir: G:\Stažené 1
FF Homepage: Mozilla\Firefox\Profiles\957wrn3t.default-1444066114328 -> hxxps://www.seznam.cz/
FF Notifications: Mozilla\Firefox\Profiles\957wrn3t.default-1444066114328 -> hxxps://www.kupi.cz
FF Extension: (Plná Peněženka Lištička) - C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\957wrn3t.default-1444066114328\Extensions\@plnapenezenkacz-firefox-extension.xpi [2018-03-09]
FF Extension: (Seznam pro Firefox - Email) - C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\957wrn3t.default-1444066114328\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2017-10-25]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_314.dll [2020-01-14] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=3.0.8 -> G:\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_314.dll [2020-01-14] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Professional 7\bin\nppdf.dll [2011-07-15] (Zeon Corporation -> Zeon Corporation)
Chrome:
=======
CHR Profile: C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default [2020-02-09]
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Extension: (Prezentace) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-09-12]
CHR Extension: (Dokumenty) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-09-12]
CHR Extension: (YouTube) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-09-12]
CHR Extension: (Tabulky) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-09-12]
CHR Extension: (Avira Browser Safety) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2019-09-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-09-12]
CHR Extension: (Skype) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2019-09-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-09-12]
CHR Extension: (Gmail) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-09-12]
CHR Extension: (Chrome Media Router) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-12]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1210168 2019-12-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [484768 2019-11-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [484768 2019-11-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [574848 2020-01-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 Avira.HomeGuard; C:\Program Files (x86)\Avira\Home Guard\Avira.HomeGuard.Service.exe [32064 2019-04-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG;)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [617520 2020-01-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2989888 2020-01-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [380680 2020-01-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [240408 2020-01-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [150648 2019-12-23] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-01-18] (Brother Industries, Ltd.) [File not signed]
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [81280 2020-01-24] (Mixbyte Inc -> Freemake)
S3 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-10-22] (Huawei Technologies Co., Ltd. -> ) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation - pGFX -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
S3 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [77336 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [12288 2019-05-17] (Microsoft) [File not signed]
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2012-12-11] (VIA Technologies Inc. -> VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
R2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe [20480 2019-05-17] (Microsoft) [File not signed]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [68152 2019-06-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [222888 2019-12-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [175808 2019-09-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36072 2019-03-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2017-03-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R3 EtronHub3; C:\Windows\System32\Drivers\EtronHub3.sys [65408 2013-08-05] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
R3 EtronXHCI; C:\Windows\System32\Drivers\EtronXHCI.sys [94208 2013-08-05] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [18944 2018-10-22] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-10-22] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2013-07-18] (Qualcomm Atheros -> Qualcomm Atheros Co., Ltd.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2018-12-19] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 phantomtap; C:\Windows\System32\DRIVERS\phantomtap.sys [35664 2020-01-08] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [690864 2013-12-16] (VIA Technologies Inc. -> VIA Technologies, Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-02-09 18:05 - 2020-02-09 18:06 - 000025918 _____ C:\Users\pc\Desktop\FRST.txt
2020-02-09 14:08 - 2020-02-09 18:06 - 000000000 ____D C:\FRST
2020-02-09 14:02 - 2020-02-09 14:02 - 002279424 _____ (Farbar) C:\Users\pc\Desktop\FRST64.exe
2020-02-09 13:35 - 2020-02-09 13:36 - 000171244 _____ C:\Windows\ntbtlog.txt
2020-02-09 09:55 - 2020-02-09 09:55 - 000000000 ____D C:\Users\pc\AppData\Local\FreemakeVideoConverter
2020-02-09 09:54 - 2020-02-09 09:55 - 000000000 ____D C:\Program Files (x86)\Freemake
2020-02-09 06:56 - 2020-02-09 06:56 - 000004706 _____ C:\Users\pc\Documents\cc_20200209_065611.reg
2020-02-01 23:06 - 2020-02-01 23:06 - 000000981 _____ C:\Users\pc\Desktop\adwcleaner_8.0.2 – zástupce.lnk
2020-02-01 21:55 - 2020-02-01 21:56 - 000000613 _____ C:\Users\pc\Desktop\ESET Online Scanner.lnk
2020-02-01 21:47 - 2020-02-01 21:49 - 000000000 ____D C:\AdwCleaner
2020-02-01 10:08 - 2020-02-01 10:08 - 000003680 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onLogOn
2020-02-01 10:08 - 2020-02-01 10:08 - 000003240 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onTime
2020-02-01 09:58 - 2020-02-01 09:58 - 000001026 _____ C:\Users\pc\Desktop\esetonlinescanner_csy – zástupce.lnk
2020-02-01 09:57 - 2020-02-01 09:57 - 000000000 ____D C:\Users\pc\AppData\Local\ESET
2020-01-30 18:38 - 2020-01-30 18:38 - 000000206 _____ C:\Users\pc\Documents\cc_20200130_183843.reg
2020-01-29 17:56 - 2020-01-29 17:56 - 000000000 ____D C:\Windows\system32\Tasks\Avira
2020-01-28 20:01 - 2020-01-28 20:01 - 000000000 ____D C:\Users\Public\Security Sessions
2020-01-28 19:51 - 2020-01-28 19:51 - 000003454 _____ C:\Windows\system32\Tasks\Avira_Security_Update
2020-01-28 19:50 - 2020-02-09 13:37 - 000000000 ____D C:\Users\Public\Speedup Sessions
2020-01-28 19:49 - 2020-01-31 18:08 - 000003662 _____ C:\Windows\system32\Tasks\AviraSystemSpeedupUpdate
2020-01-28 19:39 - 2020-01-28 19:39 - 000001116 _____ C:\Users\Public\Desktop\Avira.lnk
2020-01-28 19:39 - 2020-01-28 19:39 - 000001116 _____ C:\ProgramData\Desktop\Avira.lnk
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-02-09 13:42 - 2009-07-14 05:45 - 000021504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-02-09 13:42 - 2009-07-14 05:45 - 000021504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-02-09 13:38 - 2016-11-20 09:50 - 000000000 ____D C:\Users\pc\AppData\LocalLow\Mozilla
2020-02-09 13:37 - 2016-01-24 11:37 - 000000000 __SHD C:\Users\pc\IntelGraphicsProfiles
2020-02-09 13:37 - 2015-10-05 19:11 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-02-09 13:36 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-02-09 09:55 - 2016-04-22 20:17 - 000001324 _____ C:\Users\Public\Desktop\Freemake Video Converter.lnk
2020-02-09 09:55 - 2016-04-22 20:17 - 000001324 _____ C:\ProgramData\Desktop\Freemake Video Converter.lnk
2020-02-09 09:55 - 2016-04-22 20:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2020-02-09 09:55 - 2016-04-22 20:17 - 000000000 ____D C:\ProgramData\Freemake
2020-02-09 06:57 - 2019-09-12 14:42 - 000002798 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-02-09 06:57 - 2019-09-12 14:41 - 000003390 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-02-09 06:57 - 2019-09-12 14:41 - 000003262 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-02-09 06:57 - 2019-02-24 14:00 - 000004518 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-02-09 06:57 - 2015-11-27 19:40 - 000003122 _____ C:\Windows\system32\Tasks\{3E3ECA1A-4F65-48F5-B46C-FF824D3A4D51}
2020-02-09 06:56 - 2015-10-05 18:29 - 000004478 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-02-08 11:38 - 2019-11-11 19:55 - 000000000 ____D C:\Users\pc\AppData\Roaming\vlc
2020-02-06 12:20 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2020-02-06 12:18 - 2015-10-04 16:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2020-02-05 01:48 - 2009-07-14 05:45 - 000027648 _____ C:\Windows\system32\umstartup.etl
2020-01-30 18:37 - 2015-12-23 17:26 - 000000000 ____D C:\Windows\Minidump
2020-01-30 17:34 - 2019-12-27 10:41 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-01-30 17:34 - 2015-10-04 16:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-01-29 17:55 - 2009-07-14 05:45 - 000413224 _____ C:\Windows\system32\FNTCACHE.DAT
2020-01-28 20:01 - 2016-03-20 12:24 - 000000000 ____D C:\Users\pc\AppData\Local\Avira
2020-01-28 19:51 - 2015-10-04 16:39 - 000000000 ____D C:\ProgramData\Avira
2020-01-28 19:51 - 2015-10-04 16:39 - 000000000 ____D C:\Program Files (x86)\Avira
2020-01-28 19:39 - 2015-10-04 16:39 - 000000000 ____D C:\ProgramData\Package Cache
2020-01-28 19:39 - 2015-10-04 07:24 - 000110088 _____ C:\Users\pc\AppData\Local\GDIPFONTCACHEV1.DAT
2020-01-17 09:39 - 2019-09-12 14:41 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-17 09:39 - 2019-09-12 14:41 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-01-17 09:39 - 2019-09-12 14:41 - 000002183 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-01-14 20:28 - 2015-10-05 19:11 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-01-14 20:28 - 2015-10-05 19:11 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-01-14 20:28 - 2015-10-05 19:11 - 000000000 ____D C:\Windows\system32\Macromed
2020-01-14 20:28 - 2015-10-05 18:25 - 000000000 ____D C:\Users\pc\AppData\Local\Adobe
==================== Files in the root of some directories ========
2017-12-25 13:48 - 2018-06-27 09:22 - 000000136 _____ () C:\Users\pc\AppData\Roaming\downloads.json
2016-01-05 17:12 - 2016-04-22 10:00 - 000004608 _____ () C:\Users\pc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-05-14 17:01 - 2018-12-01 16:50 - 000007605 _____ () C:\Users\pc\AppData\Local\resmon.resmoncfg
2016-08-05 20:15 - 2016-08-05 20:15 - 000032038 _____ () C:\Users\pc\AppData\Local\SquareClock.Production_Home_Siko_WebIcon.ico
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2020-02-07 08:13
==================== End of FRST.txt ========================
Re: Kontrola
Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
- Uloz na plochu a ukonci vsetky programy
- Spusti AdwCleaner ako spravca
- Odsuhlas licencne podmienky
- Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
- Nechaj zaskrtnute vsetky nalezy
- Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
- Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
- Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Kontrola
-------------------------------
# Malwarebytes AdwCleaner 8.0.2.0
# -------------------------------
# Build: 01-27-2020
# Database: 2020-01-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 02-09-2020
# Duration: 00:00:19
# OS: Windows 7 Professional
# Scanned: 34824
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner[S00].txt - [2976 octets] - [01/02/2020 21:49:08]
AdwCleaner[C00].txt - [2816 octets] - [01/02/2020 21:49:41]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########
Malwarebytes AdwCleaner 8.0.2.0
# -------------------------------
# Build: 01-27-2020
# Database: 2020-01-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-09-2020
# Duration: 00:00:12
# OS: Windows 7 Professional
# Cleaned: 0
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2976 octets] - [01/02/2020 21:49:08]
AdwCleaner[C00].txt - [2816 octets] - [01/02/2020 21:49:41]
AdwCleaner[S01].txt - [1535 octets] - [09/02/2020 19:50:34]
AdwCleaner[S02].txt - [1596 octets] - [09/02/2020 19:51:01]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########
# Malwarebytes AdwCleaner 8.0.2.0
# -------------------------------
# Build: 01-27-2020
# Database: 2020-01-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 02-09-2020
# Duration: 00:00:19
# OS: Windows 7 Professional
# Scanned: 34824
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner[S00].txt - [2976 octets] - [01/02/2020 21:49:08]
AdwCleaner[C00].txt - [2816 octets] - [01/02/2020 21:49:41]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########
Malwarebytes AdwCleaner 8.0.2.0
# -------------------------------
# Build: 01-27-2020
# Database: 2020-01-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-09-2020
# Duration: 00:00:12
# OS: Windows 7 Professional
# Cleaned: 0
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2976 octets] - [01/02/2020 21:49:08]
AdwCleaner[C00].txt - [2816 octets] - [01/02/2020 21:49:41]
AdwCleaner[S01].txt - [1535 octets] - [09/02/2020 19:50:34]
AdwCleaner[S02].txt - [1596 octets] - [09/02/2020 19:51:01]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########
Re: Kontrola
Poprosim o obidva nove logy z FRST.
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Kontrola
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-02-2020 02
Ran by pc (10-02-2020 12:33:44)
Running from C:\Users\pc\Desktop
Windows 7 Professional Service Pack 1 (X64) (2015-10-03 17:11:34)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3134211295-3072908730-4118665192-500 - Administrator - Disabled)
Guest (S-1-5-21-3134211295-3072908730-4118665192-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3134211295-3072908730-4118665192-1002 - Limited - Enabled)
pc (S-1-5-21-3134211295-3072908730-4118665192-1000 - Administrator - Enabled) => C:\Users\pc
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {8EAC8D5C-B3AA-95AA-3DF1-2845CDD09CBE}
AS: Avira Antivirus (Enabled - Up to date) {35CD6CB8-9590-9A24-0741-1337B657D603}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (HKLM\...\{55D55008-E5F6-47D6-B16F-B2A40D4D145F}) (Version: 6.2.1 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.314 - Adobe)
AirDroid 3.2.1.1 (HKLM-x32\...\AirDroid) (Version: 3.2.1.1 - Sand Studio)
Avira (HKLM-x32\...\{59bab6b1-f615-42c3-9614-8dc338ac8ed4}) (Version: 1.2.143.109 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{82B6E5B0-3F76-446B-9FDE-0200B5B36B37}) (Version: 1.2.143.109 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2001.1707 - Avira Operations GmbH & Co. KG)
Avira Home Guard (HKLM-x32\...\{B44A6ACF-D50A-4CAC-9A8E-246402BDC101}) (Version: 1.1.10.773 - Avira Operations GmbH & Co. KG)
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.31.4.26498 - Avira Operations GmbH & Co. KG)
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.0.22.7684 - Avira Operations GmbH & Co. KG)
Avira Software Updater (HKLM-x32\...\{3BEE2703-942D-401D-93E1-7950CCF54769}) (Version: 2.0.6.25416 - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.4.1.10871 - Avira Operations GmbH & Co. KG)
BrLauncher (HKLM-x32\...\{42D26B47-887C-45FC-BCAE-0BE485C5C0BB}) (Version: 2.0.11.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{190861E7-09C5-42D8-BB4B-0AFB234BCFC1}) (Version: 1.0.3.1 - Brother Industries Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{613ce488-8460-4831-ad3a-dd0b4c39fdaf}) (Version: 4.3.2.0 - Brother Industries, Ltd.)
Brother iPrint&Scan (HKLM-x32\...\{A7B27ABE-950F-48B4-B74F-F3F87C9E9BCD}) (Version: 4.3.2.0 - Brother Industries, Ltd.) Hidden
Brother Port Driver (HKLM-x32\...\{0F6B8799-05C1-44C3-B6BE-CAC670D40E4A}) (Version: 1.0.4.4 - Brother Industries Ltd.) Hidden
Brother Printer Driver (HKLM-x32\...\{113D31E0-0791-4654-9000-5F77221E99F7}) (Version: 1.4.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{F921362C-796E-4BC7-9385-86CED819E73D}) (Version: 1.0.22.1 - Brother Industries Ltd.) Hidden
BrSupportTools (HKLM-x32\...\{32F47565-84B1-42CC-B09A-4CDDD9A32F94}) (Version: 1.0.20.0 - Brother Industries Ltd.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
ControlCenter4 (HKLM-x32\...\{9091B952-8719-49C3-9CC7-6E20EC61081F}) (Version: 4.6.6.1 - Brother Industries, Ltd.) Hidden
ControlCenter4 CSDK (HKLM-x32\...\{FD8A9511-BFC9-43B5-BB75-9CEC0EA03CF0}) (Version: 4.6.1.1 - Brother Industries, Ltd.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Etron USB3.0 Host Controller (HKLM-x32\...\{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.118 - Etron Technology) Hidden
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.118 - Etron Technology)
Freemake Video Converter verze 4.1.10 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.10 - Mixbyte Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 9.1.0.300 - )
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.225 - Intel Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.6.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01590 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Mozilla Firefox 72.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 72.0.2 (x64 cs)) (Version: 72.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.2 - Mozilla)
NetworkRepairTool (HKLM-x32\...\{86E68F57-FAFE-4052-BDD4-3B90C38236AE}) (Version: 1.2.16.0 - Brother Industries, Ltd.) Hidden
Nuance PaperPort 14 (HKLM-x32\...\{24510774-4424-46C2-8FB7-5DE0C945ED2B}) (Version: 14.5.0006 - Nuance Communications, Inc.)
Nuance PDF Viewer SE (HKLM-x32\...\{D8151965-282B-4EB6-A3F1-68AB555D8423}) (Version: 7.20.3230 - Nuance Communications, Inc.)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0002 - Nuance Communications, Inc.)
Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.) Hidden
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
ScannerUtilityInstaller (HKLM-x32\...\{5B645FE2-19E9-4B15-B5B2-3D8766F6FA27}) (Version: 1.0.0.0 - Brother) Hidden
Scansoft PDF Professional (HKLM-x32\...\{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}) (Version: - ) Hidden
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype verze 8.44 (HKLM-x32\...\Skype_is1) (Version: 8.44 - Skype Technologies S.A.)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
SoftwareUpdateNotification (HKLM-x32\...\{34F12379-C924-41E6-921D-51C71217F58C}) (Version: 1.0.9.0 - Brother Industries, Ltd.) Hidden
StatusMonitor (HKLM-x32\...\{40578A7A-6E36-457F-A4F0-45BC37EB61FD}) (Version: 1.20.1.0 - Brother Insutries Ltd.) Hidden
UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden
VIA Platforma Ovladače zařízení (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WinPcap for Avira 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Domotz, Inc)
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3134211295-3072908730-4118665192-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-26] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> No File
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-11-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> No File
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2015-08-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-11-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
==================== Loaded Modules (Whitelisted) =============
2016-11-25 09:18 - 2016-11-25 09:18 - 000139264 _____ () [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2017-03-22 16:21 - 2018-01-18 14:39 - 000519168 _____ () [File not signed] C:\Program Files (x86)\Browny02\BrMonitor.dll
2016-10-04 13:25 - 2018-01-18 14:39 - 001720832 _____ () [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonWRes.dll
2019-08-17 10:09 - 2005-04-22 12:36 - 000143360 _____ () [File not signed] C:\Windows\system32\BrSNMP64.dll
2012-12-05 11:29 - 2012-12-05 11:29 - 004883456 _____ (BCGSoft Ltd) [File not signed] C:\Program Files (x86)\Nuance\PaperPort\BCGCBPRO1100u100.dll
2012-12-05 11:29 - 2012-12-05 11:29 - 000036864 _____ (Black Ice Software, Inc.) [File not signed] C:\Program Files (x86)\Nuance\PaperPort\blicectr.dll
2019-08-17 10:09 - 2016-11-01 10:27 - 000090112 _____ (Brother Industries, Ltd.) [File not signed] C:\Windows\system32\BrNetSti.dll
2008-12-03 20:05 - 2008-12-03 20:05 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2008-12-03 20:05 - 2008-12-03 20:05 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2015-10-04 07:59 - 2012-03-27 00:12 - 000073728 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
2016-07-14 12:50 - 2016-07-14 12:50 - 000112128 _____ (Microsoft Corporation) [File not signed] C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\pc\Desktop\kreditní karta.jpeg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\pc\Desktop\kreditní karta.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Skype\Phone\
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\pc\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\startupreg: BingSvc => C:\Users\pc\AppData\Local\Microsoft\BingSvc\BingSvc.exe
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: RealProtect => "C:\Program Files\McAfee\Real Protect\RealProtect.exe" --run
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [{7EDBE83D-A91B-43BA-B2B8-D3379401E632}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{34DBB26E-4D58-487E-8071-1E89F4B9C1F4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EB42A5AF-340B-4CF0-82B1-715623576B60}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F85EB37E-3D00-405E-BB93-4166EA6F8854}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C9060CA3-F841-490F-87AE-E71C9F03E470}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{735D1E0A-0536-4F60-A673-190D55ADC47D}] => (Allow) C:\Users\pc\AppData\Local\Apowersoft\Online Video Downloader\Online Video Downloader.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{488DA788-BD68-4843-9530-0F3BE5EBFC67}] => (Allow) C:\Users\pc\AppData\Local\Apowersoft\Online Video Downloader\Online Video Downloader.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{786D6B37-BCE4-435D-A2F0-D11B623C54AE}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C1FCEAEF-77A2-4F63-BCFF-82361175C1CF}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{15B84800-6EC2-4231-A6BC-0A3C9E670F4F}] => (Allow) LPort=54950
FirewallRules: [{8CEE420C-BB4C-4682-B9CB-EA3878D9C15E}] => (Allow) LPort=54955
FirewallRules: [{B3AB3542-EB6F-4DD2-B3AC-0C93D4394C2B}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{4CA5478B-23D0-4DF1-A4E1-F815B9753C5B}G:\stažené\airdroid\airdroid.exe] => (Allow) G:\stažené\airdroid\airdroid.exe (SAND STUDIO LIMITED -> Sand Studio)
FirewallRules: [UDP Query User{216FEFF5-1DB7-46B9-B7A6-13093D18DE17}G:\stažené\airdroid\airdroid.exe] => (Allow) G:\stažené\airdroid\airdroid.exe (SAND STUDIO LIMITED -> Sand Studio)
FirewallRules: [{F37C197D-03AA-4A55-8A36-7E39B32A5270}] => (Allow) C:\Program Files (x86)\Avira\Home Guard\Avira.HomeGuard.Service.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG;)
FirewallRules: [{C9260966-C2A7-45CF-B6D1-E3183F97AA90}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{7B2A393E-7123-4D46-9524-7B81D58B7F53}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{845EB30E-3A6B-42E6-A202-238CD85CC5CE}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{1D66E9A1-EB93-467D-8313-23069DC895C3}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
==================== Restore Points =========================
30-01-2020 18:46:15 Avira System Speedup Optimization
06-02-2020 12:18:21 Instalace balíčku ovladače zařízení: Phantom TAP-Windows Provider V9 Síťové adaptéry
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (02/10/2020 12:27:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/10/2020 12:27:04 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Broadcast Receiver Server...
Error: (02/10/2020 12:27:04 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Wait Workflow Commands request from device.
Error: (02/10/2020 12:27:04 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...
Error: (02/10/2020 12:27:04 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...
Error: (02/10/2020 12:27:04 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[1]: 192.168.0.102
Error: (02/10/2020 12:27:04 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[0]: fe80:7e65:9b0d:f57f%11
Error: (02/10/2020 12:27:04 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList.Length: 2
System errors:
=============
Error: (02/10/2020 12:28:03 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/10/2020 12:27:19 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\SYSTEM SID (S-1-5-18) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/10/2020 12:26:59 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Avira Home Guard bylo dosaženo časového limitu (30000 ms).
Error: (02/10/2020 10:55:30 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/10/2020 10:54:46 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\SYSTEM SID (S-1-5-18) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/10/2020 10:54:26 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Avira Home Guard bylo dosaženo časového limitu (30000 ms).
Error: (02/09/2020 07:55:57 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/09/2020 07:55:19 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\SYSTEM SID (S-1-5-18) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
==================== Memory info ===========================
BIOS: American Megatrends Inc. F11 08/21/2012
Motherboard: Gigabyte Technology Co., Ltd. H77-D3H
Processor: Intel(R) Core(TM) i3-3240 CPU @ 3.40GHz
Percentage of memory in use: 90%
Total physical RAM: 3983.69 MB
Available physical RAM: 375.82 MB
Total Virtual: 11981.83 MB
Available Virtual: 7068.54 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:247.82 GB) (Free:188.74 GB) NTFS
Drive g: (Nový svazek) (Fixed) (Total:683.59 GB) (Free:622.96 GB) NTFS
\\?\Volume{096315ba-69f0-11e5-8e97-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: F4EC8D8C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=247.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=683.6 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-02-2020 02
Ran by pc (administrator) on PC-PC (Gigabyte Technology Co., Ltd. To be filled by O.E.M.) (10-02-2020 12:30:56)
Running from C:\Users\pc\Desktop
Loaded Profiles: pc (Available Profiles: pc)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogRx.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Flexera Software LLC -> Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\agent.exe
(Flexera Software LLC -> Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe
(Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Professional 7\PdfPro7Hook.exe
(VIA Technologies Inc. -> VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(VIA Technologies Inc. -> VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [4689072 2013-12-26] (VIA Technologies Inc. -> VIA)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [228136 2020-01-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [331368 2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {3be12e9e-e065-11e8-8899-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {6f577b62-20aa-11e9-9be8-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {b58a395e-d9ec-11e8-955c-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {b58a3966-d9ec-11e8-955c-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {ba87168b-ccde-11e9-a63f-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {ce24eea9-acde-11e8-9206-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {ce24eeb1-acde-11e8-9206-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {e03ea406-772a-11e9-b928-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-21] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-17] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0091C116-423E-4E9D-91AB-520A29AD3013} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\8 => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [146584 2017-11-07] (Brother Industries, Ltd. -> Brother Industries, Ltd.)
Task: {0E80CC8C-1851-40B8-A884-364354B665BF} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\4 => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2075480 2013-06-24] (Flexera Software LLC -> Flexera Software LLC.)
Task: {1550FB16-D3BF-4755-99CD-4F245004933A} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\5 => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [17600 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
Task: {1C3CC299-4A29-436B-80D6-94C519752F25} - System32\Tasks\Avira_Security_Update => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [226512 2020-01-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {2CF68739-9EEE-4CF4-92CA-42BFB82D7EB8} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\1 => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-27] (Intel Corporation -> Intel Corporation)
Task: {2D95AAD4-65AA-41D6-811B-536AD4C188D1} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\10 => C:\Windows\twain_32\Brimm17a\Common\TwDsUiLaunch.exe [86120 2018-11-14] (Microsoft Windows Hardware Compatibility Publisher -> )
Task: {31B19C4B-A9B3-46E4-B9F1-E4E9ED302EA7} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {38D9F871-2514-49AF-AE3E-DB4903A7F775} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\2 => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe
Task: {41D59C8D-DE44-41CB-98C3-7DE63726C449} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [331368 2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {4C9B1B25-2B48-4118-A740-2EE7FE836255} - System32\Tasks\EOSv3 Scheduler onTime => G:\Stažené 1\esetonlinescanner_csy.exe [8150840 2020-02-01] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {4F1E12C2-0FA5-491E-B743-5645CE8B346A} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2757672 2019-11-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {6C9BA513-4C14-4A1E-83D4-8F796017C7F1} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\7 => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [35648 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
Task: {813A7E4E-EFEB-48CD-952C-FD9DB88A6F09} - System32\Tasks\{39B5C276-1A9D-43B4-8C12-7172F9BB81B3} => C:\Windows\system32\pcalua.exe -a G:\Stažené\AirDroid\AirDroid.exe -d G:\Stažené\AirDroid
Task: {887A7CBA-37F7-4917-94E4-C4A1300F7DBC} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\6 => C:\Program Files (x86)\Nuance\PDF Professional 7\pdfpro7hook.exe [641864 2013-03-20] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
Task: {8890F42E-6F77-4566-8348-F487A126D1ED} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {9E0B7398-9FD4-4C16-9AAC-A0B0D319E75A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
Task: {B1B57EEC-9392-4DB5-A0EB-FF81F005A4F9} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\9 => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2976256 2018-01-19] (Brother Industries, Ltd.) [File not signed]
Task: {B6E80232-9734-447D-92AE-FD54FB893340} - System32\Tasks\EOSv3 Scheduler onLogOn => G:\Stažené 1\esetonlinescanner_csy.exe [8150840 2020-02-01] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {B9F45050-51C0-49F6-87F2-9134096B88CC} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_314_Plugin.exe [1457720 2020-01-14] (Adobe Inc. -> Adobe)
Task: {C155E00F-8A00-4E14-9291-0A2D32EC8C34} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\3 => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [3581952 2017-04-05] (Brother Industries, Ltd.) [File not signed]
Task: {C85FE6EB-C49D-4E66-87F1-A538531F6FA5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DD874520-290E-4969-9CCC-00F12511DF8D} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [27848432 2020-01-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG )
Task: {E0258D2F-8B8E-46AD-BA65-EDA1ADAE1466} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-09-12] (Google Inc -> Google Inc.)
Task: {ED00AC10-3D0C-457C-80B9-C4CBA73C47EE} - System32\Tasks\{3E3ECA1A-4F65-48F5-B46C-FF824D3A4D51} => C:\Windows\system32\pcalua.exe -a C:\Users\pc\AppData\Local\Temp\Temp1_marioforever.zip\MarioForever.exe <==== ATTENTION
Task: {F610E5AF-9CEA-47AF-BA55-27821F23A93A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-09-12] (Google Inc -> Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8AD0EA77-6D2E-4116-BECC-986037DC3EC5}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\PlusIEContextMenu.dll [2011-06-30] (Zeon Corporation -> Zeon Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-08] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-08] (Oracle America, Inc. -> Oracle Corporation)
FireFox:
========
FF DefaultProfile: 957wrn3t.default-1444066114328
FF ProfilePath: C:\Users\pc\AppData\Roaming\TomTom\HOME\Profiles\96r80l69.default [2019-03-06]
FF ProfilePath: C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\957wrn3t.default-1444066114328 [2020-02-10]
FF DownloadDir: G:\Stažené 1
FF Homepage: Mozilla\Firefox\Profiles\957wrn3t.default-1444066114328 -> hxxps://www.seznam.cz/
FF Notifications: Mozilla\Firefox\Profiles\957wrn3t.default-1444066114328 -> hxxps://www.kupi.cz
FF Extension: (Plná Peněženka Lištička) - C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\957wrn3t.default-1444066114328\Extensions\@plnapenezenkacz-firefox-extension.xpi [2018-03-09]
FF Extension: (Seznam pro Firefox - Email) - C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\957wrn3t.default-1444066114328\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2017-10-25]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_314.dll [2020-01-14] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=3.0.8 -> G:\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_314.dll [2020-01-14] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Professional 7\bin\nppdf.dll [2011-07-15] (Zeon Corporation -> Zeon Corporation)
Chrome:
=======
CHR Profile: C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default [2020-02-10]
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Extension: (Prezentace) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-09-12]
CHR Extension: (Dokumenty) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-09-12]
CHR Extension: (YouTube) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-09-12]
CHR Extension: (Tabulky) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-09-12]
CHR Extension: (Avira Browser Safety) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2019-09-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-09-12]
CHR Extension: (Skype) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2019-09-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-09-12]
CHR Extension: (Gmail) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-09-12]
CHR Extension: (Chrome Media Router) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-12]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1210168 2019-12-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [484768 2019-11-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [484768 2019-11-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [574848 2020-01-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 Avira.HomeGuard; C:\Program Files (x86)\Avira\Home Guard\Avira.HomeGuard.Service.exe [32064 2019-04-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG;)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [617520 2020-01-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2989888 2020-01-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [380680 2020-01-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [240408 2020-01-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [150648 2019-12-23] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-01-18] (Brother Industries, Ltd.) [File not signed]
S3 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-10-22] (Huawei Technologies Co., Ltd. -> ) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation - pGFX -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
S3 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [77336 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [12288 2019-05-17] (Microsoft) [File not signed]
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2012-12-11] (VIA Technologies Inc. -> VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
R2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe [20480 2019-05-17] (Microsoft) [File not signed]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [68152 2019-06-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [222888 2019-12-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [175808 2019-09-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36072 2019-03-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2017-03-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R3 EtronHub3; C:\Windows\System32\Drivers\EtronHub3.sys [65408 2013-08-05] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
R3 EtronXHCI; C:\Windows\System32\Drivers\EtronXHCI.sys [94208 2013-08-05] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [18944 2018-10-22] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-10-22] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2013-07-18] (Qualcomm Atheros -> Qualcomm Atheros Co., Ltd.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2018-12-19] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 phantomtap; C:\Windows\System32\DRIVERS\phantomtap.sys [35664 2020-01-08] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [690864 2013-12-16] (VIA Technologies Inc. -> VIA Technologies, Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-02-10 12:30 - 2020-02-10 12:31 - 000025075 _____ C:\Users\pc\Desktop\FRST.txt
2020-02-10 12:21 - 2020-02-10 12:21 - 002279424 _____ (Farbar) C:\Users\pc\Desktop\FRST64.exe
2020-02-09 19:49 - 2020-02-09 19:48 - 008356016 _____ (Malwarebytes) C:\Users\pc\Desktop\adwcleaner_8.0.2(2).exe
2020-02-09 18:59 - 2020-02-09 18:59 - 000000550 _____ C:\Users\pc\Desktop\6qpl9vu8 – zástupce.lnk
2020-02-09 18:27 - 2020-02-09 18:57 - 000000000 ____D C:\Users\pc\Doctor Web
2020-02-09 18:27 - 2020-02-09 18:27 - 000000000 ____D C:\ProgramData\Doctor Web
2020-02-09 14:08 - 2020-02-10 12:31 - 000000000 ____D C:\FRST
2020-02-09 13:35 - 2020-02-09 13:36 - 000171244 _____ C:\Windows\ntbtlog.txt
2020-02-09 09:55 - 2020-02-09 09:55 - 000000000 ____D C:\Users\pc\AppData\Local\FreemakeVideoConverter
2020-02-09 09:54 - 2020-02-09 09:55 - 000000000 ____D C:\Program Files (x86)\Freemake
2020-02-09 06:56 - 2020-02-09 06:56 - 000004706 _____ C:\Users\pc\Documents\cc_20200209_065611.reg
2020-02-01 23:06 - 2020-02-01 23:06 - 000000981 _____ C:\Users\pc\Desktop\adwcleaner_8.0.2 – zástupce.lnk
2020-02-01 21:55 - 2020-02-01 21:56 - 000000613 _____ C:\Users\pc\Desktop\ESET Online Scanner.lnk
2020-02-01 21:47 - 2020-02-01 21:49 - 000000000 ____D C:\AdwCleaner
2020-02-01 10:08 - 2020-02-01 10:08 - 000003680 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onLogOn
2020-02-01 10:08 - 2020-02-01 10:08 - 000003240 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onTime
2020-02-01 09:58 - 2020-02-01 09:58 - 000001026 _____ C:\Users\pc\Desktop\esetonlinescanner_csy – zástupce.lnk
2020-02-01 09:57 - 2020-02-01 09:57 - 000000000 ____D C:\Users\pc\AppData\Local\ESET
2020-01-30 18:38 - 2020-01-30 18:38 - 000000206 _____ C:\Users\pc\Documents\cc_20200130_183843.reg
2020-01-29 17:56 - 2020-01-29 17:56 - 000000000 ____D C:\Windows\system32\Tasks\Avira
2020-01-28 20:01 - 2020-01-28 20:01 - 000000000 ____D C:\Users\Public\Security Sessions
2020-01-28 19:51 - 2020-01-28 19:51 - 000003454 _____ C:\Windows\system32\Tasks\Avira_Security_Update
2020-01-28 19:50 - 2020-02-10 12:26 - 000000000 ____D C:\Users\Public\Speedup Sessions
2020-01-28 19:49 - 2020-01-31 18:08 - 000003662 _____ C:\Windows\system32\Tasks\AviraSystemSpeedupUpdate
2020-01-28 19:39 - 2020-01-28 19:39 - 000001116 _____ C:\Users\Public\Desktop\Avira.lnk
2020-01-28 19:39 - 2020-01-28 19:39 - 000001116 _____ C:\ProgramData\Desktop\Avira.lnk
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-02-10 12:27 - 2016-11-20 09:50 - 000000000 ____D C:\Users\pc\AppData\LocalLow\Mozilla
2020-02-10 12:27 - 2016-01-24 11:37 - 000000000 __SHD C:\Users\pc\IntelGraphicsProfiles
2020-02-10 12:26 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-02-10 10:59 - 2009-07-14 05:45 - 000021504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-02-10 10:59 - 2009-07-14 05:45 - 000021504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-02-10 00:10 - 2015-10-03 18:11 - 000000000 ____D C:\Users\pc
2020-02-09 13:37 - 2015-10-05 19:11 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-02-09 09:55 - 2016-04-22 20:17 - 000001324 _____ C:\Users\Public\Desktop\Freemake Video Converter.lnk
2020-02-09 09:55 - 2016-04-22 20:17 - 000001324 _____ C:\ProgramData\Desktop\Freemake Video Converter.lnk
2020-02-09 09:55 - 2016-04-22 20:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2020-02-09 09:55 - 2016-04-22 20:17 - 000000000 ____D C:\ProgramData\Freemake
2020-02-09 06:57 - 2019-09-12 14:42 - 000002798 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-02-09 06:57 - 2019-09-12 14:41 - 000003390 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-02-09 06:57 - 2019-09-12 14:41 - 000003262 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-02-09 06:57 - 2019-02-24 14:00 - 000004518 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-02-09 06:57 - 2015-11-27 19:40 - 000003122 _____ C:\Windows\system32\Tasks\{3E3ECA1A-4F65-48F5-B46C-FF824D3A4D51}
2020-02-09 06:56 - 2015-10-05 18:29 - 000004478 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-02-08 11:38 - 2019-11-11 19:55 - 000000000 ____D C:\Users\pc\AppData\Roaming\vlc
2020-02-06 12:20 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2020-02-06 12:18 - 2015-10-04 16:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2020-02-05 01:48 - 2009-07-14 05:45 - 000027648 _____ C:\Windows\system32\umstartup.etl
2020-01-30 18:37 - 2015-12-23 17:26 - 000000000 ____D C:\Windows\Minidump
2020-01-30 17:34 - 2019-12-27 10:41 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-01-30 17:34 - 2015-10-04 16:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-01-29 17:55 - 2009-07-14 05:45 - 000413224 _____ C:\Windows\system32\FNTCACHE.DAT
2020-01-28 20:01 - 2016-03-20 12:24 - 000000000 ____D C:\Users\pc\AppData\Local\Avira
2020-01-28 19:51 - 2015-10-04 16:39 - 000000000 ____D C:\ProgramData\Avira
2020-01-28 19:51 - 2015-10-04 16:39 - 000000000 ____D C:\Program Files (x86)\Avira
2020-01-28 19:39 - 2015-10-04 16:39 - 000000000 ____D C:\ProgramData\Package Cache
2020-01-28 19:39 - 2015-10-04 07:24 - 000110088 _____ C:\Users\pc\AppData\Local\GDIPFONTCACHEV1.DAT
2020-01-17 09:39 - 2019-09-12 14:41 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-17 09:39 - 2019-09-12 14:41 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-01-17 09:39 - 2019-09-12 14:41 - 000002183 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-01-14 20:28 - 2015-10-05 19:11 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-01-14 20:28 - 2015-10-05 19:11 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-01-14 20:28 - 2015-10-05 19:11 - 000000000 ____D C:\Windows\system32\Macromed
2020-01-14 20:28 - 2015-10-05 18:25 - 000000000 ____D C:\Users\pc\AppData\Local\Adobe
==================== Files in the root of some directories ========
2017-12-25 13:48 - 2018-06-27 09:22 - 000000136 _____ () C:\Users\pc\AppData\Roaming\downloads.json
2016-01-05 17:12 - 2016-04-22 10:00 - 000004608 _____ () C:\Users\pc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-05-14 17:01 - 2018-12-01 16:50 - 000007605 _____ () C:\Users\pc\AppData\Local\resmon.resmoncfg
2016-08-05 20:15 - 2016-08-05 20:15 - 000032038 _____ () C:\Users\pc\AppData\Local\SquareClock.Production_Home_Siko_WebIcon.ico
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2020-02-07 08:13
==================== End of FRST.txt ========================
Ran by pc (10-02-2020 12:33:44)
Running from C:\Users\pc\Desktop
Windows 7 Professional Service Pack 1 (X64) (2015-10-03 17:11:34)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3134211295-3072908730-4118665192-500 - Administrator - Disabled)
Guest (S-1-5-21-3134211295-3072908730-4118665192-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3134211295-3072908730-4118665192-1002 - Limited - Enabled)
pc (S-1-5-21-3134211295-3072908730-4118665192-1000 - Administrator - Enabled) => C:\Users\pc
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {8EAC8D5C-B3AA-95AA-3DF1-2845CDD09CBE}
AS: Avira Antivirus (Enabled - Up to date) {35CD6CB8-9590-9A24-0741-1337B657D603}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (HKLM\...\{55D55008-E5F6-47D6-B16F-B2A40D4D145F}) (Version: 6.2.1 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.314 - Adobe)
AirDroid 3.2.1.1 (HKLM-x32\...\AirDroid) (Version: 3.2.1.1 - Sand Studio)
Avira (HKLM-x32\...\{59bab6b1-f615-42c3-9614-8dc338ac8ed4}) (Version: 1.2.143.109 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{82B6E5B0-3F76-446B-9FDE-0200B5B36B37}) (Version: 1.2.143.109 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2001.1707 - Avira Operations GmbH & Co. KG)
Avira Home Guard (HKLM-x32\...\{B44A6ACF-D50A-4CAC-9A8E-246402BDC101}) (Version: 1.1.10.773 - Avira Operations GmbH & Co. KG)
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.31.4.26498 - Avira Operations GmbH & Co. KG)
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.0.22.7684 - Avira Operations GmbH & Co. KG)
Avira Software Updater (HKLM-x32\...\{3BEE2703-942D-401D-93E1-7950CCF54769}) (Version: 2.0.6.25416 - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.4.1.10871 - Avira Operations GmbH & Co. KG)
BrLauncher (HKLM-x32\...\{42D26B47-887C-45FC-BCAE-0BE485C5C0BB}) (Version: 2.0.11.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{190861E7-09C5-42D8-BB4B-0AFB234BCFC1}) (Version: 1.0.3.1 - Brother Industries Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{613ce488-8460-4831-ad3a-dd0b4c39fdaf}) (Version: 4.3.2.0 - Brother Industries, Ltd.)
Brother iPrint&Scan (HKLM-x32\...\{A7B27ABE-950F-48B4-B74F-F3F87C9E9BCD}) (Version: 4.3.2.0 - Brother Industries, Ltd.) Hidden
Brother Port Driver (HKLM-x32\...\{0F6B8799-05C1-44C3-B6BE-CAC670D40E4A}) (Version: 1.0.4.4 - Brother Industries Ltd.) Hidden
Brother Printer Driver (HKLM-x32\...\{113D31E0-0791-4654-9000-5F77221E99F7}) (Version: 1.4.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{F921362C-796E-4BC7-9385-86CED819E73D}) (Version: 1.0.22.1 - Brother Industries Ltd.) Hidden
BrSupportTools (HKLM-x32\...\{32F47565-84B1-42CC-B09A-4CDDD9A32F94}) (Version: 1.0.20.0 - Brother Industries Ltd.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
ControlCenter4 (HKLM-x32\...\{9091B952-8719-49C3-9CC7-6E20EC61081F}) (Version: 4.6.6.1 - Brother Industries, Ltd.) Hidden
ControlCenter4 CSDK (HKLM-x32\...\{FD8A9511-BFC9-43B5-BB75-9CEC0EA03CF0}) (Version: 4.6.1.1 - Brother Industries, Ltd.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Etron USB3.0 Host Controller (HKLM-x32\...\{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.118 - Etron Technology) Hidden
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.118 - Etron Technology)
Freemake Video Converter verze 4.1.10 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.10 - Mixbyte Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 9.1.0.300 - )
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.225 - Intel Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.6.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01590 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Mozilla Firefox 72.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 72.0.2 (x64 cs)) (Version: 72.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.2 - Mozilla)
NetworkRepairTool (HKLM-x32\...\{86E68F57-FAFE-4052-BDD4-3B90C38236AE}) (Version: 1.2.16.0 - Brother Industries, Ltd.) Hidden
Nuance PaperPort 14 (HKLM-x32\...\{24510774-4424-46C2-8FB7-5DE0C945ED2B}) (Version: 14.5.0006 - Nuance Communications, Inc.)
Nuance PDF Viewer SE (HKLM-x32\...\{D8151965-282B-4EB6-A3F1-68AB555D8423}) (Version: 7.20.3230 - Nuance Communications, Inc.)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0002 - Nuance Communications, Inc.)
Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.) Hidden
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
ScannerUtilityInstaller (HKLM-x32\...\{5B645FE2-19E9-4B15-B5B2-3D8766F6FA27}) (Version: 1.0.0.0 - Brother) Hidden
Scansoft PDF Professional (HKLM-x32\...\{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}) (Version: - ) Hidden
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype verze 8.44 (HKLM-x32\...\Skype_is1) (Version: 8.44 - Skype Technologies S.A.)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
SoftwareUpdateNotification (HKLM-x32\...\{34F12379-C924-41E6-921D-51C71217F58C}) (Version: 1.0.9.0 - Brother Industries, Ltd.) Hidden
StatusMonitor (HKLM-x32\...\{40578A7A-6E36-457F-A4F0-45BC37EB61FD}) (Version: 1.20.1.0 - Brother Insutries Ltd.) Hidden
UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden
VIA Platforma Ovladače zařízení (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WinPcap for Avira 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Domotz, Inc)
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3134211295-3072908730-4118665192-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-26] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> No File
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-11-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> No File
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2015-08-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-11-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
==================== Loaded Modules (Whitelisted) =============
2016-11-25 09:18 - 2016-11-25 09:18 - 000139264 _____ () [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2017-03-22 16:21 - 2018-01-18 14:39 - 000519168 _____ () [File not signed] C:\Program Files (x86)\Browny02\BrMonitor.dll
2016-10-04 13:25 - 2018-01-18 14:39 - 001720832 _____ () [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonWRes.dll
2019-08-17 10:09 - 2005-04-22 12:36 - 000143360 _____ () [File not signed] C:\Windows\system32\BrSNMP64.dll
2012-12-05 11:29 - 2012-12-05 11:29 - 004883456 _____ (BCGSoft Ltd) [File not signed] C:\Program Files (x86)\Nuance\PaperPort\BCGCBPRO1100u100.dll
2012-12-05 11:29 - 2012-12-05 11:29 - 000036864 _____ (Black Ice Software, Inc.) [File not signed] C:\Program Files (x86)\Nuance\PaperPort\blicectr.dll
2019-08-17 10:09 - 2016-11-01 10:27 - 000090112 _____ (Brother Industries, Ltd.) [File not signed] C:\Windows\system32\BrNetSti.dll
2008-12-03 20:05 - 2008-12-03 20:05 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2008-12-03 20:05 - 2008-12-03 20:05 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2015-10-04 07:59 - 2012-03-27 00:12 - 000073728 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
2016-07-14 12:50 - 2016-07-14 12:50 - 000112128 _____ (Microsoft Corporation) [File not signed] C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\pc\Desktop\kreditní karta.jpeg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\pc\Desktop\kreditní karta.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Skype\Phone\
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\pc\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\startupreg: BingSvc => C:\Users\pc\AppData\Local\Microsoft\BingSvc\BingSvc.exe
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: RealProtect => "C:\Program Files\McAfee\Real Protect\RealProtect.exe" --run
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [{7EDBE83D-A91B-43BA-B2B8-D3379401E632}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{34DBB26E-4D58-487E-8071-1E89F4B9C1F4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EB42A5AF-340B-4CF0-82B1-715623576B60}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F85EB37E-3D00-405E-BB93-4166EA6F8854}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C9060CA3-F841-490F-87AE-E71C9F03E470}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{735D1E0A-0536-4F60-A673-190D55ADC47D}] => (Allow) C:\Users\pc\AppData\Local\Apowersoft\Online Video Downloader\Online Video Downloader.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{488DA788-BD68-4843-9530-0F3BE5EBFC67}] => (Allow) C:\Users\pc\AppData\Local\Apowersoft\Online Video Downloader\Online Video Downloader.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{786D6B37-BCE4-435D-A2F0-D11B623C54AE}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C1FCEAEF-77A2-4F63-BCFF-82361175C1CF}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{15B84800-6EC2-4231-A6BC-0A3C9E670F4F}] => (Allow) LPort=54950
FirewallRules: [{8CEE420C-BB4C-4682-B9CB-EA3878D9C15E}] => (Allow) LPort=54955
FirewallRules: [{B3AB3542-EB6F-4DD2-B3AC-0C93D4394C2B}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{4CA5478B-23D0-4DF1-A4E1-F815B9753C5B}G:\stažené\airdroid\airdroid.exe] => (Allow) G:\stažené\airdroid\airdroid.exe (SAND STUDIO LIMITED -> Sand Studio)
FirewallRules: [UDP Query User{216FEFF5-1DB7-46B9-B7A6-13093D18DE17}G:\stažené\airdroid\airdroid.exe] => (Allow) G:\stažené\airdroid\airdroid.exe (SAND STUDIO LIMITED -> Sand Studio)
FirewallRules: [{F37C197D-03AA-4A55-8A36-7E39B32A5270}] => (Allow) C:\Program Files (x86)\Avira\Home Guard\Avira.HomeGuard.Service.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG;)
FirewallRules: [{C9260966-C2A7-45CF-B6D1-E3183F97AA90}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{7B2A393E-7123-4D46-9524-7B81D58B7F53}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{845EB30E-3A6B-42E6-A202-238CD85CC5CE}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{1D66E9A1-EB93-467D-8313-23069DC895C3}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
==================== Restore Points =========================
30-01-2020 18:46:15 Avira System Speedup Optimization
06-02-2020 12:18:21 Instalace balíčku ovladače zařízení: Phantom TAP-Windows Provider V9 Síťové adaptéry
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (02/10/2020 12:27:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/10/2020 12:27:04 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Broadcast Receiver Server...
Error: (02/10/2020 12:27:04 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Wait Workflow Commands request from device.
Error: (02/10/2020 12:27:04 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...
Error: (02/10/2020 12:27:04 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...
Error: (02/10/2020 12:27:04 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[1]: 192.168.0.102
Error: (02/10/2020 12:27:04 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[0]: fe80:
7e65:9b0d:f57f%11Error: (02/10/2020 12:27:04 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList.Length: 2
System errors:
=============
Error: (02/10/2020 12:28:03 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/10/2020 12:27:19 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\SYSTEM SID (S-1-5-18) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/10/2020 12:26:59 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Avira Home Guard bylo dosaženo časového limitu (30000 ms).
Error: (02/10/2020 10:55:30 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/10/2020 10:54:46 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\SYSTEM SID (S-1-5-18) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/10/2020 10:54:26 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Avira Home Guard bylo dosaženo časového limitu (30000 ms).
Error: (02/09/2020 07:55:57 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/09/2020 07:55:19 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\SYSTEM SID (S-1-5-18) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
==================== Memory info ===========================
BIOS: American Megatrends Inc. F11 08/21/2012
Motherboard: Gigabyte Technology Co., Ltd. H77-D3H
Processor: Intel(R) Core(TM) i3-3240 CPU @ 3.40GHz
Percentage of memory in use: 90%
Total physical RAM: 3983.69 MB
Available physical RAM: 375.82 MB
Total Virtual: 11981.83 MB
Available Virtual: 7068.54 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:247.82 GB) (Free:188.74 GB) NTFS
Drive g: (Nový svazek) (Fixed) (Total:683.59 GB) (Free:622.96 GB) NTFS
\\?\Volume{096315ba-69f0-11e5-8e97-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: F4EC8D8C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=247.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=683.6 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-02-2020 02
Ran by pc (administrator) on PC-PC (Gigabyte Technology Co., Ltd. To be filled by O.E.M.) (10-02-2020 12:30:56)
Running from C:\Users\pc\Desktop
Loaded Profiles: pc (Available Profiles: pc)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogRx.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Flexera Software LLC -> Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\agent.exe
(Flexera Software LLC -> Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe
(Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Professional 7\PdfPro7Hook.exe
(VIA Technologies Inc. -> VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(VIA Technologies Inc. -> VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [4689072 2013-12-26] (VIA Technologies Inc. -> VIA)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [228136 2020-01-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [331368 2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {3be12e9e-e065-11e8-8899-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {6f577b62-20aa-11e9-9be8-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {b58a395e-d9ec-11e8-955c-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {b58a3966-d9ec-11e8-955c-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {ba87168b-ccde-11e9-a63f-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {ce24eea9-acde-11e8-9206-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {ce24eeb1-acde-11e8-9206-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {e03ea406-772a-11e9-b928-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-21] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-17] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0091C116-423E-4E9D-91AB-520A29AD3013} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\8 => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [146584 2017-11-07] (Brother Industries, Ltd. -> Brother Industries, Ltd.)
Task: {0E80CC8C-1851-40B8-A884-364354B665BF} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\4 => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2075480 2013-06-24] (Flexera Software LLC -> Flexera Software LLC.)
Task: {1550FB16-D3BF-4755-99CD-4F245004933A} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\5 => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [17600 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
Task: {1C3CC299-4A29-436B-80D6-94C519752F25} - System32\Tasks\Avira_Security_Update => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [226512 2020-01-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {2CF68739-9EEE-4CF4-92CA-42BFB82D7EB8} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\1 => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-27] (Intel Corporation -> Intel Corporation)
Task: {2D95AAD4-65AA-41D6-811B-536AD4C188D1} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\10 => C:\Windows\twain_32\Brimm17a\Common\TwDsUiLaunch.exe [86120 2018-11-14] (Microsoft Windows Hardware Compatibility Publisher -> )
Task: {31B19C4B-A9B3-46E4-B9F1-E4E9ED302EA7} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {38D9F871-2514-49AF-AE3E-DB4903A7F775} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\2 => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe
Task: {41D59C8D-DE44-41CB-98C3-7DE63726C449} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [331368 2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {4C9B1B25-2B48-4118-A740-2EE7FE836255} - System32\Tasks\EOSv3 Scheduler onTime => G:\Stažené 1\esetonlinescanner_csy.exe [8150840 2020-02-01] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {4F1E12C2-0FA5-491E-B743-5645CE8B346A} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2757672 2019-11-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {6C9BA513-4C14-4A1E-83D4-8F796017C7F1} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\7 => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [35648 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
Task: {813A7E4E-EFEB-48CD-952C-FD9DB88A6F09} - System32\Tasks\{39B5C276-1A9D-43B4-8C12-7172F9BB81B3} => C:\Windows\system32\pcalua.exe -a G:\Stažené\AirDroid\AirDroid.exe -d G:\Stažené\AirDroid
Task: {887A7CBA-37F7-4917-94E4-C4A1300F7DBC} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\6 => C:\Program Files (x86)\Nuance\PDF Professional 7\pdfpro7hook.exe [641864 2013-03-20] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
Task: {8890F42E-6F77-4566-8348-F487A126D1ED} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {9E0B7398-9FD4-4C16-9AAC-A0B0D319E75A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
Task: {B1B57EEC-9392-4DB5-A0EB-FF81F005A4F9} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\9 => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2976256 2018-01-19] (Brother Industries, Ltd.) [File not signed]
Task: {B6E80232-9734-447D-92AE-FD54FB893340} - System32\Tasks\EOSv3 Scheduler onLogOn => G:\Stažené 1\esetonlinescanner_csy.exe [8150840 2020-02-01] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {B9F45050-51C0-49F6-87F2-9134096B88CC} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_314_Plugin.exe [1457720 2020-01-14] (Adobe Inc. -> Adobe)
Task: {C155E00F-8A00-4E14-9291-0A2D32EC8C34} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\3 => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [3581952 2017-04-05] (Brother Industries, Ltd.) [File not signed]
Task: {C85FE6EB-C49D-4E66-87F1-A538531F6FA5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DD874520-290E-4969-9CCC-00F12511DF8D} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [27848432 2020-01-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG )
Task: {E0258D2F-8B8E-46AD-BA65-EDA1ADAE1466} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-09-12] (Google Inc -> Google Inc.)
Task: {ED00AC10-3D0C-457C-80B9-C4CBA73C47EE} - System32\Tasks\{3E3ECA1A-4F65-48F5-B46C-FF824D3A4D51} => C:\Windows\system32\pcalua.exe -a C:\Users\pc\AppData\Local\Temp\Temp1_marioforever.zip\MarioForever.exe <==== ATTENTION
Task: {F610E5AF-9CEA-47AF-BA55-27821F23A93A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-09-12] (Google Inc -> Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8AD0EA77-6D2E-4116-BECC-986037DC3EC5}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\PlusIEContextMenu.dll [2011-06-30] (Zeon Corporation -> Zeon Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-08] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-08] (Oracle America, Inc. -> Oracle Corporation)
FireFox:
========
FF DefaultProfile: 957wrn3t.default-1444066114328
FF ProfilePath: C:\Users\pc\AppData\Roaming\TomTom\HOME\Profiles\96r80l69.default [2019-03-06]
FF ProfilePath: C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\957wrn3t.default-1444066114328 [2020-02-10]
FF DownloadDir: G:\Stažené 1
FF Homepage: Mozilla\Firefox\Profiles\957wrn3t.default-1444066114328 -> hxxps://www.seznam.cz/
FF Notifications: Mozilla\Firefox\Profiles\957wrn3t.default-1444066114328 -> hxxps://www.kupi.cz
FF Extension: (Plná Peněženka Lištička) - C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\957wrn3t.default-1444066114328\Extensions\@plnapenezenkacz-firefox-extension.xpi [2018-03-09]
FF Extension: (Seznam pro Firefox - Email) - C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\957wrn3t.default-1444066114328\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2017-10-25]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_314.dll [2020-01-14] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=3.0.8 -> G:\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_314.dll [2020-01-14] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Professional 7\bin\nppdf.dll [2011-07-15] (Zeon Corporation -> Zeon Corporation)
Chrome:
=======
CHR Profile: C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default [2020-02-10]
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Extension: (Prezentace) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-09-12]
CHR Extension: (Dokumenty) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-09-12]
CHR Extension: (YouTube) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-09-12]
CHR Extension: (Tabulky) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-09-12]
CHR Extension: (Avira Browser Safety) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2019-09-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-09-12]
CHR Extension: (Skype) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2019-09-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-09-12]
CHR Extension: (Gmail) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-09-12]
CHR Extension: (Chrome Media Router) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-12]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1210168 2019-12-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [484768 2019-11-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [484768 2019-11-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [574848 2020-01-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 Avira.HomeGuard; C:\Program Files (x86)\Avira\Home Guard\Avira.HomeGuard.Service.exe [32064 2019-04-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG;)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [617520 2020-01-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2989888 2020-01-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [380680 2020-01-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [240408 2020-01-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [150648 2019-12-23] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-01-18] (Brother Industries, Ltd.) [File not signed]
S3 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-10-22] (Huawei Technologies Co., Ltd. -> ) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation - pGFX -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
S3 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [77336 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [12288 2019-05-17] (Microsoft) [File not signed]
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2012-12-11] (VIA Technologies Inc. -> VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
R2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe [20480 2019-05-17] (Microsoft) [File not signed]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [68152 2019-06-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [222888 2019-12-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [175808 2019-09-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36072 2019-03-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2017-03-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R3 EtronHub3; C:\Windows\System32\Drivers\EtronHub3.sys [65408 2013-08-05] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
R3 EtronXHCI; C:\Windows\System32\Drivers\EtronXHCI.sys [94208 2013-08-05] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [18944 2018-10-22] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-10-22] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2013-07-18] (Qualcomm Atheros -> Qualcomm Atheros Co., Ltd.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2018-12-19] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 phantomtap; C:\Windows\System32\DRIVERS\phantomtap.sys [35664 2020-01-08] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [690864 2013-12-16] (VIA Technologies Inc. -> VIA Technologies, Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-02-10 12:30 - 2020-02-10 12:31 - 000025075 _____ C:\Users\pc\Desktop\FRST.txt
2020-02-10 12:21 - 2020-02-10 12:21 - 002279424 _____ (Farbar) C:\Users\pc\Desktop\FRST64.exe
2020-02-09 19:49 - 2020-02-09 19:48 - 008356016 _____ (Malwarebytes) C:\Users\pc\Desktop\adwcleaner_8.0.2(2).exe
2020-02-09 18:59 - 2020-02-09 18:59 - 000000550 _____ C:\Users\pc\Desktop\6qpl9vu8 – zástupce.lnk
2020-02-09 18:27 - 2020-02-09 18:57 - 000000000 ____D C:\Users\pc\Doctor Web
2020-02-09 18:27 - 2020-02-09 18:27 - 000000000 ____D C:\ProgramData\Doctor Web
2020-02-09 14:08 - 2020-02-10 12:31 - 000000000 ____D C:\FRST
2020-02-09 13:35 - 2020-02-09 13:36 - 000171244 _____ C:\Windows\ntbtlog.txt
2020-02-09 09:55 - 2020-02-09 09:55 - 000000000 ____D C:\Users\pc\AppData\Local\FreemakeVideoConverter
2020-02-09 09:54 - 2020-02-09 09:55 - 000000000 ____D C:\Program Files (x86)\Freemake
2020-02-09 06:56 - 2020-02-09 06:56 - 000004706 _____ C:\Users\pc\Documents\cc_20200209_065611.reg
2020-02-01 23:06 - 2020-02-01 23:06 - 000000981 _____ C:\Users\pc\Desktop\adwcleaner_8.0.2 – zástupce.lnk
2020-02-01 21:55 - 2020-02-01 21:56 - 000000613 _____ C:\Users\pc\Desktop\ESET Online Scanner.lnk
2020-02-01 21:47 - 2020-02-01 21:49 - 000000000 ____D C:\AdwCleaner
2020-02-01 10:08 - 2020-02-01 10:08 - 000003680 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onLogOn
2020-02-01 10:08 - 2020-02-01 10:08 - 000003240 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onTime
2020-02-01 09:58 - 2020-02-01 09:58 - 000001026 _____ C:\Users\pc\Desktop\esetonlinescanner_csy – zástupce.lnk
2020-02-01 09:57 - 2020-02-01 09:57 - 000000000 ____D C:\Users\pc\AppData\Local\ESET
2020-01-30 18:38 - 2020-01-30 18:38 - 000000206 _____ C:\Users\pc\Documents\cc_20200130_183843.reg
2020-01-29 17:56 - 2020-01-29 17:56 - 000000000 ____D C:\Windows\system32\Tasks\Avira
2020-01-28 20:01 - 2020-01-28 20:01 - 000000000 ____D C:\Users\Public\Security Sessions
2020-01-28 19:51 - 2020-01-28 19:51 - 000003454 _____ C:\Windows\system32\Tasks\Avira_Security_Update
2020-01-28 19:50 - 2020-02-10 12:26 - 000000000 ____D C:\Users\Public\Speedup Sessions
2020-01-28 19:49 - 2020-01-31 18:08 - 000003662 _____ C:\Windows\system32\Tasks\AviraSystemSpeedupUpdate
2020-01-28 19:39 - 2020-01-28 19:39 - 000001116 _____ C:\Users\Public\Desktop\Avira.lnk
2020-01-28 19:39 - 2020-01-28 19:39 - 000001116 _____ C:\ProgramData\Desktop\Avira.lnk
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-02-10 12:27 - 2016-11-20 09:50 - 000000000 ____D C:\Users\pc\AppData\LocalLow\Mozilla
2020-02-10 12:27 - 2016-01-24 11:37 - 000000000 __SHD C:\Users\pc\IntelGraphicsProfiles
2020-02-10 12:26 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-02-10 10:59 - 2009-07-14 05:45 - 000021504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-02-10 10:59 - 2009-07-14 05:45 - 000021504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-02-10 00:10 - 2015-10-03 18:11 - 000000000 ____D C:\Users\pc
2020-02-09 13:37 - 2015-10-05 19:11 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-02-09 09:55 - 2016-04-22 20:17 - 000001324 _____ C:\Users\Public\Desktop\Freemake Video Converter.lnk
2020-02-09 09:55 - 2016-04-22 20:17 - 000001324 _____ C:\ProgramData\Desktop\Freemake Video Converter.lnk
2020-02-09 09:55 - 2016-04-22 20:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2020-02-09 09:55 - 2016-04-22 20:17 - 000000000 ____D C:\ProgramData\Freemake
2020-02-09 06:57 - 2019-09-12 14:42 - 000002798 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-02-09 06:57 - 2019-09-12 14:41 - 000003390 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-02-09 06:57 - 2019-09-12 14:41 - 000003262 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-02-09 06:57 - 2019-02-24 14:00 - 000004518 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-02-09 06:57 - 2015-11-27 19:40 - 000003122 _____ C:\Windows\system32\Tasks\{3E3ECA1A-4F65-48F5-B46C-FF824D3A4D51}
2020-02-09 06:56 - 2015-10-05 18:29 - 000004478 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-02-08 11:38 - 2019-11-11 19:55 - 000000000 ____D C:\Users\pc\AppData\Roaming\vlc
2020-02-06 12:20 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2020-02-06 12:18 - 2015-10-04 16:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2020-02-05 01:48 - 2009-07-14 05:45 - 000027648 _____ C:\Windows\system32\umstartup.etl
2020-01-30 18:37 - 2015-12-23 17:26 - 000000000 ____D C:\Windows\Minidump
2020-01-30 17:34 - 2019-12-27 10:41 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-01-30 17:34 - 2015-10-04 16:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-01-29 17:55 - 2009-07-14 05:45 - 000413224 _____ C:\Windows\system32\FNTCACHE.DAT
2020-01-28 20:01 - 2016-03-20 12:24 - 000000000 ____D C:\Users\pc\AppData\Local\Avira
2020-01-28 19:51 - 2015-10-04 16:39 - 000000000 ____D C:\ProgramData\Avira
2020-01-28 19:51 - 2015-10-04 16:39 - 000000000 ____D C:\Program Files (x86)\Avira
2020-01-28 19:39 - 2015-10-04 16:39 - 000000000 ____D C:\ProgramData\Package Cache
2020-01-28 19:39 - 2015-10-04 07:24 - 000110088 _____ C:\Users\pc\AppData\Local\GDIPFONTCACHEV1.DAT
2020-01-17 09:39 - 2019-09-12 14:41 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-17 09:39 - 2019-09-12 14:41 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-01-17 09:39 - 2019-09-12 14:41 - 000002183 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-01-14 20:28 - 2015-10-05 19:11 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-01-14 20:28 - 2015-10-05 19:11 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-01-14 20:28 - 2015-10-05 19:11 - 000000000 ____D C:\Windows\system32\Macromed
2020-01-14 20:28 - 2015-10-05 18:25 - 000000000 ____D C:\Users\pc\AppData\Local\Adobe
==================== Files in the root of some directories ========
2017-12-25 13:48 - 2018-06-27 09:22 - 000000136 _____ () C:\Users\pc\AppData\Roaming\downloads.json
2016-01-05 17:12 - 2016-04-22 10:00 - 000004608 _____ () C:\Users\pc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-05-14 17:01 - 2018-12-01 16:50 - 000007605 _____ () C:\Users\pc\AppData\Local\resmon.resmoncfg
2016-08-05 20:15 - 2016-08-05 20:15 - 000032038 _____ () C:\Users\pc\AppData\Local\SquareClock.Production_Home_Siko_WebIcon.ico
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2020-02-07 08:13
==================== End of FRST.txt ========================
Re: Kontrola
Otvor poznamkovy blok (Win+R -> notepad -> enter)
- Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:
Kód: Vybrat vše
Start CloseProcesses: CreateRestorePoint: PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {3be12e9e-e065-11e8-8899-94de80728372} - E:\HiSuiteDownLoader.exe HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {6f577b62-20aa-11e9-9be8-94de80728372} - E:\HiSuiteDownLoader.exe HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {b58a395e-d9ec-11e8-955c-94de80728372} - E:\HiSuiteDownLoader.exe HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {b58a3966-d9ec-11e8-955c-94de80728372} - E:\HiSuiteDownLoader.exe HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {ba87168b-ccde-11e9-a63f-94de80728372} - E:\HiSuiteDownLoader.exe HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {ce24eea9-acde-11e8-9206-94de80728372} - E:\HiSuiteDownLoader.exe HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {ce24eeb1-acde-11e8-9206-94de80728372} - E:\HiSuiteDownLoader.exe HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {e03ea406-772a-11e9-b928-94de80728372} - E:\HiSuiteDownLoader.exe HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-21] (Microsoft Windows -> Microsoft Corporation) Task: {38D9F871-2514-49AF-AE3E-DB4903A7F775} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\2 => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe Task: {813A7E4E-EFEB-48CD-952C-FD9DB88A6F09} - System32\Tasks\{39B5C276-1A9D-43B4-8C12-7172F9BB81B3} => C:\Windows\system32\pcalua.exe -a G:\Stažené\AirDroid\AirDroid.exe -d G:\Stažené\AirDroid Task: {ED00AC10-3D0C-457C-80B9-C4CBA73C47EE} - System32\Tasks\{3E3ECA1A-4F65-48F5-B46C-FF824D3A4D51} => C:\Windows\system32\pcalua.exe -a C:\Users\pc\AppData\Local\Temp\Temp1_marioforever.zip\MarioForever.exe <==== ATTENTION SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> No File ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> No File ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers6: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File ContextMenuHandlers6: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File AlternateDataStreams: C:\Users\pc\Desktop\kreditní karta.jpeg:3or4kl4x13tuuug3Byamue2s4b [83] AlternateDataStreams: C:\Users\pc\Desktop\kreditní karta.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0] Hosts: EmptyTemp: End - Klikni na Subor a potom na Ulozit
- Vpravo dole vyber kodovanie Unicode
- Subor uloz na plochu s nazvom fixlist.txt
- Spusti znovu FRST a klikni na Fix
- Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
- Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Kontrola
Fix result of Farbar Recovery Scan Tool (x64) Version: 02-02-2020 02
Ran by pc (11-02-2020 09:20:08) Run:1
Running from C:\Users\pc\Desktop
Loaded Profiles: pc (Available Profiles: pc)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {3be12e9e-e065-11e8-8899-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {6f577b62-20aa-11e9-9be8-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {b58a395e-d9ec-11e8-955c-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {b58a3966-d9ec-11e8-955c-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {ba87168b-ccde-11e9-a63f-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {ce24eea9-acde-11e8-9206-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {ce24eeb1-acde-11e8-9206-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {e03ea406-772a-11e9-b928-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Task: {38D9F871-2514-49AF-AE3E-DB4903A7F775} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\2 => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe
Task: {813A7E4E-EFEB-48CD-952C-FD9DB88A6F09} - System32\Tasks\{39B5C276-1A9D-43B4-8C12-7172F9BB81B3} => C:\Windows\system32\pcalua.exe -a G:\Stažené\AirDroid\AirDroid.exe -d G:\Stažené\AirDroid
Task: {ED00AC10-3D0C-457C-80B9-C4CBA73C47EE} - System32\Tasks\{3E3ECA1A-4F65-48F5-B46C-FF824D3A4D51} => C:\Windows\system32\pcalua.exe -a C:\Users\pc\AppData\Local\Temp\Temp1_marioforever.zip\MarioForever.exe <==== ATTENTION
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> No File
ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
AlternateDataStreams: C:\Users\pc\Desktop\kreditní karta.jpeg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\pc\Desktop\kreditní karta.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========
Count : 432
Average :
Sum : 556153478
Maximum :
Minimum :
Property : Length
========= End of Powershell: =========
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3be12e9e-e065-11e8-8899-94de80728372} => removed successfully
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6f577b62-20aa-11e9-9be8-94de80728372} => removed successfully
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b58a395e-d9ec-11e8-955c-94de80728372} => removed successfully
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b58a3966-d9ec-11e8-955c-94de80728372} => removed successfully
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ba87168b-ccde-11e9-a63f-94de80728372} => removed successfully
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ce24eea9-acde-11e8-9206-94de80728372} => removed successfully
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ce24eeb1-acde-11e8-9206-94de80728372} => removed successfully
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e03ea406-772a-11e9-b928-94de80728372} => removed successfully
"HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\Control Panel\Desktop\\SCRNSAVE.EXE" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{38D9F871-2514-49AF-AE3E-DB4903A7F775}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{38D9F871-2514-49AF-AE3E-DB4903A7F775}" => removed successfully
C:\Windows\System32\Tasks\Avira\System Speedup\Delayed Startup\All users\2 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avira\System Speedup\Delayed Startup\All users\2" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{813A7E4E-EFEB-48CD-952C-FD9DB88A6F09}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{813A7E4E-EFEB-48CD-952C-FD9DB88A6F09}" => removed successfully
C:\Windows\System32\Tasks\{39B5C276-1A9D-43B4-8C12-7172F9BB81B3} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{39B5C276-1A9D-43B4-8C12-7172F9BB81B3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ED00AC10-3D0C-457C-80B9-C4CBA73C47EE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ED00AC10-3D0C-457C-80B9-C4CBA73C47EE}" => removed successfully
C:\Windows\System32\Tasks\{3E3ECA1A-4F65-48F5-B46C-FF824D3A4D51} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3E3ECA1A-4F65-48F5-B46C-FF824D3A4D51}" => removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SHAREit.FileContextMenuExt => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32 => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\SHAREit.FileContextMenuExt => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32 => removed successfully
C:\Users\pc\Desktop\kreditní karta.jpeg => ":3or4kl4x13tuuug3Byamue2s4b" ADS removed successfully
C:\Users\pc\Desktop\kreditní karta.jpeg => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS removed successfully
Could not move "C:\Windows\System32\Drivers\etc\hosts" => Scheduled to move on reboot.
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 6198251 B
Java, Flash, Steam htmlcache => 1415 B
Windows/system/drivers => 26046 B
Edge => 0 B
Chrome => 148146 B
Firefox => 424871245 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 58631037 B
systemprofile32 => 60052454 B
LocalService => 60184698 B
NetworkService => 60250926 B
pc => 109540096 B
RecycleBin => 126545728 B
EmptyTemp: => 872.5 MB temporary data Removed.
================================
Ran by pc (11-02-2020 09:20:08) Run:1
Running from C:\Users\pc\Desktop
Loaded Profiles: pc (Available Profiles: pc)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {3be12e9e-e065-11e8-8899-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {6f577b62-20aa-11e9-9be8-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {b58a395e-d9ec-11e8-955c-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {b58a3966-d9ec-11e8-955c-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {ba87168b-ccde-11e9-a63f-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {ce24eea9-acde-11e8-9206-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {ce24eeb1-acde-11e8-9206-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {e03ea406-772a-11e9-b928-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Task: {38D9F871-2514-49AF-AE3E-DB4903A7F775} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\2 => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe
Task: {813A7E4E-EFEB-48CD-952C-FD9DB88A6F09} - System32\Tasks\{39B5C276-1A9D-43B4-8C12-7172F9BB81B3} => C:\Windows\system32\pcalua.exe -a G:\Stažené\AirDroid\AirDroid.exe -d G:\Stažené\AirDroid
Task: {ED00AC10-3D0C-457C-80B9-C4CBA73C47EE} - System32\Tasks\{3E3ECA1A-4F65-48F5-B46C-FF824D3A4D51} => C:\Windows\system32\pcalua.exe -a C:\Users\pc\AppData\Local\Temp\Temp1_marioforever.zip\MarioForever.exe <==== ATTENTION
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> No File
ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
AlternateDataStreams: C:\Users\pc\Desktop\kreditní karta.jpeg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\pc\Desktop\kreditní karta.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========
Count : 432
Average :
Sum : 556153478
Maximum :
Minimum :
Property : Length
========= End of Powershell: =========
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3be12e9e-e065-11e8-8899-94de80728372} => removed successfully
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6f577b62-20aa-11e9-9be8-94de80728372} => removed successfully
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b58a395e-d9ec-11e8-955c-94de80728372} => removed successfully
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b58a3966-d9ec-11e8-955c-94de80728372} => removed successfully
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ba87168b-ccde-11e9-a63f-94de80728372} => removed successfully
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ce24eea9-acde-11e8-9206-94de80728372} => removed successfully
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ce24eeb1-acde-11e8-9206-94de80728372} => removed successfully
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e03ea406-772a-11e9-b928-94de80728372} => removed successfully
"HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\Control Panel\Desktop\\SCRNSAVE.EXE" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{38D9F871-2514-49AF-AE3E-DB4903A7F775}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{38D9F871-2514-49AF-AE3E-DB4903A7F775}" => removed successfully
C:\Windows\System32\Tasks\Avira\System Speedup\Delayed Startup\All users\2 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avira\System Speedup\Delayed Startup\All users\2" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{813A7E4E-EFEB-48CD-952C-FD9DB88A6F09}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{813A7E4E-EFEB-48CD-952C-FD9DB88A6F09}" => removed successfully
C:\Windows\System32\Tasks\{39B5C276-1A9D-43B4-8C12-7172F9BB81B3} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{39B5C276-1A9D-43B4-8C12-7172F9BB81B3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ED00AC10-3D0C-457C-80B9-C4CBA73C47EE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ED00AC10-3D0C-457C-80B9-C4CBA73C47EE}" => removed successfully
C:\Windows\System32\Tasks\{3E3ECA1A-4F65-48F5-B46C-FF824D3A4D51} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3E3ECA1A-4F65-48F5-B46C-FF824D3A4D51}" => removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SHAREit.FileContextMenuExt => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32 => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\SHAREit.FileContextMenuExt => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32 => removed successfully
C:\Users\pc\Desktop\kreditní karta.jpeg => ":3or4kl4x13tuuug3Byamue2s4b" ADS removed successfully
C:\Users\pc\Desktop\kreditní karta.jpeg => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS removed successfully
Could not move "C:\Windows\System32\Drivers\etc\hosts" => Scheduled to move on reboot.
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 6198251 B
Java, Flash, Steam htmlcache => 1415 B
Windows/system/drivers => 26046 B
Edge => 0 B
Chrome => 148146 B
Firefox => 424871245 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 58631037 B
systemprofile32 => 60052454 B
LocalService => 60184698 B
NetworkService => 60250926 B
pc => 109540096 B
RecycleBin => 126545728 B
EmptyTemp: => 872.5 MB temporary data Removed.
================================
Re: Kontrola
OK. Ako to vyzera s PC? Su nejake problemy?
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Kontrola
Ahoj,teď při spuštění se objeví na chvíli bílá obrazovka a až pak,asi po 5 vteřinách, naběhne windows a když vypínám počítač,tak se objeví hláška,systém čeká na ukončení programů v pozadí.I když nemám nic zapnutého.Objeví se hláška TASK HOST WINDOWS a chce vynutit vypnutí.Hezký den Ti přeji.
Re: Kontrola
Task Host je legitimna sucast OS Windows. Na tej bielej obrazovke je vidno aj nejaky text? Objavuje sa po zapnuti PC a este predtym ako sa zacne spustat Windows? Spusti kontrolu integrity systemovych suborov:
- Otvor Start, napis "cmd" (bez uvodzoviek), klikni pravym tlacitkom mysi na Prikazovy riadok a klikni na Spustit ako spravca
- Skopiruj a spusti prikaz:
Kód: Vybrat vše
DISM.exe /Online /Cleanup-image /Restorehealth - Po dokonceni skopiruj a spusti druhy prikaz:
Kód: Vybrat vše
sfc /scannow - Po dokonceni obidvoch prikazov skopiruj a spusti tento prikaz:
Kód: Vybrat vše
findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >> "%userprofile%\desktop\sfcdetails.txt" && copy %windir%\logs\dism\dism.log %userprofile%\desktop\dism.txt - Na ploche sa vytvoria subory sfcdetails.txt a dism.txt, tieto subory zabal ho do archivu RAR alebo ZIP a posli ako prilohu k dalsiemu prispevku
- Restartuj PC a napis ako sa chova PC
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Kontrola
Ahoj,teď už nabíhá v mezích normy,ale vypíná asi 1 minutu.Vše je vypnuté,nevím,na jaké úlohy čeká a chce vypnout a vynutit ukončení.A opět problikne TASK HOST W.Při zadání prvního kódu mě to napsalo tohle:
Microsoft Windows [Verze 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. Všechna práva vyhrazena.
C:\Users\pc>DISM.exe /Online /Cleanup-image /Restorehealth
Nástroj Obsluha a správa bitových kopií
Verze: 6.1.7600.16385
Verze bitové kopie: 6.1.7600.16385
Chyba: 87
Možnost restorehealth není v tomto kontextu rozpoznána.
Další informace naleznete v nápovědě.
Soubor protokolu nástroje Obsluha a správa bitových kopií se nachází v C:\Window
s\Logs\DISM\dism.log.
Zbytek zasílám jako přílohu.
Microsoft Windows [Verze 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. Všechna práva vyhrazena.
C:\Users\pc>DISM.exe /Online /Cleanup-image /Restorehealth
Nástroj Obsluha a správa bitových kopií
Verze: 6.1.7600.16385
Verze bitové kopie: 6.1.7600.16385
Chyba: 87
Možnost restorehealth není v tomto kontextu rozpoznána.
Další informace naleznete v nápovědě.
Soubor protokolu nástroje Obsluha a správa bitových kopií se nachází v C:\Window
s\Logs\DISM\dism.log.
Zbytek zasílám jako přílohu.
Přispějete na provoz fóra?