Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-06-2019
Ran by pitrisin (28-06-2019 14:12:15)
Running from C:\Users\pitrisin\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2012-07-21 16:15:07)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-647002321-1269518864-1427724268-500 - Administrator - Disabled)
Guest (S-1-5-21-647002321-1269518864-1427724268-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-647002321-1269518864-1427724268-1005 - Limited - Enabled)
pitrisin (S-1-5-21-647002321-1269518864-1427724268-1001 - Administrator - Enabled) => C:\Users\pitrisin

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Spybot - Search and Destroy (Enabled - Out of date) {A16C3F68-9280-E053-1818-342707FECF4D}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1.3M HD WebCam (HKLM-x32\...\{FC9B811E-39BC-4813-9E29-B83CCF700010}) (Version: 2.22.23.1 - Alcor)
7-Zip 19.00 (HKLM-x32\...\{23170F69-40C1-2701-1900-000001000000}) (Version: 19.00.00.0 - Igor Pavlov)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3502 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.273 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.6.0.248 - Adobe Systems Incorporated)
Adobe Dreamweaver CS6 (HKLM-x32\...\{A4ED5E53-7AA0-11E1-BF04-B2D4D4A5360E}) (Version: 12 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.171 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.171 - Adobe)
Adobe Flash Professional CC 2015 (HKLM-x32\...\{31390329-FFF0-11E4-85AD-AF2C4143F080}) (Version: 15.0 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.4.154 - Adobe Systems, Inc.)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Advertising Center (HKLM-x32\...\{B2EC4A38-B545-4A00-8214-13FE0E915E6D}) (Version:  - )
Aktualizace NVIDIA 31.0.11.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.0.11.0 - NVIDIA Corporation) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.5.2378 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 75.0.1447.80 - Autoři prohlížeče Avast Secure Browser)
AVG PC TuneUp 2014 (cs-CZ) (HKLM-x32\...\{7A8B5F7D-6736-4DC4-A7A5-223BE131EB34}) (Version: 14.0.1001.380 - AVG) Hidden
Battlefield 2(TM) (HKLM-x32\...\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}) (Version:  - )
Battlefield 2(TM) Demo (HKLM-x32\...\{8BECF123-B0EF-4E51-B7F3-923EFE15CC4A}) (Version:  - )
BF2Hub Client (HKLM-x32\...\bf2hub) (Version:  - BF2Hub Systems)
Blitz (HKU\S-1-5-21-647002321-1269518864-1427724268-1001\...\Blitz) (Version: 1.0.1 - Blitz Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.56 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.30.0 - Conexant)
Driver Booster 5 (HKLM-x32\...\Driver Booster_is1) (Version: 5.2.0 - IObit)
Fotogalerija Windows Live (HKLM-x32\...\{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (HKLM-x32\...\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (HKLM-x32\...\{4736B0ED-F6A1-48EC-A1B7-C053027648F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (HKLM-x32\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (HKLM-x32\...\{CB66242D-12B1-4494-82D2-6F53A7E024A3}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.100 - Google LLC)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Happy Cloud Client (HKU\S-1-5-21-647002321-1269518864-1427724268-1001\...\HappyCloud) (Version: 4.28 - Happy Cloud, Inc.)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418020F0}) (Version: 8.0.200 - Oracle Corporation)
Java 8 Update 201 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
LogMeIn Hamachi (HKLM-x32\...\{ECC0FA07-863E-44BC-8B1D-DA22F96E5FB7}) (Version: 2.2.0.633 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.633 - LogMeIn, Inc.)
Malwarebytes verze 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office XP Professional with FrontPage (HKLM-x32\...\{90280409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft PowerPoint 2010 Interactive Guide (HKLM-x32\...\{2C52AA7A-9445-4788-8605-51DEA1A6F387}) (Version: 1.2.1 - Microsoft)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Nero ControlCenter (HKLM-x32\...\{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}) (Version:  - )
Nero Installer (HKLM-x32\...\{E8A80433-302B-4FF1-815D-FCC8EAC482FF}) (Version:  - )
Nero Online Upgrade (HKLM-x32\...\{DBA84796-8503-4FF0-AF57-1747DD9A166D}) (Version:  - )
Nero StartSmart (HKLM-x32\...\{7748AC8C-18E3-43BB-959B-088FAEA16FB2}) (Version:  - )
Nero StartSmart OEM (HKLM-x32\...\{4D43D635-6FDA-4FA5-AA9B-23CF73D058EA}) (Version:  - )
neroxml (HKLM-x32\...\{56C049BE-79E9-4502-BEA7-9754A3E60F9B}) (Version:  - )
NVIDIA GeForce Experience 3.12.0.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.12.0.84 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
Ovládací panel NVIDIA 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 340.52 - NVIDIA Corporation) Hidden
Poczta usługi Windows Live (HKLM-x32\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (HKLM-x32\...\{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
Raccolta foto di Windows Live (HKLM-x32\...\{ED16B700-D91F-44B0-867C-7EB5253CA38D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Roblox Player for pitrisin (HKU\S-1-5-21-647002321-1269518864-1427724268-1001\...\roblox-player) (Version:  - Roblox Corporation)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Seznam Software (HKU\S-1-5-21-647002321-1269518864-1427724268-1001\...\SeznamInstall) (Version:  - Seznam.cz)
Shards of War (HKU\S-1-5-21-647002321-1269518864-1427724268-1001\...\1d128bf6-25c8-4b8a-bfa2-12b013ab230e_is1) (Version: 66173 - Bigpoint GmbH)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.93332 - TeamViewer)
Terraria (HKLM-x32\...\1207665503_is1) (Version: 2.7.0.9 - GOG.com)
The Logo Creator v5 (HKLM-x32\...\The Logo Creator v5) (Version:  - )
TuneUp Utilities 2013 (HKLM-x32\...\TuneUp Utilities 2013) (Version: 13.0.3020.6 - TuneUp Software)
VEGAS Pro 15.0 (HKLM\...\{E0F91FB0-7FC4-11E7-B8E9-95BE57594EAC}) (Version: 15.0.177 - VEGAS)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 5.7.6.0 - Azureus Software, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
WinHTTrack Website Copier 3.48-22 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.48.22 - HTTrack)
WinRAR 5.70 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Συλλογή φωτογραφιών του Windows Live (HKLM-x32\...\{C00C2A91-6CB3-483F-80B3-2958E29468F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (HKLM-x32\...\{E83DC314-C926-4214-AD58-147691D6FE9F}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (HKLM-x32\...\{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}) (Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (HKLM-x32\...\{77F69CA1-E53D-4D77-8BA3-FA07606CC851}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (HKLM-x32\...\{4444F27C-B1A8-464E-9486-4C37BAB39A09}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (HKLM-x32\...\{CE929F09-3853-4180-BD90-30764BFF7136}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (HKLM-x32\...\{0A4C4B29-5A9D-4910-A13C-B920D5758744}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (HKLM-x32\...\{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-647002321-1269518864-1427724268-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\pitrisin\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc -> Google Inc.)
CustomCLSID: HKU\S-1-5-21-647002321-1269518864-1427724268-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-647002321-1269518864-1427724268-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\pitrisin\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc -> Google Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_04.dll [2011-07-18] () [File not signed]
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll [2011-09-17] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} =>  -> No File
ContextMenuHandlers1: [Notepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_04.dll [2011-07-18] () [File not signed]
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\system32\IObitSmartDefragExtension.dll [2014-06-04] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [TuneUp Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} =>  -> No File
ContextMenuHandlers1: [UnLockerMenu] -> {A6FF0E3A-8437-482C-8E04-4F9E15C57538} =>  -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [EgisPSShellExt] -> {10F1EF27-B303-4efb-B5BA-8A728A6EA5F7} => C:\Program Files\Acer ProShield\EgisPSShellExt.dll [2011-06-05] (EGIS TECHNOLOGY INC. -> Egis Technology Inc. )
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll [2011-09-17] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2011-03-26] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2014-07-02] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} =>  -> No File
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\system32\IObitSmartDefragExtension.dll [2014-06-04] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [UnLockerMenu] -> {A6FF0E3A-8437-482C-8E04-4F9E15C57538} =>  -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

ShortcutWithArgument: C:\Users\pitrisin\AppData\Local\Google\Chrome\User Data\Spouštěč aplikací Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --show-app-list
ShortcutWithArgument: C:\Users\pitrisin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Spouštěč aplikací Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --show-app-list
ShortcutWithArgument: C:\Users\pitrisin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Spouštěč aplikací Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --show-app-list

==================== Loaded Modules (Whitelisted) ==============

2014-05-01 21:29 - 2014-05-01 21:29 - 000098304 _____ () [File not signed] C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2011-09-17 01:52 - 2011-09-17 01:52 - 000053920 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\AthCopyHook.dll
2017-04-28 15:59 - 2016-09-21 11:09 - 004088608 _____ (Safer-Networking Ltd. -> Safer-Networking Ltd.) [File not signed] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
2017-04-28 15:59 - 2016-11-24 11:34 - 000235984 _____ (Safer-Networking Ltd. -> Safer-Networking Ltd.) [File not signed] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData:NT [40]
AlternateDataStreams: C:\ProgramData:NT2 [322]
AlternateDataStreams: C:\Windows\System32:{4B9A1497-0817-47C4-9612-D6A1C53ACF57} [26]
AlternateDataStreams: C:\Users\All Users:NT [40]
AlternateDataStreams: C:\Users\All Users:NT2 [322]
AlternateDataStreams: C:\ProgramData\Application Data:NT [40]
AlternateDataStreams: C:\ProgramData\Application Data:NT2 [322]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [322]
AlternateDataStreams: C:\ProgramData\Temp:AD022376 [129]
AlternateDataStreams: C:\Users\pitrisin\Data aplikací:NT [40]
AlternateDataStreams: C:\Users\pitrisin\Data aplikací:NT2 [322]
AlternateDataStreams: C:\Users\pitrisin\AppData\Roaming:NT [40]
AlternateDataStreams: C:\Users\pitrisin\AppData\Roaming:NT2 [322]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7933 more sites.

IE restricted site: HKU\S-1-5-21-647002321-1269518864-1427724268-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-647002321-1269518864-1427724268-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-647002321-1269518864-1427724268-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-647002321-1269518864-1427724268-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-647002321-1269518864-1427724268-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-647002321-1269518864-1427724268-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-647002321-1269518864-1427724268-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-647002321-1269518864-1427724268-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-647002321-1269518864-1427724268-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-647002321-1269518864-1427724268-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-647002321-1269518864-1427724268-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-647002321-1269518864-1427724268-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-647002321-1269518864-1427724268-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-647002321-1269518864-1427724268-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-647002321-1269518864-1427724268-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-647002321-1269518864-1427724268-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-647002321-1269518864-1427724268-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-647002321-1269518864-1427724268-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-647002321-1269518864-1427724268-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-647002321-1269518864-1427724268-1001\...\1-se.com -> 1-se.com

There are 11470 more sites.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-05-01 09:19 - 2018-02-24 19:41 - 000453467 ____R C:\Windows\system32\drivers\etc\hosts

127.0.0.1	oscount.techsmith.com
127.0.0.1	activation.cloud.techsmith.com
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com

There are 15592 more lines.


2012-09-16 17:39 - 2019-06-28 13:29 - 000000437 _____ C:\Windows\system32\drivers\etc\hosts.ics

192.168.1.89 pitrisin-PC.mshome.net # 2024 6 5 21 7 30 46 685

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\Acer ProShield\;C:\Program Files\Acer ProShield\x86
HKU\S-1-5-21-647002321-1269518864-1427724268-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\pitrisin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AGSService => 2
MSCONFIG\Services: AtherosSvc => 2
MSCONFIG\Services: dofilter => 2
MSCONFIG\Services: EgisTec Service => 2
MSCONFIG\Services: EgisTec Ticket Service => 2
MSCONFIG\Services: FLEXnet Licensing Service => 3
MSCONFIG\Services: GfExperienceService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: IviRegMgr => 2
MSCONFIG\Services: Live Updater Service => 2
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: UNS => 2
MSCONFIG\Services: VMAuthdService => 2
MSCONFIG\Services: VMnetDHCP => 2
MSCONFIG\Services: VMwareHostd => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acer VCM.lnk => C:\Windows\pss\Acer VCM.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
MSCONFIG\startupreg: BackupManagerTray => "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
MSCONFIG\startupreg: BF2Hub Client => C:\Program Files (x86)\BF2Hub Client\bf2hub.exe
MSCONFIG\startupreg: BingSvc => C:\Users\pitrisin\AppData\Local\Microsoft\BingSvc\BingSvc.exe
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Clownfish => "C:\Program Files (x86)\Clownfish\Clownfish.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Facebook Update => "C:\Users\pitrisin\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: GarenaPlus => "C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe" -autolaunch
MSCONFIG\startupreg: Google Update => "C:\Users\pitrisin\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: Host Service => wscript "C:\Users\pitrisin\AppData\Local\Host Service\launchall.js"
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: LManager => C:\Program Files (x86)\Launch Manager\LManager.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: Malwarebytes TrayApp => C:\PROGRAM FILES/MALWAREBYTES/ANTI-MALWARE\mbamtray.exe
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: Power Management => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
MSCONFIG\startupreg: ProShieldTSR => "C:\Program Files\Acer ProShield\EgisTSR.exe" /run
MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
MSCONFIG\startupreg: S6000Mnt => \C:\Windows\SysWOW64\Rundll32.exe S6000Rmv.dll
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Smart Driver Updater => C:\Program Files (x86)\Smart Driver Updater\SDULauncher.exe
MSCONFIG\startupreg: Spybot-S&D Cleaning => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
MSCONFIG\startupreg: SpybotPostWindows10UpgradeReInstall => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: vmware-tray => "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{6F2A5FB0-103F-46DF-ADA6-4152654E997F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4CB12544-DF96-43A0-A05A-2C380925BF95}] => (Allow) LPort=2869
FirewallRules: [{3A86A965-C270-4F74-8AD0-F85A57A07377}] => (Allow) LPort=1900
FirewallRules: [{D5D659CC-7EFE-411F-9037-A14BEA34D59E}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4ED5E74B-9C1F-43A0-A86B-C01F08695233}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9C771DA4-245E-4518-A947-DD4BE5170984}] => (Allow) C:\Program Files (x86)\Acer\Acer VCM\VC.exe (Acer Incorporated -> Acer Incoporated)
FirewallRules: [{6C7ACDF6-9877-4485-A01A-77088E3FC62C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C0B9894C-7D1D-4499-A146-5F0EDB793EBD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4EBD1B8E-E841-4DEE-87BA-3C72CA5CB096}] => (Allow) C:\Windows\SysWOW64\msiexec.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{63DA7185-105B-4C7C-8D36-357BD309081B}] => (Allow) C:\Windows\SysWOW64\msiexec.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{605E6B50-C1B7-43AE-BF99-2F96310BBBEC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{2856A6EA-F171-4BC4-A000-F5F81C51699A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{55A64360-0D76-4029-B52A-30FE4BB46468}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [UDP Query User{A7987030-1E9B-4C2A-8514-0DD4DE73CD49}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [{FE4CABB5-21DE-4F0A-8F76-4CC977A8D248}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.) [File not signed]
FirewallRules: [{D8D831D6-472C-4990-9645-72478CE41FBF}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.) [File not signed]
FirewallRules: [{336C23F9-1BC4-439A-8349-6AA586CF9595}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe () [File not signed]
FirewallRules: [{8E9A0E5F-3636-4775-BB7E-06572A9F96F5}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe () [File not signed]
FirewallRules: [TCP Query User{FF9AF2BD-6AA2-45F4-AC00-A993E513A56A}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{27716489-8DED-4930-A0A5-8EDB50B54221}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{89DA82A5-D353-4308-AB41-32D450D160D8}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe No File
FirewallRules: [UDP Query User{1640A5CE-D087-4AAA-84E1-97C88F429D2E}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe No File
FirewallRules: [TCP Query User{4550D8C3-B056-44D9-BE0A-B1F7A91465DF}C:\users\pitrisin\documents\vuze downloads\warcraft iii\war3.exe] => (Allow) C:\users\pitrisin\documents\vuze downloads\warcraft iii\war3.exe (Blizzard Entertainment) [File not signed]
FirewallRules: [UDP Query User{8C53FA3D-3B4A-4CF8-86D5-C8F0A4B8C484}C:\users\pitrisin\documents\vuze downloads\warcraft iii\war3.exe] => (Allow) C:\users\pitrisin\documents\vuze downloads\warcraft iii\war3.exe (Blizzard Entertainment) [File not signed]
FirewallRules: [TCP Query User{85A54931-85F1-49B7-806C-3B8FE2F2CE8B}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{0F450E59-5CA2-4068-BB3D-92888749918A}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe
FirewallRules: [{80D2831B-B011-4E4D-A71D-4ECB2323A728}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{60BAE704-AB2D-4894-A435-5544B72CBA1F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{A9B67A2D-1E7A-4F6C-8C1A-2A29B726EC17}C:\users\pitrisin\gsplay\hl.exe] => (Allow) C:\users\pitrisin\gsplay\hl.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{A855E58A-DCD7-4CAE-A20A-D2DEE9DF0821}C:\users\pitrisin\gsplay\hl.exe] => (Allow) C:\users\pitrisin\gsplay\hl.exe (Valve) [File not signed]
FirewallRules: [TCP Query User{A2E6AD41-A914-4887-84FE-B18EC8B120B7}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{66847312-A26F-4322-AACF-620933A8D606}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{5A6FD128-2C82-4F78-BF29-2A14A0682F60}C:\program files (x86)\savage2\savage2.exe] => (Allow) C:\program files (x86)\savage2\savage2.exe () [File not signed]
FirewallRules: [UDP Query User{D1B5563C-B2E6-4F24-AA94-18A1B0AF0B13}C:\program files (x86)\savage2\savage2.exe] => (Allow) C:\program files (x86)\savage2\savage2.exe () [File not signed]
FirewallRules: [{74287C4F-A4EF-450E-8517-60AA29738C31}] => (Allow) C:\Program Files\Flagship Studios\Hellgate London\Launcher.exe (Flagship Studios, Inc. -> Flagship Studios)
FirewallRules: [{79737AB0-D60C-4BB2-9EC3-01DC26EA0673}] => (Allow) C:\Program Files\Flagship Studios\Hellgate London\Launcher.exe (Flagship Studios, Inc. -> Flagship Studios)
FirewallRules: [TCP Query User{58F74364-6C1C-4B81-90A8-99B565403F6B}C:\program files\java\jre8\bin\javaw.exe] => (Allow) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [UDP Query User{2B7346CF-0960-4ADC-A9BB-F6D27FF31962}C:\program files\java\jre8\bin\javaw.exe] => (Allow) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [{5EB4CA60-BC1A-47DF-B722-F84F06A08452}] => (Allow) LPort=5353
FirewallRules: [{0615AA99-679F-40AB-985D-5BF40E4EC9B5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{19A1F3D7-AB8A-4E8F-BE4B-618B63FACFE2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{340BB299-D305-434F-BEEF-E2327CA73156}C:\program files\java\jre1.8.0_20\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_20\bin\javaw.exe
FirewallRules: [UDP Query User{0C524D70-713B-468F-8FFB-B0B2C84A1C7B}C:\program files\java\jre1.8.0_20\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_20\bin\javaw.exe
FirewallRules: [TCP Query User{9C84D2DD-D3E1-48C6-B5FA-A01271EDB0F5}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{22422299-B95E-40C4-ACBD-B067940F4A62}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{DFF28A25-2B20-4CCC-A45C-DC8F88F3FCBB}C:\program files\java\jre1.8.0_25\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\java.exe
FirewallRules: [UDP Query User{EBE38E38-8CCE-4A46-9673-569520A5ABA6}C:\program files\java\jre1.8.0_25\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\java.exe
FirewallRules: [TCP Query User{E3DF6A45-2E6B-43F9-9613-045CCF9ADC5B}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe No File
FirewallRules: [UDP Query User{DB0C908C-7258-47D2-A16E-D9B49B41F40E}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe No File
FirewallRules: [{565FEA1E-B44B-42F7-919F-5442EFCBAC14}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [{CFEFC701-63F8-4839-BF92-2102A35D3BA7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [TCP Query User{A9AD1539-21F6-478D-A1F0-EBE2F48DEA9F}C:\program files (x86)\filezilla ftp client\filezilla.exe] => (Block) C:\program files (x86)\filezilla ftp client\filezilla.exe (FileZilla Project) [File not signed]
FirewallRules: [UDP Query User{4B09F3C4-D5F0-4F5D-9C4C-991BF547E2F0}C:\program files (x86)\filezilla ftp client\filezilla.exe] => (Block) C:\program files (x86)\filezilla ftp client\filezilla.exe (FileZilla Project) [File not signed]
FirewallRules: [{AF629722-FBC1-45BC-871A-87D59E93D841}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AC8229A1-9956-4266-A68C-ED2E22E5B056}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{62C2C129-B6CD-47A7-97E3-74B92D567022}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B58B7AAB-D9A0-41E8-A2A5-BB6FE5E6F86B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1D511431-42F0-49F6-9F2E-A75A00220D25}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{739C2335-BE6E-4CF8-9C9A-81BF30E1A448}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{603368C8-FC98-4F36-8A0C-C05158F64A88}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.2.0\DriverBooster.exe (IObit Information Technology -> IObit)
FirewallRules: [{D430BFF8-69C4-4E22-9E79-452FB2F69354}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.2.0\DriverBooster.exe (IObit Information Technology -> IObit)
FirewallRules: [{41B192B5-B693-4487-9A26-914D8EB67454}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.2.0\DBDownloader.exe (IObit Information Technology -> IObit)
FirewallRules: [{1C35A3B8-B264-4A47-9FAB-18D462CCCE56}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.2.0\DBDownloader.exe (IObit Information Technology -> IObit)
FirewallRules: [{C1FF5D97-6BEC-4985-9866-6DF2D243A928}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.2.0\AutoUpdate.exe (IObit Information Technology -> IObit)
FirewallRules: [{05997751-D4A5-4AF1-853D-E679834D22D2}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.2.0\AutoUpdate.exe (IObit Information Technology -> IObit)
FirewallRules: [{8BE95A6A-17EE-42E2-B5E9-A3DE65C13B16}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{5867A2F5-9A4B-437A-A73A-958E7C834213}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{98E19762-966D-41FF-9BA6-FD4F52B3C139}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{6CB811DD-0532-44AF-8935-C6B020C96BCB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{E985D376-F43A-41B3-92DC-800D2040217A}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{4610D745-CF15-43B5-82C4-D2A2F7FE5447}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{624A5A98-D852-4510-9485-80FA4CA48A0C}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{1033D642-857C-459A-A943-F44230D1D612}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{3AE15C93-2F5B-4C1B-B187-2186EAE7ED30}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe (Gearbox Software) [File not signed]
FirewallRules: [{F42B54D4-0839-4B03-90B0-8B504C8A9F4A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe (Gearbox Software) [File not signed]
FirewallRules: [{F72B5B14-50E9-4AB6-8A1D-28995E6DB3D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{313A3432-1647-447C-A533-5D35FFF60FFB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{32F49D47-B63C-4F6B-81DF-B4EFCA49B736}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Business Tour\BusinessTour.exe () [File not signed]
FirewallRules: [{06FC2DB9-80AC-4ACC-9A87-A24AAD349EDC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Business Tour\BusinessTour.exe () [File not signed]
FirewallRules: [{40D3B95C-CDDD-4157-A100-F14C5BE46D81}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{9FA88391-448F-4D7F-915A-721BBA3D16D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{46167006-249F-4FE7-82B9-4ADFA7C40A12}] => (Allow) C:\Program Files (x86)\EA GAMES\Battlefield 2 Demo\BF2.exe () [File not signed]
FirewallRules: [{95CA91AB-0028-4D74-B25D-1C553523EF86}] => (Allow) C:\Program Files (x86)\EA GAMES\Battlefield 2 Demo\BF2.exe () [File not signed]
FirewallRules: [{DEDE9444-767C-4337-BD92-89DBE3B9989B}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{AF1D20FA-2708-490A-A353-6D27418228E1}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{DB2424BC-3E36-430F-A654-603BC5CB15AC}] => (Allow) C:\Program Files (x86)\EA GAMES\Battlefield 2\BF2.exe () [File not signed]
FirewallRules: [{53EE8483-1E3A-4B36-A1B7-19A1A188AA78}] => (Allow) C:\Program Files (x86)\EA GAMES\Battlefield 2\BF2.exe () [File not signed]
FirewallRules: [{1E919D52-1CC9-4438-AEE0-23477A21ED4F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{C465BF40-673D-4D75-B1C6-A0351B8A8DE3}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{118F3382-0F22-43CE-AEA9-A0220CE871F8}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{626A337E-143C-4CA0-BBA9-EF3A547B4BA0}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{48C02F6B-61F3-4508-A171-D29D109182E1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{57A77EC4-8F9F-45FF-9A8B-4B2B62581C6C}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Restore Points =========================

20-06-2019 17:33:09 Naplánovaný kontrolní bod
21-06-2019 19:13:45 Nainstalováno rozhraní DirectX

==================== Faulty Device Manager Devices =============

Name: VMware Virtual Ethernet Adapter for VMnet1
Description: VMware Virtual Ethernet Adapter for VMnet1
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: VMware Virtual Ethernet Adapter for VMnet8
Description: VMware Virtual Ethernet Adapter for VMnet8
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/28/2019 02:06:37 PM) (Source: BROWSER) (EventID: 8032) (User: )
Description: \Device\NetBT_Tcpip_{C787C502-5D9A-4DC4-AEA8-295503ED51C0}

Error: (06/28/2019 02:01:35 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (06/28/2019 01:39:21 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (06/28/2019 01:28:51 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (06/28/2019 01:28:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/27/2019 09:01:27 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (06/27/2019 08:15:45 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (06/26/2019 11:01:26 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.


System errors:
=============
Error: (06/28/2019 02:09:38 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID 
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
 a APPID 
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
 uživateli NT AUTHORITY\SYSTEM SID (S-1-5-18) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/28/2019 01:59:38 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID 
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
 a APPID 
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
 uživateli NT AUTHORITY\SYSTEM SID (S-1-5-18) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/28/2019 01:49:38 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID 
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
 a APPID 
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
 uživateli NT AUTHORITY\SYSTEM SID (S-1-5-18) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/28/2019 01:39:38 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID 
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
 a APPID 
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
 uživateli NT AUTHORITY\SYSTEM SID (S-1-5-18) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/28/2019 01:31:13 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Rozpoznávací modul sběrnice PnP-X IP závisí na službě Hostitel poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující chyby: 
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.

Error: (06/28/2019 01:29:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba aswbIDSAgent neuspěla při spuštění v důsledku následující chyby: 
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (06/28/2019 01:29:39 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby aswbIDSAgent bylo dosaženo časového limitu (30000 ms).

Error: (06/28/2019 01:29:38 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID 
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
 a APPID 
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
 uživateli NT AUTHORITY\SYSTEM SID (S-1-5-18) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


Windows Defender:
===================================
Date: 2016-07-08 22:46:13.017
Description: 
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{D5CC01AD-A1C2-4D71-A4D0-F6F34077A455}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:pitrisin-PC\pitrisin

Date: 2016-01-30 13:35:29.702
Description: 
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/Diplugem&threatid=213571
Název:BrowserModifier:Win32/Diplugem
ID:213571
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\ProgramData\YoutubeAdblocker\j3H6.dat;file:C:\Users\pitrisin\AppData\Roaming\SkypEmoticons\Res.dll;file:C:\Users\pitrisin\AppData\Roaming\SkypEmoticons\SE.exe;folder:C:\ProgramData\YoutubeAdblocker\;folder:C:\Users\pitrisin\AppData\Roaming\SkypEmoticons\
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\NETWORK SERVICE
Název procesu:c:\program files\windows defender\MpCmdRun.exe

Date: 2015-07-25 14:51:16.942
Description: 
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{3B57218F-84A4-455C-8043-96E1621875EB}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:pitrisin-PC\pitrisin

Date: 2015-05-20 16:33:17.843
Description: 
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/KipodToolsCby&threatid=207199
Název:BrowserModifier:Win32/KipodToolsCby
ID:207199
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:clsid:HKLM\SOFTWARE\CLASSES\Wow6432Node\CLSID\{7C3B01BC-53A5-48A0-A43B-0C67731134B9};clsid:HKLM\SOFTWARE\CLASSES\Wow6432Node\CLSID\{B6F8DA9F-2696-419e-A8A3-19BE41EF51BD};clsid:HKLM\SOFTWARE\CLASSES\Wow6432Node\CLSID\{F42C7B47-5234-4BF5-8882-DAAC0D64870D};clsid:HKLM\SOFTWARE\Wow6432Node\CLASSES\CLSID\{148132E6-626D-4A5E-8063-A761EB29A50B};clsid:HKLM\SOFTWARE\Wow6432Node\CLASSES\CLSID\{24103041-884B-4772-B0D3-A600E7CBFEC7};clsid:HKLM\SOFTWARE\Wow6432Node\CLASSES\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581};clsid:HKLM\SOFTWARE\Wow6432Node\CLASSES\CLSID\{3C78B8E2-6C4D-11D1-AEE2-0000F7754B98};clsid:HKLM\SOFTWARE\Wow6432Node\CLASSES\CLSID\{3D446B6F-71DE-4437-BE15-8CE47174340F};clsid:HKLM\SOFTWARE\Wow6432Node\CLASSES\CLSID\{5D637FAD-E202-48D1-8F18-5B9C459BD1E3};clsid:HKLM\SOFTWARE\Wow6432Node\CLASSES\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839};clsid:HKLM\SOFTWARE\Wow6432Node\CLASSES\CLSID\{7C3B01BC-53A5-48A0-A43B-0C67731134B9};clsid:HKLM\SOFTWARE\Wow6432Node\CLASSES\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F};cls
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\NETWORK SERVICE
Název procesu:c:\program files\windows defender\MpCmdRun.exe

Date: 2015-05-20 16:28:53.274
Description: 
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/KipodToolsCby&threatid=207199
Název:BrowserModifier:Win32/KipodToolsCby
ID:207199
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:clsid:HKLM\SOFTWARE\CLASSES\Wow6432Node\CLSID\{7C3B01BC-53A5-48A0-A43B-0C67731134B9};clsid:HKLM\SOFTWARE\CLASSES\Wow6432Node\CLSID\{B6F8DA9F-2696-419e-A8A3-19BE41EF51BD};clsid:HKLM\SOFTWARE\CLASSES\Wow6432Node\CLSID\{F42C7B47-5234-4BF5-8882-DAAC0D64870D};clsid:HKLM\SOFTWARE\Wow6432Node\CLASSES\CLSID\{148132E6-626D-4A5E-8063-A761EB29A50B};clsid:HKLM\SOFTWARE\Wow6432Node\CLASSES\CLSID\{24103041-884B-4772-B0D3-A600E7CBFEC7};clsid:HKLM\SOFTWARE\Wow6432Node\CLASSES\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581};clsid:HKLM\SOFTWARE\Wow6432Node\CLASSES\CLSID\{3C78B8E2-6C4D-11D1-AEE2-0000F7754B98};clsid:HKLM\SOFTWARE\Wow6432Node\CLASSES\CLSID\{3D446B6F-71DE-4437-BE15-8CE47174340F};clsid:HKLM\SOFTWARE\Wow6432Node\CLASSES\CLSID\{5D637FAD-E202-48D1-8F18-5B9C459BD1E3};clsid:HKLM\SOFTWARE\Wow6432Node\CLASSES\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839};clsid:HKLM\SOFTWARE\Wow6432Node\CLASSES\CLSID\{7C3B01BC-53A5-48A0-A43B-0C67731134B9};clsid:HKLM\SOFTWARE\Wow6432Node\CLASSES\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F};cls
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\NETWORK SERVICE
Název procesu:c:\program files\windows defender\MpCmdRun.exe

Date: 2016-07-15 12:53:38.655
Description: 
Modul programu %1 byl ukončen v důsledku neočekávané chyby.
Typ chyby:%5
Kód výjimky:%6
Zdroj:%3

Date: 2016-07-15 11:56:12.955
Description: 
Modul programu %1 byl ukončen v důsledku neočekávané chyby.
Typ chyby:%5
Kód výjimky:%6
Zdroj:%3

Date: 2016-07-14 19:51:41.184
Description: 
Modul programu %1 byl ukončen v důsledku neočekávané chyby.
Typ chyby:%5
Kód výjimky:%6
Zdroj:%3

Date: 2016-07-01 14:49:00.198
Description: 
Modul programu %1 byl ukončen v důsledku neočekávané chyby.
Typ chyby:%5
Kód výjimky:%6
Zdroj:%3

Date: 2016-06-22 18:36:46.995
Description: 
Modul programu %1 byl ukončen v důsledku neočekávané chyby.
Typ chyby:%5
Kód výjimky:%6
Zdroj:%3

CodeIntegrity:
===================================

Date: 2017-03-26 17:26:56.551
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\MBAMChameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-03-26 17:24:57.289
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-03-26 17:24:56.930
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-03-26 17:13:12.114
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\MBAMChameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-03-26 17:11:13.960
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-03-26 17:11:13.336
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-03-05 15:58:51.660
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\MBAMChameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-03-05 15:56:52.180
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info =========================== 

BIOS: INSYDE V1.18 10/17/2011
Motherboard: Acer BAV50_HR
Processor: Intel(R) Pentium(R) CPU B960 @ 2.20GHz
Percentage of memory in use: 91%
Total physical RAM: 3947.86 MB
Available physical RAM: 318.94 MB
Total Virtual: 7893.86 MB
Available Virtual: 3445.16 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:682.54 GB) (Free:253.49 GB) NTFS

\\?\Volume{3c485b59-1970-11e1-bfb4-806e6f6e6963}\ (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{3c485b58-1970-11e1-bfb4-806e6f6e6963}\ (PQSERVICE) (Fixed) (Total:16 GB) (Free:5.23 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: 7D1E43CC)
Partition 1: (Not Active) - (Size=16 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=682.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================