VIRY.CZ

Prosím o kontrolu PC.Seká se a dlouze vypíná.Děkuji.

Ahoj

Zalozil si viac samostatnych tem, budeme pokracovat v tejto jednej. Log z FRST (v predchadzajucej teme) vsak nie je uplny. Vytvor logy z FRST este raz a posli ich (obidva) do tejto temy. Ak sa nezmestia do 1 prispevku (odpovede), mozes ich rozdelit do viacerych prispevkov

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-02-2020 02
Ran by pc (09-02-2020 18:06:52)
Running from C:\Users\pc\Desktop
Windows 7 Professional Service Pack 1 (X64) (2015-10-03 17:11:34)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3134211295-3072908730-4118665192-500 - Administrator - Disabled)
Guest (S-1-5-21-3134211295-3072908730-4118665192-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3134211295-3072908730-4118665192-1002 - Limited - Enabled)
pc (S-1-5-21-3134211295-3072908730-4118665192-1000 - Administrator - Enabled) => C:\Users\pc

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {8EAC8D5C-B3AA-95AA-3DF1-2845CDD09CBE}
AS: Avira Antivirus (Enabled - Up to date) {35CD6CB8-9590-9A24-0741-1337B657D603}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{55D55008-E5F6-47D6-B16F-B2A40D4D145F}) (Version: 6.2.1 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.314 - Adobe)
AirDroid 3.2.1.1 (HKLM-x32\...\AirDroid) (Version: 3.2.1.1 - Sand Studio)
Avira (HKLM-x32\...\{59bab6b1-f615-42c3-9614-8dc338ac8ed4}) (Version: 1.2.143.109 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{82B6E5B0-3F76-446B-9FDE-0200B5B36B37}) (Version: 1.2.143.109 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2001.1707 - Avira Operations GmbH & Co. KG)
Avira Home Guard (HKLM-x32\...\{B44A6ACF-D50A-4CAC-9A8E-246402BDC101}) (Version: 1.1.10.773 - Avira Operations GmbH & Co. KG)
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.31.4.26498 - Avira Operations GmbH & Co. KG)
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.0.22.7684 - Avira Operations GmbH & Co. KG)
Avira Software Updater (HKLM-x32\...\{3BEE2703-942D-401D-93E1-7950CCF54769}) (Version: 2.0.6.25416 - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.4.1.10871 - Avira Operations GmbH & Co. KG)
BrLauncher (HKLM-x32\...\{42D26B47-887C-45FC-BCAE-0BE485C5C0BB}) (Version: 2.0.11.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{190861E7-09C5-42D8-BB4B-0AFB234BCFC1}) (Version: 1.0.3.1 - Brother Industries Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{613ce488-8460-4831-ad3a-dd0b4c39fdaf}) (Version: 4.3.2.0 - Brother Industries, Ltd.)
Brother iPrint&Scan (HKLM-x32\...\{A7B27ABE-950F-48B4-B74F-F3F87C9E9BCD}) (Version: 4.3.2.0 - Brother Industries, Ltd.) Hidden
Brother Port Driver (HKLM-x32\...\{0F6B8799-05C1-44C3-B6BE-CAC670D40E4A}) (Version: 1.0.4.4 - Brother Industries Ltd.) Hidden
Brother Printer Driver (HKLM-x32\...\{113D31E0-0791-4654-9000-5F77221E99F7}) (Version: 1.4.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{F921362C-796E-4BC7-9385-86CED819E73D}) (Version: 1.0.22.1 - Brother Industries Ltd.) Hidden
BrSupportTools (HKLM-x32\...\{32F47565-84B1-42CC-B09A-4CDDD9A32F94}) (Version: 1.0.20.0 - Brother Industries Ltd.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
ControlCenter4 (HKLM-x32\...\{9091B952-8719-49C3-9CC7-6E20EC61081F}) (Version: 4.6.6.1 - Brother Industries, Ltd.) Hidden
ControlCenter4 CSDK (HKLM-x32\...\{FD8A9511-BFC9-43B5-BB75-9CEC0EA03CF0}) (Version: 4.6.1.1 - Brother Industries, Ltd.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Etron USB3.0 Host Controller (HKLM-x32\...\{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.118 - Etron Technology) Hidden
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.118 - Etron Technology)
Freemake Video Converter verze 4.1.10 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.10 - Mixbyte Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 9.1.0.300 - )
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.225 - Intel Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.6.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01590 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Mozilla Firefox 72.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 72.0.2 (x64 cs)) (Version: 72.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.2 - Mozilla)
NetworkRepairTool (HKLM-x32\...\{86E68F57-FAFE-4052-BDD4-3B90C38236AE}) (Version: 1.2.16.0 - Brother Industries, Ltd.) Hidden
Nuance PaperPort 14 (HKLM-x32\...\{24510774-4424-46C2-8FB7-5DE0C945ED2B}) (Version: 14.5.0006 - Nuance Communications, Inc.)
Nuance PDF Viewer SE (HKLM-x32\...\{D8151965-282B-4EB6-A3F1-68AB555D8423}) (Version: 7.20.3230 - Nuance Communications, Inc.)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0002 - Nuance Communications, Inc.)
Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.) Hidden
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
ScannerUtilityInstaller (HKLM-x32\...\{5B645FE2-19E9-4B15-B5B2-3D8766F6FA27}) (Version: 1.0.0.0 - Brother) Hidden
Scansoft PDF Professional (HKLM-x32\...\{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}) (Version: - ) Hidden
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype verze 8.44 (HKLM-x32\...\Skype_is1) (Version: 8.44 - Skype Technologies S.A.)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
SoftwareUpdateNotification (HKLM-x32\...\{34F12379-C924-41E6-921D-51C71217F58C}) (Version: 1.0.9.0 - Brother Industries, Ltd.) Hidden
StatusMonitor (HKLM-x32\...\{40578A7A-6E36-457F-A4F0-45BC37EB61FD}) (Version: 1.20.1.0 - Brother Insutries Ltd.) Hidden
UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden
VIA Platforma Ovladače zařízení (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WinPcap for Avira 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Domotz, Inc)
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3134211295-3072908730-4118665192-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-26] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> No File
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-11-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> No File
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2015-08-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-11-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) =============

2016-11-25 09:18 - 2016-11-25 09:18 - 000139264 _____ () [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2017-03-22 16:21 - 2018-01-18 14:39 - 000519168 _____ () [File not signed] C:\Program Files (x86)\Browny02\BrMonitor.dll
2016-10-04 13:25 - 2018-01-18 14:39 - 001720832 _____ () [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonWRes.dll
2019-08-17 10:09 - 2005-04-22 12:36 - 000143360 _____ () [File not signed] C:\Windows\system32\BrSNMP64.dll
2012-12-05 11:29 - 2012-12-05 11:29 - 004883456 _____ (BCGSoft Ltd) [File not signed] C:\Program Files (x86)\Nuance\PaperPort\BCGCBPRO1100u100.dll
2012-12-05 11:29 - 2012-12-05 11:29 - 000036864 _____ (Black Ice Software, Inc.) [File not signed] C:\Program Files (x86)\Nuance\PaperPort\blicectr.dll
2019-08-17 10:09 - 2016-11-01 10:27 - 000090112 _____ (Brother Industries, Ltd.) [File not signed] C:\Windows\system32\BrNetSti.dll
2008-12-03 20:05 - 2008-12-03 20:05 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2008-12-03 20:05 - 2008-12-03 20:05 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2015-10-04 07:59 - 2012-03-27 00:12 - 000073728 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
2016-07-14 12:50 - 2016-07-14 12:50 - 000112128 _____ (Microsoft Corporation) [File not signed] C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\pc\Desktop\kreditní karta.jpeg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\pc\Desktop\kreditní karta.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Skype\Phone\
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\pc\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\startupreg: BingSvc => C:\Users\pc\AppData\Local\Microsoft\BingSvc\BingSvc.exe
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: RealProtect => "C:\Program Files\McAfee\Real Protect\RealProtect.exe" --run
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [{7EDBE83D-A91B-43BA-B2B8-D3379401E632}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{34DBB26E-4D58-487E-8071-1E89F4B9C1F4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EB42A5AF-340B-4CF0-82B1-715623576B60}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F85EB37E-3D00-405E-BB93-4166EA6F8854}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C9060CA3-F841-490F-87AE-E71C9F03E470}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{735D1E0A-0536-4F60-A673-190D55ADC47D}] => (Allow) C:\Users\pc\AppData\Local\Apowersoft\Online Video Downloader\Online Video Downloader.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{488DA788-BD68-4843-9530-0F3BE5EBFC67}] => (Allow) C:\Users\pc\AppData\Local\Apowersoft\Online Video Downloader\Online Video Downloader.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{786D6B37-BCE4-435D-A2F0-D11B623C54AE}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C1FCEAEF-77A2-4F63-BCFF-82361175C1CF}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{15B84800-6EC2-4231-A6BC-0A3C9E670F4F}] => (Allow) LPort=54950
FirewallRules: [{8CEE420C-BB4C-4682-B9CB-EA3878D9C15E}] => (Allow) LPort=54955
FirewallRules: [{B3AB3542-EB6F-4DD2-B3AC-0C93D4394C2B}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{4CA5478B-23D0-4DF1-A4E1-F815B9753C5B}G:\stažené\airdroid\airdroid.exe] => (Allow) G:\stažené\airdroid\airdroid.exe (SAND STUDIO LIMITED -> Sand Studio)
FirewallRules: [UDP Query User{216FEFF5-1DB7-46B9-B7A6-13093D18DE17}G:\stažené\airdroid\airdroid.exe] => (Allow) G:\stažené\airdroid\airdroid.exe (SAND STUDIO LIMITED -> Sand Studio)
FirewallRules: [{F37C197D-03AA-4A55-8A36-7E39B32A5270}] => (Allow) C:\Program Files (x86)\Avira\Home Guard\Avira.HomeGuard.Service.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG;)
FirewallRules: [{C9260966-C2A7-45CF-B6D1-E3183F97AA90}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{968AAA3A-30B8-4440-B52A-02FE8432EF03}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{7AE1CB45-368E-4D0A-895C-7CF2CDF5D578}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{81FFBF36-BF95-4651-8764-CD11A76A3971}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

==================== Restore Points =========================

30-01-2020 18:46:15 Avira System Speedup Optimization
06-02-2020 12:18:21 Instalace balíčku ovladače zařízení: Phantom TAP-Windows Provider V9 Síťové adaptéry

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/09/2020 01:37:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/09/2020 01:37:45 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Broadcast Receiver Server...

Error: (02/09/2020 01:37:45 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Wait Workflow Commands request from device.

Error: (02/09/2020 01:37:45 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...

Error: (02/09/2020 01:37:45 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...

Error: (02/09/2020 01:37:44 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[1]: 192.168.0.102

Error: (02/09/2020 01:37:44 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[0]: fe80:7e65:9b0d:f57f%11

Error: (02/09/2020 01:37:44 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList.Length: 2


System errors:
=============
Error: (02/09/2020 01:38:44 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/09/2020 01:37:58 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\SYSTEM SID (S-1-5-18) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/09/2020 01:37:39 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Avira Home Guard bylo dosaženo časového limitu (30000 ms).

Error: (02/09/2020 01:36:26 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {3EB3C877-1F16-487C-9050-104DBCD66683} se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/09/2020 01:36:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.

Error: (02/09/2020 01:36:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.

Error: (02/09/2020 01:36:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.

Error: (02/09/2020 01:36:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.


==================== Memory info ===========================

BIOS: American Megatrends Inc. F11 08/21/2012
Motherboard: Gigabyte Technology Co., Ltd. H77-D3H
Processor: Intel(R) Core(TM) i3-3240 CPU @ 3.40GHz
Percentage of memory in use: 92%
Total physical RAM: 3983.69 MB
Available physical RAM: 311.27 MB
Total Virtual: 11981.83 MB
Available Virtual: 6162.65 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:247.82 GB) (Free:188.97 GB) NTFS
Drive g: (Nový svazek) (Fixed) (Total:683.59 GB) (Free:618.63 GB) NTFS

\\?\Volume{096315ba-69f0-11e5-8e97-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: F4EC8D8C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=247.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=683.6 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-02-2020 02
Ran by pc (administrator) on PC-PC (Gigabyte Technology Co., Ltd. To be filled by O.E.M.) (09-02-2020 18:05:39)
Running from C:\Users\pc\Desktop
Loaded Profiles: pc (Available Profiles: pc)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogRx.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Flexera Software LLC -> Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\agent.exe
(Flexera Software LLC -> Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Media Player\WMPDMC.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe
(Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe
(Mixbyte Inc -> ) C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(Mixbyte Inc -> Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Professional 7\PdfPro7Hook.exe
(VIA Technologies Inc. -> VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(VIA Technologies Inc. -> VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [4689072 2013-12-26] (VIA Technologies Inc. -> VIA)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [228136 2020-01-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [331368 2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [240512 2020-01-24] (Mixbyte Inc -> )
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {3be12e9e-e065-11e8-8899-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {6f577b62-20aa-11e9-9be8-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {b58a395e-d9ec-11e8-955c-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {b58a3966-d9ec-11e8-955c-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {ba87168b-ccde-11e9-a63f-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {ce24eea9-acde-11e8-9206-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {ce24eeb1-acde-11e8-9206-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {e03ea406-772a-11e9-b928-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-21] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-17] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0091C116-423E-4E9D-91AB-520A29AD3013} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\8 => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [146584 2017-11-07] (Brother Industries, Ltd. -> Brother Industries, Ltd.)
Task: {0E80CC8C-1851-40B8-A884-364354B665BF} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\4 => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2075480 2013-06-24] (Flexera Software LLC -> Flexera Software LLC.)
Task: {1550FB16-D3BF-4755-99CD-4F245004933A} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\5 => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [17600 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
Task: {1C3CC299-4A29-436B-80D6-94C519752F25} - System32\Tasks\Avira_Security_Update => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [226512 2020-01-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {2CF68739-9EEE-4CF4-92CA-42BFB82D7EB8} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\1 => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-27] (Intel Corporation -> Intel Corporation)
Task: {2D95AAD4-65AA-41D6-811B-536AD4C188D1} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\10 => C:\Windows\twain_32\Brimm17a\Common\TwDsUiLaunch.exe [86120 2018-11-14] (Microsoft Windows Hardware Compatibility Publisher -> )
Task: {31B19C4B-A9B3-46E4-B9F1-E4E9ED302EA7} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {38D9F871-2514-49AF-AE3E-DB4903A7F775} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\2 => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe
Task: {41D59C8D-DE44-41CB-98C3-7DE63726C449} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [331368 2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {4C9B1B25-2B48-4118-A740-2EE7FE836255} - System32\Tasks\EOSv3 Scheduler onTime => G:\Stažené 1\esetonlinescanner_csy.exe [8150840 2020-02-01] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {4F1E12C2-0FA5-491E-B743-5645CE8B346A} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2757672 2019-11-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {6C9BA513-4C14-4A1E-83D4-8F796017C7F1} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\7 => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [35648 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
Task: {813A7E4E-EFEB-48CD-952C-FD9DB88A6F09} - System32\Tasks\{39B5C276-1A9D-43B4-8C12-7172F9BB81B3} => C:\Windows\system32\pcalua.exe -a G:\Stažené\AirDroid\AirDroid.exe -d G:\Stažené\AirDroid
Task: {887A7CBA-37F7-4917-94E4-C4A1300F7DBC} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\6 => C:\Program Files (x86)\Nuance\PDF Professional 7\pdfpro7hook.exe [641864 2013-03-20] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
Task: {8890F42E-6F77-4566-8348-F487A126D1ED} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {9E0B7398-9FD4-4C16-9AAC-A0B0D319E75A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
Task: {B1B57EEC-9392-4DB5-A0EB-FF81F005A4F9} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\9 => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2976256 2018-01-19] (Brother Industries, Ltd.) [File not signed]
Task: {B6E80232-9734-447D-92AE-FD54FB893340} - System32\Tasks\EOSv3 Scheduler onLogOn => G:\Stažené 1\esetonlinescanner_csy.exe [8150840 2020-02-01] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {B9F45050-51C0-49F6-87F2-9134096B88CC} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_314_Plugin.exe [1457720 2020-01-14] (Adobe Inc. -> Adobe)
Task: {C155E00F-8A00-4E14-9291-0A2D32EC8C34} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\3 => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [3581952 2017-04-05] (Brother Industries, Ltd.) [File not signed]
Task: {C85FE6EB-C49D-4E66-87F1-A538531F6FA5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DD874520-290E-4969-9CCC-00F12511DF8D} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [27848432 2020-01-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG )
Task: {E0258D2F-8B8E-46AD-BA65-EDA1ADAE1466} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-09-12] (Google Inc -> Google Inc.)
Task: {ED00AC10-3D0C-457C-80B9-C4CBA73C47EE} - System32\Tasks\{3E3ECA1A-4F65-48F5-B46C-FF824D3A4D51} => C:\Windows\system32\pcalua.exe -a C:\Users\pc\AppData\Local\Temp\Temp1_marioforever.zip\MarioForever.exe <==== ATTENTION
Task: {F610E5AF-9CEA-47AF-BA55-27821F23A93A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-09-12] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8AD0EA77-6D2E-4116-BECC-986037DC3EC5}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\PlusIEContextMenu.dll [2011-06-30] (Zeon Corporation -> Zeon Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-08] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-08] (Oracle America, Inc. -> Oracle Corporation)

FireFox:
========
FF DefaultProfile: 957wrn3t.default-1444066114328
FF ProfilePath: C:\Users\pc\AppData\Roaming\TomTom\HOME\Profiles\96r80l69.default [2019-03-06]
FF ProfilePath: C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\957wrn3t.default-1444066114328 [2020-02-09]
FF DownloadDir: G:\Stažené 1
FF Homepage: Mozilla\Firefox\Profiles\957wrn3t.default-1444066114328 -> hxxps://www.seznam.cz/
FF Notifications: Mozilla\Firefox\Profiles\957wrn3t.default-1444066114328 -> hxxps://www.kupi.cz
FF Extension: (Plná Peněženka Lištička) - C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\957wrn3t.default-1444066114328\Extensions\@plnapenezenkacz-firefox-extension.xpi [2018-03-09]
FF Extension: (Seznam pro Firefox - Email) - C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\957wrn3t.default-1444066114328\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2017-10-25]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_314.dll [2020-01-14] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=3.0.8 -> G:\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_314.dll [2020-01-14] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Professional 7\bin\nppdf.dll [2011-07-15] (Zeon Corporation -> Zeon Corporation)

Chrome:
=======
CHR Profile: C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default [2020-02-09]
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Extension: (Prezentace) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-09-12]
CHR Extension: (Dokumenty) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-09-12]
CHR Extension: (YouTube) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-09-12]
CHR Extension: (Tabulky) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-09-12]
CHR Extension: (Avira Browser Safety) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2019-09-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-09-12]
CHR Extension: (Skype) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2019-09-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-09-12]
CHR Extension: (Gmail) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-09-12]
CHR Extension: (Chrome Media Router) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-12]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1210168 2019-12-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [484768 2019-11-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [484768 2019-11-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [574848 2020-01-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 Avira.HomeGuard; C:\Program Files (x86)\Avira\Home Guard\Avira.HomeGuard.Service.exe [32064 2019-04-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG;)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [617520 2020-01-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2989888 2020-01-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [380680 2020-01-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [240408 2020-01-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [150648 2019-12-23] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-01-18] (Brother Industries, Ltd.) [File not signed]
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [81280 2020-01-24] (Mixbyte Inc -> Freemake)
S3 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-10-22] (Huawei Technologies Co., Ltd. -> ) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation - pGFX -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
S3 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [77336 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [12288 2019-05-17] (Microsoft) [File not signed]
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2012-12-11] (VIA Technologies Inc. -> VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
R2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe [20480 2019-05-17] (Microsoft) [File not signed]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [68152 2019-06-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [222888 2019-12-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [175808 2019-09-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36072 2019-03-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2017-03-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R3 EtronHub3; C:\Windows\System32\Drivers\EtronHub3.sys [65408 2013-08-05] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
R3 EtronXHCI; C:\Windows\System32\Drivers\EtronXHCI.sys [94208 2013-08-05] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [18944 2018-10-22] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-10-22] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2013-07-18] (Qualcomm Atheros -> Qualcomm Atheros Co., Ltd.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2018-12-19] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 phantomtap; C:\Windows\System32\DRIVERS\phantomtap.sys [35664 2020-01-08] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [690864 2013-12-16] (VIA Technologies Inc. -> VIA Technologies, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-02-09 18:05 - 2020-02-09 18:06 - 000025918 _____ C:\Users\pc\Desktop\FRST.txt
2020-02-09 14:08 - 2020-02-09 18:06 - 000000000 ____D C:\FRST
2020-02-09 14:02 - 2020-02-09 14:02 - 002279424 _____ (Farbar) C:\Users\pc\Desktop\FRST64.exe
2020-02-09 13:35 - 2020-02-09 13:36 - 000171244 _____ C:\Windows\ntbtlog.txt
2020-02-09 09:55 - 2020-02-09 09:55 - 000000000 ____D C:\Users\pc\AppData\Local\FreemakeVideoConverter
2020-02-09 09:54 - 2020-02-09 09:55 - 000000000 ____D C:\Program Files (x86)\Freemake
2020-02-09 06:56 - 2020-02-09 06:56 - 000004706 _____ C:\Users\pc\Documents\cc_20200209_065611.reg
2020-02-01 23:06 - 2020-02-01 23:06 - 000000981 _____ C:\Users\pc\Desktop\adwcleaner_8.0.2 – zástupce.lnk
2020-02-01 21:55 - 2020-02-01 21:56 - 000000613 _____ C:\Users\pc\Desktop\ESET Online Scanner.lnk
2020-02-01 21:47 - 2020-02-01 21:49 - 000000000 ____D C:\AdwCleaner
2020-02-01 10:08 - 2020-02-01 10:08 - 000003680 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onLogOn
2020-02-01 10:08 - 2020-02-01 10:08 - 000003240 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onTime
2020-02-01 09:58 - 2020-02-01 09:58 - 000001026 _____ C:\Users\pc\Desktop\esetonlinescanner_csy – zástupce.lnk
2020-02-01 09:57 - 2020-02-01 09:57 - 000000000 ____D C:\Users\pc\AppData\Local\ESET
2020-01-30 18:38 - 2020-01-30 18:38 - 000000206 _____ C:\Users\pc\Documents\cc_20200130_183843.reg
2020-01-29 17:56 - 2020-01-29 17:56 - 000000000 ____D C:\Windows\system32\Tasks\Avira
2020-01-28 20:01 - 2020-01-28 20:01 - 000000000 ____D C:\Users\Public\Security Sessions
2020-01-28 19:51 - 2020-01-28 19:51 - 000003454 _____ C:\Windows\system32\Tasks\Avira_Security_Update
2020-01-28 19:50 - 2020-02-09 13:37 - 000000000 ____D C:\Users\Public\Speedup Sessions
2020-01-28 19:49 - 2020-01-31 18:08 - 000003662 _____ C:\Windows\system32\Tasks\AviraSystemSpeedupUpdate
2020-01-28 19:39 - 2020-01-28 19:39 - 000001116 _____ C:\Users\Public\Desktop\Avira.lnk
2020-01-28 19:39 - 2020-01-28 19:39 - 000001116 _____ C:\ProgramData\Desktop\Avira.lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-02-09 13:42 - 2009-07-14 05:45 - 000021504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-02-09 13:42 - 2009-07-14 05:45 - 000021504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-02-09 13:38 - 2016-11-20 09:50 - 000000000 ____D C:\Users\pc\AppData\LocalLow\Mozilla
2020-02-09 13:37 - 2016-01-24 11:37 - 000000000 __SHD C:\Users\pc\IntelGraphicsProfiles
2020-02-09 13:37 - 2015-10-05 19:11 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-02-09 13:36 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-02-09 09:55 - 2016-04-22 20:17 - 000001324 _____ C:\Users\Public\Desktop\Freemake Video Converter.lnk
2020-02-09 09:55 - 2016-04-22 20:17 - 000001324 _____ C:\ProgramData\Desktop\Freemake Video Converter.lnk
2020-02-09 09:55 - 2016-04-22 20:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2020-02-09 09:55 - 2016-04-22 20:17 - 000000000 ____D C:\ProgramData\Freemake
2020-02-09 06:57 - 2019-09-12 14:42 - 000002798 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-02-09 06:57 - 2019-09-12 14:41 - 000003390 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-02-09 06:57 - 2019-09-12 14:41 - 000003262 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-02-09 06:57 - 2019-02-24 14:00 - 000004518 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-02-09 06:57 - 2015-11-27 19:40 - 000003122 _____ C:\Windows\system32\Tasks\{3E3ECA1A-4F65-48F5-B46C-FF824D3A4D51}
2020-02-09 06:56 - 2015-10-05 18:29 - 000004478 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-02-08 11:38 - 2019-11-11 19:55 - 000000000 ____D C:\Users\pc\AppData\Roaming\vlc
2020-02-06 12:20 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2020-02-06 12:18 - 2015-10-04 16:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2020-02-05 01:48 - 2009-07-14 05:45 - 000027648 _____ C:\Windows\system32\umstartup.etl
2020-01-30 18:37 - 2015-12-23 17:26 - 000000000 ____D C:\Windows\Minidump
2020-01-30 17:34 - 2019-12-27 10:41 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-01-30 17:34 - 2015-10-04 16:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-01-29 17:55 - 2009-07-14 05:45 - 000413224 _____ C:\Windows\system32\FNTCACHE.DAT
2020-01-28 20:01 - 2016-03-20 12:24 - 000000000 ____D C:\Users\pc\AppData\Local\Avira
2020-01-28 19:51 - 2015-10-04 16:39 - 000000000 ____D C:\ProgramData\Avira
2020-01-28 19:51 - 2015-10-04 16:39 - 000000000 ____D C:\Program Files (x86)\Avira
2020-01-28 19:39 - 2015-10-04 16:39 - 000000000 ____D C:\ProgramData\Package Cache
2020-01-28 19:39 - 2015-10-04 07:24 - 000110088 _____ C:\Users\pc\AppData\Local\GDIPFONTCACHEV1.DAT
2020-01-17 09:39 - 2019-09-12 14:41 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-17 09:39 - 2019-09-12 14:41 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-01-17 09:39 - 2019-09-12 14:41 - 000002183 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-01-14 20:28 - 2015-10-05 19:11 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-01-14 20:28 - 2015-10-05 19:11 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-01-14 20:28 - 2015-10-05 19:11 - 000000000 ____D C:\Windows\system32\Macromed
2020-01-14 20:28 - 2015-10-05 18:25 - 000000000 ____D C:\Users\pc\AppData\Local\Adobe

==================== Files in the root of some directories ========

2017-12-25 13:48 - 2018-06-27 09:22 - 000000136 _____ () C:\Users\pc\AppData\Roaming\downloads.json
2016-01-05 17:12 - 2016-04-22 10:00 - 000004608 _____ () C:\Users\pc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-05-14 17:01 - 2018-12-01 16:50 - 000007605 _____ () C:\Users\pc\AppData\Local\resmon.resmoncfg
2016-08-05 20:15 - 2016-08-05 20:15 - 000032038 _____ () C:\Users\pc\AppData\Local\SquareClock.Production_Home_Siko_WebIcon.ico

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2020-02-07 08:13
==================== End of FRST.txt ========================

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

• Uloz na plochu a ukonci vsetky programy
• Spusti AdwCleaner ako spravca
• Odsuhlas licencne podmienky
• Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
• Nechaj zaskrtnute vsetky nalezy
• Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
• Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
• Otvori sa log, jeho obsah sem skopiruj

-------------------------------
# Malwarebytes AdwCleaner 8.0.2.0
# -------------------------------
# Build: 01-27-2020
# Database: 2020-01-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 02-09-2020
# Duration: 00:00:19
# OS: Windows 7 Professional
# Scanned: 34824
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [2976 octets] - [01/02/2020 21:49:08]
AdwCleaner[C00].txt - [2816 octets] - [01/02/2020 21:49:41]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########
Malwarebytes AdwCleaner 8.0.2.0
# -------------------------------
# Build: 01-27-2020
# Database: 2020-01-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-09-2020
# Duration: 00:00:12
# OS: Windows 7 Professional
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2976 octets] - [01/02/2020 21:49:08]
AdwCleaner[C00].txt - [2816 octets] - [01/02/2020 21:49:41]
AdwCleaner[S01].txt - [1535 octets] - [09/02/2020 19:50:34]
AdwCleaner[S02].txt - [1596 octets] - [09/02/2020 19:51:01]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########

Poprosim o obidva nove logy z FRST.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-02-2020 02
Ran by pc (10-02-2020 12:33:44)
Running from C:\Users\pc\Desktop
Windows 7 Professional Service Pack 1 (X64) (2015-10-03 17:11:34)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3134211295-3072908730-4118665192-500 - Administrator - Disabled)
Guest (S-1-5-21-3134211295-3072908730-4118665192-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3134211295-3072908730-4118665192-1002 - Limited - Enabled)
pc (S-1-5-21-3134211295-3072908730-4118665192-1000 - Administrator - Enabled) => C:\Users\pc

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {8EAC8D5C-B3AA-95AA-3DF1-2845CDD09CBE}
AS: Avira Antivirus (Enabled - Up to date) {35CD6CB8-9590-9A24-0741-1337B657D603}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{55D55008-E5F6-47D6-B16F-B2A40D4D145F}) (Version: 6.2.1 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.314 - Adobe)
AirDroid 3.2.1.1 (HKLM-x32\...\AirDroid) (Version: 3.2.1.1 - Sand Studio)
Avira (HKLM-x32\...\{59bab6b1-f615-42c3-9614-8dc338ac8ed4}) (Version: 1.2.143.109 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{82B6E5B0-3F76-446B-9FDE-0200B5B36B37}) (Version: 1.2.143.109 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2001.1707 - Avira Operations GmbH & Co. KG)
Avira Home Guard (HKLM-x32\...\{B44A6ACF-D50A-4CAC-9A8E-246402BDC101}) (Version: 1.1.10.773 - Avira Operations GmbH & Co. KG)
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.31.4.26498 - Avira Operations GmbH & Co. KG)
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.0.22.7684 - Avira Operations GmbH & Co. KG)
Avira Software Updater (HKLM-x32\...\{3BEE2703-942D-401D-93E1-7950CCF54769}) (Version: 2.0.6.25416 - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.4.1.10871 - Avira Operations GmbH & Co. KG)
BrLauncher (HKLM-x32\...\{42D26B47-887C-45FC-BCAE-0BE485C5C0BB}) (Version: 2.0.11.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{190861E7-09C5-42D8-BB4B-0AFB234BCFC1}) (Version: 1.0.3.1 - Brother Industries Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{613ce488-8460-4831-ad3a-dd0b4c39fdaf}) (Version: 4.3.2.0 - Brother Industries, Ltd.)
Brother iPrint&Scan (HKLM-x32\...\{A7B27ABE-950F-48B4-B74F-F3F87C9E9BCD}) (Version: 4.3.2.0 - Brother Industries, Ltd.) Hidden
Brother Port Driver (HKLM-x32\...\{0F6B8799-05C1-44C3-B6BE-CAC670D40E4A}) (Version: 1.0.4.4 - Brother Industries Ltd.) Hidden
Brother Printer Driver (HKLM-x32\...\{113D31E0-0791-4654-9000-5F77221E99F7}) (Version: 1.4.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{F921362C-796E-4BC7-9385-86CED819E73D}) (Version: 1.0.22.1 - Brother Industries Ltd.) Hidden
BrSupportTools (HKLM-x32\...\{32F47565-84B1-42CC-B09A-4CDDD9A32F94}) (Version: 1.0.20.0 - Brother Industries Ltd.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
ControlCenter4 (HKLM-x32\...\{9091B952-8719-49C3-9CC7-6E20EC61081F}) (Version: 4.6.6.1 - Brother Industries, Ltd.) Hidden
ControlCenter4 CSDK (HKLM-x32\...\{FD8A9511-BFC9-43B5-BB75-9CEC0EA03CF0}) (Version: 4.6.1.1 - Brother Industries, Ltd.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Etron USB3.0 Host Controller (HKLM-x32\...\{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.118 - Etron Technology) Hidden
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.118 - Etron Technology)
Freemake Video Converter verze 4.1.10 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.10 - Mixbyte Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 9.1.0.300 - )
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.225 - Intel Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.6.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01590 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Mozilla Firefox 72.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 72.0.2 (x64 cs)) (Version: 72.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.2 - Mozilla)
NetworkRepairTool (HKLM-x32\...\{86E68F57-FAFE-4052-BDD4-3B90C38236AE}) (Version: 1.2.16.0 - Brother Industries, Ltd.) Hidden
Nuance PaperPort 14 (HKLM-x32\...\{24510774-4424-46C2-8FB7-5DE0C945ED2B}) (Version: 14.5.0006 - Nuance Communications, Inc.)
Nuance PDF Viewer SE (HKLM-x32\...\{D8151965-282B-4EB6-A3F1-68AB555D8423}) (Version: 7.20.3230 - Nuance Communications, Inc.)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0002 - Nuance Communications, Inc.)
Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.) Hidden
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
ScannerUtilityInstaller (HKLM-x32\...\{5B645FE2-19E9-4B15-B5B2-3D8766F6FA27}) (Version: 1.0.0.0 - Brother) Hidden
Scansoft PDF Professional (HKLM-x32\...\{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}) (Version: - ) Hidden
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype verze 8.44 (HKLM-x32\...\Skype_is1) (Version: 8.44 - Skype Technologies S.A.)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
SoftwareUpdateNotification (HKLM-x32\...\{34F12379-C924-41E6-921D-51C71217F58C}) (Version: 1.0.9.0 - Brother Industries, Ltd.) Hidden
StatusMonitor (HKLM-x32\...\{40578A7A-6E36-457F-A4F0-45BC37EB61FD}) (Version: 1.20.1.0 - Brother Insutries Ltd.) Hidden
UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden
VIA Platforma Ovladače zařízení (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WinPcap for Avira 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Domotz, Inc)
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3134211295-3072908730-4118665192-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-26] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> No File
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-11-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> No File
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2015-08-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-11-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) =============

2016-11-25 09:18 - 2016-11-25 09:18 - 000139264 _____ () [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2017-03-22 16:21 - 2018-01-18 14:39 - 000519168 _____ () [File not signed] C:\Program Files (x86)\Browny02\BrMonitor.dll
2016-10-04 13:25 - 2018-01-18 14:39 - 001720832 _____ () [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonWRes.dll
2019-08-17 10:09 - 2005-04-22 12:36 - 000143360 _____ () [File not signed] C:\Windows\system32\BrSNMP64.dll
2012-12-05 11:29 - 2012-12-05 11:29 - 004883456 _____ (BCGSoft Ltd) [File not signed] C:\Program Files (x86)\Nuance\PaperPort\BCGCBPRO1100u100.dll
2012-12-05 11:29 - 2012-12-05 11:29 - 000036864 _____ (Black Ice Software, Inc.) [File not signed] C:\Program Files (x86)\Nuance\PaperPort\blicectr.dll
2019-08-17 10:09 - 2016-11-01 10:27 - 000090112 _____ (Brother Industries, Ltd.) [File not signed] C:\Windows\system32\BrNetSti.dll
2008-12-03 20:05 - 2008-12-03 20:05 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2008-12-03 20:05 - 2008-12-03 20:05 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2015-10-04 07:59 - 2012-03-27 00:12 - 000073728 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
2016-07-14 12:50 - 2016-07-14 12:50 - 000112128 _____ (Microsoft Corporation) [File not signed] C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\pc\Desktop\kreditní karta.jpeg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\pc\Desktop\kreditní karta.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Skype\Phone\
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\pc\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\startupreg: BingSvc => C:\Users\pc\AppData\Local\Microsoft\BingSvc\BingSvc.exe
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: RealProtect => "C:\Program Files\McAfee\Real Protect\RealProtect.exe" --run
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [{7EDBE83D-A91B-43BA-B2B8-D3379401E632}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{34DBB26E-4D58-487E-8071-1E89F4B9C1F4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EB42A5AF-340B-4CF0-82B1-715623576B60}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F85EB37E-3D00-405E-BB93-4166EA6F8854}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C9060CA3-F841-490F-87AE-E71C9F03E470}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{735D1E0A-0536-4F60-A673-190D55ADC47D}] => (Allow) C:\Users\pc\AppData\Local\Apowersoft\Online Video Downloader\Online Video Downloader.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{488DA788-BD68-4843-9530-0F3BE5EBFC67}] => (Allow) C:\Users\pc\AppData\Local\Apowersoft\Online Video Downloader\Online Video Downloader.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{786D6B37-BCE4-435D-A2F0-D11B623C54AE}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C1FCEAEF-77A2-4F63-BCFF-82361175C1CF}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{15B84800-6EC2-4231-A6BC-0A3C9E670F4F}] => (Allow) LPort=54950
FirewallRules: [{8CEE420C-BB4C-4682-B9CB-EA3878D9C15E}] => (Allow) LPort=54955
FirewallRules: [{B3AB3542-EB6F-4DD2-B3AC-0C93D4394C2B}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{4CA5478B-23D0-4DF1-A4E1-F815B9753C5B}G:\stažené\airdroid\airdroid.exe] => (Allow) G:\stažené\airdroid\airdroid.exe (SAND STUDIO LIMITED -> Sand Studio)
FirewallRules: [UDP Query User{216FEFF5-1DB7-46B9-B7A6-13093D18DE17}G:\stažené\airdroid\airdroid.exe] => (Allow) G:\stažené\airdroid\airdroid.exe (SAND STUDIO LIMITED -> Sand Studio)
FirewallRules: [{F37C197D-03AA-4A55-8A36-7E39B32A5270}] => (Allow) C:\Program Files (x86)\Avira\Home Guard\Avira.HomeGuard.Service.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG;)
FirewallRules: [{C9260966-C2A7-45CF-B6D1-E3183F97AA90}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{7B2A393E-7123-4D46-9524-7B81D58B7F53}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{845EB30E-3A6B-42E6-A202-238CD85CC5CE}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{1D66E9A1-EB93-467D-8313-23069DC895C3}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

==================== Restore Points =========================

30-01-2020 18:46:15 Avira System Speedup Optimization
06-02-2020 12:18:21 Instalace balíčku ovladače zařízení: Phantom TAP-Windows Provider V9 Síťové adaptéry

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/10/2020 12:27:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/10/2020 12:27:04 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Broadcast Receiver Server...

Error: (02/10/2020 12:27:04 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Wait Workflow Commands request from device.

Error: (02/10/2020 12:27:04 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...

Error: (02/10/2020 12:27:04 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...

Error: (02/10/2020 12:27:04 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[1]: 192.168.0.102

Error: (02/10/2020 12:27:04 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[0]: fe80:7e65:9b0d:f57f%11

Error: (02/10/2020 12:27:04 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList.Length: 2


System errors:
=============
Error: (02/10/2020 12:28:03 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/10/2020 12:27:19 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\SYSTEM SID (S-1-5-18) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/10/2020 12:26:59 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Avira Home Guard bylo dosaženo časového limitu (30000 ms).

Error: (02/10/2020 10:55:30 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/10/2020 10:54:46 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\SYSTEM SID (S-1-5-18) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/10/2020 10:54:26 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Avira Home Guard bylo dosaženo časového limitu (30000 ms).

Error: (02/09/2020 07:55:57 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/09/2020 07:55:19 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\SYSTEM SID (S-1-5-18) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


==================== Memory info ===========================

BIOS: American Megatrends Inc. F11 08/21/2012
Motherboard: Gigabyte Technology Co., Ltd. H77-D3H
Processor: Intel(R) Core(TM) i3-3240 CPU @ 3.40GHz
Percentage of memory in use: 90%
Total physical RAM: 3983.69 MB
Available physical RAM: 375.82 MB
Total Virtual: 11981.83 MB
Available Virtual: 7068.54 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:247.82 GB) (Free:188.74 GB) NTFS
Drive g: (Nový svazek) (Fixed) (Total:683.59 GB) (Free:622.96 GB) NTFS

\\?\Volume{096315ba-69f0-11e5-8e97-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: F4EC8D8C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=247.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=683.6 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-02-2020 02
Ran by pc (administrator) on PC-PC (Gigabyte Technology Co., Ltd. To be filled by O.E.M.) (10-02-2020 12:30:56)
Running from C:\Users\pc\Desktop
Loaded Profiles: pc (Available Profiles: pc)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogRx.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Flexera Software LLC -> Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\agent.exe
(Flexera Software LLC -> Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe
(Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Professional 7\PdfPro7Hook.exe
(VIA Technologies Inc. -> VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(VIA Technologies Inc. -> VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [4689072 2013-12-26] (VIA Technologies Inc. -> VIA)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [228136 2020-01-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [331368 2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {3be12e9e-e065-11e8-8899-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {6f577b62-20aa-11e9-9be8-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {b58a395e-d9ec-11e8-955c-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {b58a3966-d9ec-11e8-955c-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {ba87168b-ccde-11e9-a63f-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {ce24eea9-acde-11e8-9206-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {ce24eeb1-acde-11e8-9206-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {e03ea406-772a-11e9-b928-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-21] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-17] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0091C116-423E-4E9D-91AB-520A29AD3013} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\8 => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [146584 2017-11-07] (Brother Industries, Ltd. -> Brother Industries, Ltd.)
Task: {0E80CC8C-1851-40B8-A884-364354B665BF} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\4 => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2075480 2013-06-24] (Flexera Software LLC -> Flexera Software LLC.)
Task: {1550FB16-D3BF-4755-99CD-4F245004933A} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\5 => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [17600 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
Task: {1C3CC299-4A29-436B-80D6-94C519752F25} - System32\Tasks\Avira_Security_Update => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [226512 2020-01-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {2CF68739-9EEE-4CF4-92CA-42BFB82D7EB8} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\1 => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-27] (Intel Corporation -> Intel Corporation)
Task: {2D95AAD4-65AA-41D6-811B-536AD4C188D1} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\10 => C:\Windows\twain_32\Brimm17a\Common\TwDsUiLaunch.exe [86120 2018-11-14] (Microsoft Windows Hardware Compatibility Publisher -> )
Task: {31B19C4B-A9B3-46E4-B9F1-E4E9ED302EA7} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {38D9F871-2514-49AF-AE3E-DB4903A7F775} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\2 => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe
Task: {41D59C8D-DE44-41CB-98C3-7DE63726C449} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [331368 2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {4C9B1B25-2B48-4118-A740-2EE7FE836255} - System32\Tasks\EOSv3 Scheduler onTime => G:\Stažené 1\esetonlinescanner_csy.exe [8150840 2020-02-01] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {4F1E12C2-0FA5-491E-B743-5645CE8B346A} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2757672 2019-11-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {6C9BA513-4C14-4A1E-83D4-8F796017C7F1} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\7 => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [35648 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
Task: {813A7E4E-EFEB-48CD-952C-FD9DB88A6F09} - System32\Tasks\{39B5C276-1A9D-43B4-8C12-7172F9BB81B3} => C:\Windows\system32\pcalua.exe -a G:\Stažené\AirDroid\AirDroid.exe -d G:\Stažené\AirDroid
Task: {887A7CBA-37F7-4917-94E4-C4A1300F7DBC} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\6 => C:\Program Files (x86)\Nuance\PDF Professional 7\pdfpro7hook.exe [641864 2013-03-20] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
Task: {8890F42E-6F77-4566-8348-F487A126D1ED} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {9E0B7398-9FD4-4C16-9AAC-A0B0D319E75A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
Task: {B1B57EEC-9392-4DB5-A0EB-FF81F005A4F9} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\9 => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2976256 2018-01-19] (Brother Industries, Ltd.) [File not signed]
Task: {B6E80232-9734-447D-92AE-FD54FB893340} - System32\Tasks\EOSv3 Scheduler onLogOn => G:\Stažené 1\esetonlinescanner_csy.exe [8150840 2020-02-01] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {B9F45050-51C0-49F6-87F2-9134096B88CC} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_314_Plugin.exe [1457720 2020-01-14] (Adobe Inc. -> Adobe)
Task: {C155E00F-8A00-4E14-9291-0A2D32EC8C34} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\3 => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [3581952 2017-04-05] (Brother Industries, Ltd.) [File not signed]
Task: {C85FE6EB-C49D-4E66-87F1-A538531F6FA5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DD874520-290E-4969-9CCC-00F12511DF8D} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [27848432 2020-01-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG )
Task: {E0258D2F-8B8E-46AD-BA65-EDA1ADAE1466} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-09-12] (Google Inc -> Google Inc.)
Task: {ED00AC10-3D0C-457C-80B9-C4CBA73C47EE} - System32\Tasks\{3E3ECA1A-4F65-48F5-B46C-FF824D3A4D51} => C:\Windows\system32\pcalua.exe -a C:\Users\pc\AppData\Local\Temp\Temp1_marioforever.zip\MarioForever.exe <==== ATTENTION
Task: {F610E5AF-9CEA-47AF-BA55-27821F23A93A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-09-12] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8AD0EA77-6D2E-4116-BECC-986037DC3EC5}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\PlusIEContextMenu.dll [2011-06-30] (Zeon Corporation -> Zeon Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-08] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-08] (Oracle America, Inc. -> Oracle Corporation)

FireFox:
========
FF DefaultProfile: 957wrn3t.default-1444066114328
FF ProfilePath: C:\Users\pc\AppData\Roaming\TomTom\HOME\Profiles\96r80l69.default [2019-03-06]
FF ProfilePath: C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\957wrn3t.default-1444066114328 [2020-02-10]
FF DownloadDir: G:\Stažené 1
FF Homepage: Mozilla\Firefox\Profiles\957wrn3t.default-1444066114328 -> hxxps://www.seznam.cz/
FF Notifications: Mozilla\Firefox\Profiles\957wrn3t.default-1444066114328 -> hxxps://www.kupi.cz
FF Extension: (Plná Peněženka Lištička) - C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\957wrn3t.default-1444066114328\Extensions\@plnapenezenkacz-firefox-extension.xpi [2018-03-09]
FF Extension: (Seznam pro Firefox - Email) - C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\957wrn3t.default-1444066114328\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2017-10-25]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_314.dll [2020-01-14] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=3.0.8 -> G:\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_314.dll [2020-01-14] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Professional 7\bin\nppdf.dll [2011-07-15] (Zeon Corporation -> Zeon Corporation)

Chrome:
=======
CHR Profile: C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default [2020-02-10]
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Extension: (Prezentace) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-09-12]
CHR Extension: (Dokumenty) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-09-12]
CHR Extension: (YouTube) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-09-12]
CHR Extension: (Tabulky) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-09-12]
CHR Extension: (Avira Browser Safety) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2019-09-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-09-12]
CHR Extension: (Skype) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2019-09-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-09-12]
CHR Extension: (Gmail) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-09-12]
CHR Extension: (Chrome Media Router) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-12]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1210168 2019-12-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [484768 2019-11-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [484768 2019-11-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [574848 2020-01-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 Avira.HomeGuard; C:\Program Files (x86)\Avira\Home Guard\Avira.HomeGuard.Service.exe [32064 2019-04-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG;)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [617520 2020-01-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2989888 2020-01-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [380680 2020-01-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [240408 2020-01-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [150648 2019-12-23] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-01-18] (Brother Industries, Ltd.) [File not signed]
S3 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-10-22] (Huawei Technologies Co., Ltd. -> ) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation - pGFX -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
S3 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [77336 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [12288 2019-05-17] (Microsoft) [File not signed]
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2012-12-11] (VIA Technologies Inc. -> VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
R2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe [20480 2019-05-17] (Microsoft) [File not signed]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [68152 2019-06-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [222888 2019-12-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [175808 2019-09-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36072 2019-03-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2017-03-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R3 EtronHub3; C:\Windows\System32\Drivers\EtronHub3.sys [65408 2013-08-05] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
R3 EtronXHCI; C:\Windows\System32\Drivers\EtronXHCI.sys [94208 2013-08-05] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [18944 2018-10-22] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-10-22] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2013-07-18] (Qualcomm Atheros -> Qualcomm Atheros Co., Ltd.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2018-12-19] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 phantomtap; C:\Windows\System32\DRIVERS\phantomtap.sys [35664 2020-01-08] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [690864 2013-12-16] (VIA Technologies Inc. -> VIA Technologies, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-02-10 12:30 - 2020-02-10 12:31 - 000025075 _____ C:\Users\pc\Desktop\FRST.txt
2020-02-10 12:21 - 2020-02-10 12:21 - 002279424 _____ (Farbar) C:\Users\pc\Desktop\FRST64.exe
2020-02-09 19:49 - 2020-02-09 19:48 - 008356016 _____ (Malwarebytes) C:\Users\pc\Desktop\adwcleaner_8.0.2(2).exe
2020-02-09 18:59 - 2020-02-09 18:59 - 000000550 _____ C:\Users\pc\Desktop\6qpl9vu8 – zástupce.lnk
2020-02-09 18:27 - 2020-02-09 18:57 - 000000000 ____D C:\Users\pc\Doctor Web
2020-02-09 18:27 - 2020-02-09 18:27 - 000000000 ____D C:\ProgramData\Doctor Web
2020-02-09 14:08 - 2020-02-10 12:31 - 000000000 ____D C:\FRST
2020-02-09 13:35 - 2020-02-09 13:36 - 000171244 _____ C:\Windows\ntbtlog.txt
2020-02-09 09:55 - 2020-02-09 09:55 - 000000000 ____D C:\Users\pc\AppData\Local\FreemakeVideoConverter
2020-02-09 09:54 - 2020-02-09 09:55 - 000000000 ____D C:\Program Files (x86)\Freemake
2020-02-09 06:56 - 2020-02-09 06:56 - 000004706 _____ C:\Users\pc\Documents\cc_20200209_065611.reg
2020-02-01 23:06 - 2020-02-01 23:06 - 000000981 _____ C:\Users\pc\Desktop\adwcleaner_8.0.2 – zástupce.lnk
2020-02-01 21:55 - 2020-02-01 21:56 - 000000613 _____ C:\Users\pc\Desktop\ESET Online Scanner.lnk
2020-02-01 21:47 - 2020-02-01 21:49 - 000000000 ____D C:\AdwCleaner
2020-02-01 10:08 - 2020-02-01 10:08 - 000003680 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onLogOn
2020-02-01 10:08 - 2020-02-01 10:08 - 000003240 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onTime
2020-02-01 09:58 - 2020-02-01 09:58 - 000001026 _____ C:\Users\pc\Desktop\esetonlinescanner_csy – zástupce.lnk
2020-02-01 09:57 - 2020-02-01 09:57 - 000000000 ____D C:\Users\pc\AppData\Local\ESET
2020-01-30 18:38 - 2020-01-30 18:38 - 000000206 _____ C:\Users\pc\Documents\cc_20200130_183843.reg
2020-01-29 17:56 - 2020-01-29 17:56 - 000000000 ____D C:\Windows\system32\Tasks\Avira
2020-01-28 20:01 - 2020-01-28 20:01 - 000000000 ____D C:\Users\Public\Security Sessions
2020-01-28 19:51 - 2020-01-28 19:51 - 000003454 _____ C:\Windows\system32\Tasks\Avira_Security_Update
2020-01-28 19:50 - 2020-02-10 12:26 - 000000000 ____D C:\Users\Public\Speedup Sessions
2020-01-28 19:49 - 2020-01-31 18:08 - 000003662 _____ C:\Windows\system32\Tasks\AviraSystemSpeedupUpdate
2020-01-28 19:39 - 2020-01-28 19:39 - 000001116 _____ C:\Users\Public\Desktop\Avira.lnk
2020-01-28 19:39 - 2020-01-28 19:39 - 000001116 _____ C:\ProgramData\Desktop\Avira.lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-02-10 12:27 - 2016-11-20 09:50 - 000000000 ____D C:\Users\pc\AppData\LocalLow\Mozilla
2020-02-10 12:27 - 2016-01-24 11:37 - 000000000 __SHD C:\Users\pc\IntelGraphicsProfiles
2020-02-10 12:26 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-02-10 10:59 - 2009-07-14 05:45 - 000021504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-02-10 10:59 - 2009-07-14 05:45 - 000021504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-02-10 00:10 - 2015-10-03 18:11 - 000000000 ____D C:\Users\pc
2020-02-09 13:37 - 2015-10-05 19:11 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-02-09 09:55 - 2016-04-22 20:17 - 000001324 _____ C:\Users\Public\Desktop\Freemake Video Converter.lnk
2020-02-09 09:55 - 2016-04-22 20:17 - 000001324 _____ C:\ProgramData\Desktop\Freemake Video Converter.lnk
2020-02-09 09:55 - 2016-04-22 20:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2020-02-09 09:55 - 2016-04-22 20:17 - 000000000 ____D C:\ProgramData\Freemake
2020-02-09 06:57 - 2019-09-12 14:42 - 000002798 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-02-09 06:57 - 2019-09-12 14:41 - 000003390 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-02-09 06:57 - 2019-09-12 14:41 - 000003262 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-02-09 06:57 - 2019-02-24 14:00 - 000004518 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-02-09 06:57 - 2015-11-27 19:40 - 000003122 _____ C:\Windows\system32\Tasks\{3E3ECA1A-4F65-48F5-B46C-FF824D3A4D51}
2020-02-09 06:56 - 2015-10-05 18:29 - 000004478 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-02-08 11:38 - 2019-11-11 19:55 - 000000000 ____D C:\Users\pc\AppData\Roaming\vlc
2020-02-06 12:20 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2020-02-06 12:18 - 2015-10-04 16:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2020-02-05 01:48 - 2009-07-14 05:45 - 000027648 _____ C:\Windows\system32\umstartup.etl
2020-01-30 18:37 - 2015-12-23 17:26 - 000000000 ____D C:\Windows\Minidump
2020-01-30 17:34 - 2019-12-27 10:41 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-01-30 17:34 - 2015-10-04 16:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-01-29 17:55 - 2009-07-14 05:45 - 000413224 _____ C:\Windows\system32\FNTCACHE.DAT
2020-01-28 20:01 - 2016-03-20 12:24 - 000000000 ____D C:\Users\pc\AppData\Local\Avira
2020-01-28 19:51 - 2015-10-04 16:39 - 000000000 ____D C:\ProgramData\Avira
2020-01-28 19:51 - 2015-10-04 16:39 - 000000000 ____D C:\Program Files (x86)\Avira
2020-01-28 19:39 - 2015-10-04 16:39 - 000000000 ____D C:\ProgramData\Package Cache
2020-01-28 19:39 - 2015-10-04 07:24 - 000110088 _____ C:\Users\pc\AppData\Local\GDIPFONTCACHEV1.DAT
2020-01-17 09:39 - 2019-09-12 14:41 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-17 09:39 - 2019-09-12 14:41 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-01-17 09:39 - 2019-09-12 14:41 - 000002183 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-01-14 20:28 - 2015-10-05 19:11 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-01-14 20:28 - 2015-10-05 19:11 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-01-14 20:28 - 2015-10-05 19:11 - 000000000 ____D C:\Windows\system32\Macromed
2020-01-14 20:28 - 2015-10-05 18:25 - 000000000 ____D C:\Users\pc\AppData\Local\Adobe

==================== Files in the root of some directories ========

2017-12-25 13:48 - 2018-06-27 09:22 - 000000136 _____ () C:\Users\pc\AppData\Roaming\downloads.json
2016-01-05 17:12 - 2016-04-22 10:00 - 000004608 _____ () C:\Users\pc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-05-14 17:01 - 2018-12-01 16:50 - 000007605 _____ () C:\Users\pc\AppData\Local\resmon.resmoncfg
2016-08-05 20:15 - 2016-08-05 20:15 - 000032038 _____ () C:\Users\pc\AppData\Local\SquareClock.Production_Home_Siko_WebIcon.ico

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2020-02-07 08:13
==================== End of FRST.txt ========================

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
  HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {3be12e9e-e065-11e8-8899-94de80728372} - E:\HiSuiteDownLoader.exe
  HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {6f577b62-20aa-11e9-9be8-94de80728372} - E:\HiSuiteDownLoader.exe
  HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {b58a395e-d9ec-11e8-955c-94de80728372} - E:\HiSuiteDownLoader.exe
  HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {b58a3966-d9ec-11e8-955c-94de80728372} - E:\HiSuiteDownLoader.exe
  HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {ba87168b-ccde-11e9-a63f-94de80728372} - E:\HiSuiteDownLoader.exe
  HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {ce24eea9-acde-11e8-9206-94de80728372} - E:\HiSuiteDownLoader.exe
  HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {ce24eeb1-acde-11e8-9206-94de80728372} - E:\HiSuiteDownLoader.exe
  HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {e03ea406-772a-11e9-b928-94de80728372} - E:\HiSuiteDownLoader.exe
  HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-21] (Microsoft Windows -> Microsoft Corporation)
  Task: {38D9F871-2514-49AF-AE3E-DB4903A7F775} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\2 => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe
  Task: {813A7E4E-EFEB-48CD-952C-FD9DB88A6F09} - System32\Tasks\{39B5C276-1A9D-43B4-8C12-7172F9BB81B3} => C:\Windows\system32\pcalua.exe -a G:\Stažené\AirDroid\AirDroid.exe -d G:\Stažené\AirDroid
  Task: {ED00AC10-3D0C-457C-80B9-C4CBA73C47EE} - System32\Tasks\{3E3ECA1A-4F65-48F5-B46C-FF824D3A4D51} => C:\Windows\system32\pcalua.exe -a C:\Users\pc\AppData\Local\Temp\Temp1_marioforever.zip\MarioForever.exe <==== ATTENTION
  SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
  FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
  ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} =>  -> No File
  ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} =>  -> No File
  ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> No File
  ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} =>  -> No File
  ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
  ContextMenuHandlers6: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} =>  -> No File
  ContextMenuHandlers6: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> No File
  AlternateDataStreams: C:\Users\pc\Desktop\kreditní karta.jpeg:3or4kl4x13tuuug3Byamue2s4b [83]
  AlternateDataStreams: C:\Users\pc\Desktop\kreditní karta.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
  
  Hosts:
  EmptyTemp:
  End

• Klikni na Subor a potom na Ulozit
• Vpravo dole vyber kodovanie Unicode
• Subor uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Fix result of Farbar Recovery Scan Tool (x64) Version: 02-02-2020 02
Ran by pc (11-02-2020 09:20:08) Run:1
Running from C:\Users\pc\Desktop
Loaded Profiles: pc (Available Profiles: pc)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {3be12e9e-e065-11e8-8899-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {6f577b62-20aa-11e9-9be8-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {b58a395e-d9ec-11e8-955c-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {b58a3966-d9ec-11e8-955c-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {ba87168b-ccde-11e9-a63f-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {ce24eea9-acde-11e8-9206-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {ce24eeb1-acde-11e8-9206-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\...\MountPoints2: {e03ea406-772a-11e9-b928-94de80728372} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Task: {38D9F871-2514-49AF-AE3E-DB4903A7F775} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\2 => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe
Task: {813A7E4E-EFEB-48CD-952C-FD9DB88A6F09} - System32\Tasks\{39B5C276-1A9D-43B4-8C12-7172F9BB81B3} => C:\Windows\system32\pcalua.exe -a G:\Stažené\AirDroid\AirDroid.exe -d G:\Stažené\AirDroid
Task: {ED00AC10-3D0C-457C-80B9-C4CBA73C47EE} - System32\Tasks\{3E3ECA1A-4F65-48F5-B46C-FF824D3A4D51} => C:\Windows\system32\pcalua.exe -a C:\Users\pc\AppData\Local\Temp\Temp1_marioforever.zip\MarioForever.exe <==== ATTENTION
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> No File
ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
AlternateDataStreams: C:\Users\pc\Desktop\kreditní karta.jpeg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\pc\Desktop\kreditní karta.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 432
Average :
Sum : 556153478
Maximum :
Minimum :
Property : Length


========= End of Powershell: =========

HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3be12e9e-e065-11e8-8899-94de80728372} => removed successfully
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6f577b62-20aa-11e9-9be8-94de80728372} => removed successfully
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b58a395e-d9ec-11e8-955c-94de80728372} => removed successfully
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b58a3966-d9ec-11e8-955c-94de80728372} => removed successfully
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ba87168b-ccde-11e9-a63f-94de80728372} => removed successfully
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ce24eea9-acde-11e8-9206-94de80728372} => removed successfully
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ce24eeb1-acde-11e8-9206-94de80728372} => removed successfully
HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e03ea406-772a-11e9-b928-94de80728372} => removed successfully
"HKU\S-1-5-21-3134211295-3072908730-4118665192-1000\Control Panel\Desktop\\SCRNSAVE.EXE" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{38D9F871-2514-49AF-AE3E-DB4903A7F775}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{38D9F871-2514-49AF-AE3E-DB4903A7F775}" => removed successfully
C:\Windows\System32\Tasks\Avira\System Speedup\Delayed Startup\All users\2 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avira\System Speedup\Delayed Startup\All users\2" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{813A7E4E-EFEB-48CD-952C-FD9DB88A6F09}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{813A7E4E-EFEB-48CD-952C-FD9DB88A6F09}" => removed successfully
C:\Windows\System32\Tasks\{39B5C276-1A9D-43B4-8C12-7172F9BB81B3} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{39B5C276-1A9D-43B4-8C12-7172F9BB81B3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ED00AC10-3D0C-457C-80B9-C4CBA73C47EE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ED00AC10-3D0C-457C-80B9-C4CBA73C47EE}" => removed successfully
C:\Windows\System32\Tasks\{3E3ECA1A-4F65-48F5-B46C-FF824D3A4D51} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3E3ECA1A-4F65-48F5-B46C-FF824D3A4D51}" => removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SHAREit.FileContextMenuExt => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32 => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\SHAREit.FileContextMenuExt => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32 => removed successfully
C:\Users\pc\Desktop\kreditní karta.jpeg => ":3or4kl4x13tuuug3Byamue2s4b" ADS removed successfully
C:\Users\pc\Desktop\kreditní karta.jpeg => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS removed successfully
Could not move "C:\Windows\System32\Drivers\etc\hosts" => Scheduled to move on reboot.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 6198251 B
Java, Flash, Steam htmlcache => 1415 B
Windows/system/drivers => 26046 B
Edge => 0 B
Chrome => 148146 B
Firefox => 424871245 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 58631037 B
systemprofile32 => 60052454 B
LocalService => 60184698 B
NetworkService => 60250926 B
pc => 109540096 B

RecycleBin => 126545728 B
EmptyTemp: => 872.5 MB temporary data Removed.

================================

OK. Ako to vyzera s PC? Su nejake problemy?

Ahoj,teď při spuštění se objeví na chvíli bílá obrazovka a až pak,asi po 5 vteřinách, naběhne windows a když vypínám počítač,tak se objeví hláška,systém čeká na ukončení programů v pozadí.I když nemám nic zapnutého.Objeví se hláška TASK HOST WINDOWS a chce vynutit vypnutí.Hezký den Ti přeji.

Task Host je legitimna sucast OS Windows. Na tej bielej obrazovke je vidno aj nejaky text? Objavuje sa po zapnuti PC a este predtym ako sa zacne spustat Windows?

Spusti kontrolu integrity systemovych suborov:

• Otvor Start, napis "cmd" (bez uvodzoviek), klikni pravym tlacitkom mysi na Prikazovy riadok a klikni na Spustit ako spravca
• Skopiruj a spusti prikaz:

  Kód: Vybrat vše

  DISM.exe /Online /Cleanup-image /Restorehealth

• Po dokonceni skopiruj a spusti druhy prikaz:

  Kód: Vybrat vše

  sfc /scannow

• Po dokonceni obidvoch prikazov skopiruj a spusti tento prikaz:

  Kód: Vybrat vše

  findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >> "%userprofile%\desktop\sfcdetails.txt" && copy %windir%\logs\dism\dism.log %userprofile%\desktop\dism.txt

• Na ploche sa vytvoria subory sfcdetails.txt a dism.txt, tieto subory zabal ho do archivu RAR alebo ZIP a posli ako prilohu k dalsiemu prispevku
• Restartuj PC a napis ako sa chova PC

Ahoj,teď už nabíhá v mezích normy,ale vypíná asi 1 minutu.Vše je vypnuté,nevím,na jaké úlohy čeká a chce vypnout a vynutit ukončení.A opět problikne TASK HOST W.Při zadání prvního kódu mě to napsalo tohle:

Microsoft Windows [Verze 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. Všechna práva vyhrazena.

C:\Users\pc>DISM.exe /Online /Cleanup-image /Restorehealth

Nástroj Obsluha a správa bitových kopií
Verze: 6.1.7600.16385

Verze bitové kopie: 6.1.7600.16385


Chyba: 87

Možnost restorehealth není v tomto kontextu rozpoznána.
Další informace naleznete v nápovědě.

Soubor protokolu nástroje Obsluha a správa bitových kopií se nachází v C:\Window
s\Logs\DISM\dism.log.

Zbytek zasílám jako přílohu.