VIRY.CZ

Dobrý den,
Můžete mi prosím kouknout na logy? Velmi se mi prodloužil čas zavádění systému a chrome. Děkuji

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-06-2020
Ran by Speeder (administrator) on SPEEDER-PC (MICRO-STAR INTERNATIONAL CO.,LTD MS-7577) (14-06-2020 19:40:14)
Running from D:\downloads
Loaded Profiles: Speeder
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> ) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <2>
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <2>
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro Advanced\DTAgent.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro Advanced\DTShellHlp.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <10>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(O and O Software GmbH -> O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(O and O Software GmbH -> O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodtray.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SafeNet, Inc. -> SafeNet, Inc.) C:\Windows\System32\hasplms.exe
(SOKNO S.R.L. -> Almico Software (www.almico.com)) C:\Program Files (x86)\SpeedFan\speedfan.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\dlls\wgc_renderer.exe <3>
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wargamingerrormonitor.exe
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16407296 2015-10-16] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-04] (Canon Inc. -> CANON INC.)
HKLM\...\Run: [OODefragTray] => C:\Program Files\OO Software\Defrag\oodtray.exe [4449584 2013-09-19] (O and O Software GmbH -> O&O Software GmbH)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [108728 2020-05-24] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-05-05] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\qttask.exe [77824 2016-01-08] (Apple Computer, Inc.) [File not signed]
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3822893454-3942415576-2141635118-1000\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro Advanced\DTAgent.exe [3111456 2013-05-13] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-3822893454-3942415576-2141635118-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3822893454-3942415576-2141635118-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [48214752 2020-04-06] (Google LLC -> )
HKU\S-1-5-21-3822893454-3942415576-2141635118-1000\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2417016 2020-05-15] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-3822893454-3942415576-2141635118-1000\...\MountPoints2: {371a0487-3c20-11e8-9327-406186cc7049} - G:\_AUTORUN\AUTORUN.EXE
HKU\S-1-5-18\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-17] (Piriform Software Ltd -> Piriform Ltd)
HKLM\...\Windows x64\Print Processors\BJ Print Processor4: C:\Windows\System32\spool\prtprocs\x64\CNBPP4.DLL [84992 2009-07-14] (Microsoft Windows -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon MP610 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD93.DLL [27648 2007-04-16] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\BJ Language Monitor4: C:\Windows\system32\CNBLM4.DLL [267776 2009-07-14] (Microsoft Windows -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP610 series: C:\Windows\system32\CNMLM93.DLL [258560 2007-04-16] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.97\Installer\chrmstp.exe [2020-06-03] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2020-05-04] (Adobe Inc. -> Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SpeedFan.lnk [2017-10-10]
ShortcutTarget: SpeedFan.lnk -> C:\Program Files (x86)\SpeedFan\speedfan.exe (SOKNO S.R.L. -> Almico Software (www.almico.com))
Startup: C:\Users\Speeder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vetrak.bat.lnk [2020-01-30]
ShortcutTarget: vetrak.bat.lnk -> C:\Program Files (x86)\SpeedFan\vetrak.bat () [File not signed]
GroupPolicy: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0E8B566C-2A09-4FD9-A50B-B41892CEA909} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {136B8F8D-2F2E-4839-A95A-CDD8F99256A3} - \DriverDoc Auto Start -> No File <==== ATTENTION
Task: {29766580-8D4F-4062-8FE9-9C16E47265E2} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {36AAB464-B482-4896-9E15-5B13CD9F9E1D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {6F5329B2-AD6A-4E54-A9E4-5A7A8029096B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-17] (Piriform Software Ltd -> Piriform Ltd)
Task: {7273CDA8-B971-4588-919A-19152B537F74} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-23] (Google Inc -> Google Inc.)
Task: {75CA7AEA-14CF-47AF-AF3B-F9B702668CBD} - System32\Tasks\{2CEF6DB6-BB5A-4A75-9B77-B8B29787606B} => C:\Windows\system32\pcalua.exe -a "C:\Users\Speeder\Desktop\O&O Defrag 17 Professional 32-64bit + Serial key\64bit\O&O DefragProfessional 17.0.420 64bit ENG.exe" -d "C:\Users\Speeder\Desktop\O&O Defrag 17 Professional 32-64bit + Serial key\64bit"
Task: {8EFDE0F1-9E9A-4ED0-B94E-F06D187B514B} - System32\Tasks\WindowsUpda2ta => C:\Users\Speeder\AppData\Roaming\MICROSOFT\KMS Activator all windows 7 (Crack-kegen-serial).vbs <==== ATTENTION
Task: {B2479568-9AF6-4DD1-83E0-4F5B39B84E81} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-23] (Google Inc -> Google Inc.)
Task: {BEAB5D1A-36DB-4EE0-BB0A-3B97F92FC83F} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-05-05] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {C4B62FB2-C624-48DF-BE7F-39AE7521DED1} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3339472 2020-05-24] (Avast Software s.r.o. -> AVAST Software)
Task: {FE872E32-7124-4BBF-8001-482E02686A42} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{056C0202-572F-4EED-828A-07EECAE75CDB}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKU\S-1-5-21-3822893454-3942415576-2141635118-1000 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (Canon Inc. -> CANON INC.)

FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2014-07-28] (CANON INC.) [File not signed]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-12-16] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-12-16] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)

Chrome:
=======
CHR Profile: C:\Users\Speeder\AppData\Local\Google\Chrome\User Data\Default [2020-06-14]
CHR DownloadDir: D:\downloads
CHR Notifications: Default -> hxxp://forum.skodahome.cz; hxxps://drive.google.com; hxxps://forum.skodahome.cz; hxxps://mail.google.com; hxxps://web.whatsapp.com
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/html/newTab.html"
CHR DefaultSearchURL: Default -> hxxps://www.horizon.tv/etc/designs/orion/theme/ ... -36x36.png
CHR Extension: (Prezentace) - C:\Users\Speeder\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Speeder\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Disk Google) - C:\Users\Speeder\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-20]
CHR Extension: (Unlocker for WakeLockDetector) - C:\Users\Speeder\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgeplmmblegmdackkcemjkpngngocgjp [2018-10-19]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Speeder\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2020-04-06]
CHR Extension: (YouTube) - C:\Users\Speeder\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-23]
CHR Extension: (Vyhledávání Google) - C:\Users\Speeder\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-23]
CHR Extension: (Tabulky) - C:\Users\Speeder\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\Speeder\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-28]
CHR Extension: (Komponenta pro aplikaci SERVIS 24) - C:\Users\Speeder\AppData\Local\Google\Chrome\User Data\Default\Extensions\gincjcoomijeeoddomaaimknmflggfnb [2019-01-26]
CHR Extension: (Horizon TV) - C:\Users\Speeder\AppData\Local\Google\Chrome\User Data\Default\Extensions\khacdlnhpilifpplbbafdickbmihjoml [2020-06-12]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Speeder\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2019-06-03]
CHR Extension: (Copy Plain Text) - C:\Users\Speeder\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfjlgdbpkjmnofoglhlhcdfhjaglmncp [2018-01-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Speeder\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Speeder\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2020-04-06]
CHR Extension: (Gmail) - C:\Users\Speeder\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\Speeder\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-28]
CHR Profile: C:\Users\Speeder\AppData\Local\Google\Chrome\User Data\System Profile [2020-04-06]
CHR HKU\S-1-5-21-3822893454-3942415576-2141635118-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-3822893454-3942415576-2141635118-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKU\S-1-5-21-3822893454-3942415576-2141635118-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-05-05] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-05-05] (Adobe Inc. -> Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6350752 2020-05-24] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [348968 2020-05-24] (Avast Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1225216 2015-11-24] (Bastian Suter -> )
R2 hasplms; C:\Windows\system32\hasplms.exe [4574520 2017-02-14] (SafeNet, Inc. -> SafeNet, Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [1634096 2013-09-19] (O and O Software GmbH -> O&O Software GmbH)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12001112 2019-08-29] (TeamViewer GmbH -> TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [87864 2017-02-14] (SafeNet, Inc. -> SafeNet, Inc.)
S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [332088 2017-02-14] (SafeNet, Inc. -> SafeNet, Inc.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37136 2020-05-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205880 2020-05-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [234560 2020-05-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [178760 2020-05-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [60480 2020-05-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42784 2020-05-24] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [175704 2020-05-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [501472 2020-05-24] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2020-04-20] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [109272 2020-05-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84856 2020-05-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851592 2020-05-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [460992 2020-05-24] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [235488 2020-05-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [319112 2020-05-28] (Avast Software s.r.o. -> AVAST Software)
R0 AtiPcie; C:\Windows\System32\DRIVERS\AtiPcie64.sys [16440 2010-06-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.)
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-12-13] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [46392 2015-12-13] (Disc Soft Ltd -> Disc Soft Ltd)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2015-12-13] (DT Soft Ltd -> DT Soft Ltd)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [1287496 2017-02-14] (SafeNet, Inc. -> SafeNet, Inc.)
S3 multikey; C:\Windows\System32\DRIVERS\multikey.sys [883424 2017-09-15] (NGO -> TestProtect.com) [File not signed]
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation -> NVIDIA Corporation)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13536 2015-06-02] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R0 speedfan; C:\Windows\SysWow64\speedfan.sys [29592 2011-03-18] (Sokno S.R.L. -> Almico Software)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-06-14 19:39 - 2020-06-14 19:40 - 000000000 ____D C:\FRST
2020-06-12 12:22 - 2020-06-12 12:22 - 000002622 _____ C:\Users\Speeder\Desktop\Horizon TV.lnk
2020-06-07 09:14 - 2020-06-07 09:14 - 000001896 _____ C:\Users\Speeder\Desktop\Bandicam.lnk
2020-06-03 14:23 - 2020-06-12 12:48 - 000003450 _____ C:\Windows\system32\Tasks\AdobeGCInvoker-1.0
2020-05-31 21:53 - 2020-05-31 21:53 - 000000000 ____D C:\Users\Speeder\AppData\Local\RBRCIT
2020-05-31 20:56 - 2020-05-31 21:31 - 000000727 _____ C:\Users\Public\Desktop\RBR Car instalation tool.lnk
2020-05-31 20:56 - 2020-05-31 21:31 - 000000727 _____ C:\ProgramData\Desktop\RBR Car instalation tool.lnk
2020-05-29 10:16 - 2020-05-29 10:16 - 000000221 _____ C:\Users\Speeder\Desktop\RACE 07 - Formula RaceRoom Add-On.url
2020-05-28 18:05 - 2020-05-28 18:05 - 000000000 ____D C:\Users\Speeder\Documents\SimBin
2020-05-28 17:59 - 2020-05-28 17:59 - 000000220 _____ C:\Users\Speeder\Desktop\RACE 07.url
2020-05-28 17:52 - 2020-05-28 17:52 - 000000220 _____ C:\Users\Speeder\Desktop\GTR Evolution.url
2020-05-25 17:19 - 2020-05-25 17:19 - 000000000 ____D C:\Users\Speeder\AppData\Local\Tempzxpsigne3b574b0d2694eec
2020-05-25 17:19 - 2020-05-25 17:19 - 000000000 ____D C:\Users\Speeder\AppData\Local\Tempzxpsign6a3590d4c57d7249
2020-05-25 17:10 - 2020-05-25 17:10 - 000002009 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2020-05-25 17:10 - 2020-05-25 17:10 - 000002009 _____ C:\ProgramData\Desktop\Avast Free Antivirus.lnk
2020-05-24 12:11 - 2020-05-24 11:46 - 000337560 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2020-05-24 11:47 - 2020-05-24 11:46 - 000235488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2020-05-24 11:47 - 2020-05-24 11:46 - 000175704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-06-14 19:29 - 2019-06-03 20:42 - 000000000 ___RD C:\Users\Speeder\Disk Google
2020-06-14 19:27 - 2015-11-23 23:05 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2020-06-14 19:26 - 2016-05-16 16:39 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-06-14 19:25 - 2015-11-23 22:12 - 000000000 ____D C:\ProgramData\NVIDIA
2020-06-14 19:25 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-06-13 07:02 - 2009-07-14 06:45 - 000028128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-06-13 07:02 - 2009-07-14 06:45 - 000028128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-06-12 12:48 - 2017-12-28 11:50 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-06-12 12:48 - 2015-12-03 17:21 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2020-06-12 12:48 - 2015-12-02 14:26 - 000003450 _____ C:\Windows\system32\Tasks\{2CEF6DB6-BB5A-4A75-9B77-B8B29787606B}
2020-06-12 12:48 - 2015-11-24 01:01 - 000002798 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-06-12 12:48 - 2015-11-23 23:47 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-06-12 12:48 - 2015-11-23 22:17 - 000003388 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-06-12 12:48 - 2015-11-23 22:17 - 000003260 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-06-12 12:48 - 2015-11-23 22:10 - 000003370 _____ C:\Windows\system32\Tasks\WindowsUpda2ta
2020-06-12 12:22 - 2018-10-19 16:48 - 000000000 ____D C:\Users\Speeder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome
2020-06-12 12:17 - 2020-01-05 20:09 - 000000000 ____D C:\Users\Speeder\AppData\Roaming\Bandicam Company
2020-06-12 12:12 - 2019-12-26 22:23 - 000000000 ____D C:\Users\Speeder\AppData\Roaming\Kodi
2020-06-12 12:12 - 2015-11-24 16:47 - 000000000 ____D C:\Users\Speeder\AppData\Roaming\vlc
2020-06-12 10:59 - 2017-03-19 12:28 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2020-06-05 11:34 - 2017-07-31 21:25 - 000002065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-06-03 20:07 - 2015-11-23 22:18 - 000002230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-03 14:25 - 2019-10-03 20:44 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-06-03 14:25 - 2019-10-03 20:44 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-05-31 22:40 - 2015-11-24 17:10 - 000000000 ____D C:\Program Files (x86)\Steam
2020-05-28 17:49 - 2015-11-23 23:35 - 000319112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2020-05-24 11:46 - 2020-04-20 19:16 - 000501472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2020-05-24 11:46 - 2019-01-17 22:16 - 000234560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2020-05-24 11:46 - 2019-01-16 22:14 - 000178760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2020-05-24 11:46 - 2019-01-16 22:14 - 000060480 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2020-05-24 11:46 - 2019-01-16 22:14 - 000037136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2020-05-24 11:46 - 2018-10-22 20:45 - 000042784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2020-05-24 11:46 - 2017-11-11 11:56 - 000205880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2020-05-24 11:46 - 2015-11-23 23:35 - 000851592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2020-05-24 11:46 - 2015-11-23 23:35 - 000460992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2020-05-24 11:46 - 2015-11-23 23:35 - 000109272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2020-05-24 11:46 - 2015-11-23 23:35 - 000084856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2020-05-20 22:08 - 2015-11-23 23:34 - 000000000 ____D C:\ProgramData\AVAST Software
2020-05-20 18:50 - 2011-04-12 10:34 - 000668866 _____ C:\Windows\system32\perfh005.dat
2020-05-20 18:50 - 2011-04-12 10:34 - 000141526 _____ C:\Windows\system32\perfc005.dat
2020-05-20 18:50 - 2009-07-14 07:13 - 001584554 _____ C:\Windows\system32\PerfStringBackup.INI
2020-05-20 18:50 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf

==================== Files in the root of some directories ========

2016-01-21 17:34 - 2018-08-07 20:54 - 000000132 _____ () C:\Users\Speeder\AppData\Roaming\Adobe Formát GIF CS5 – předvolby
2017-05-09 21:48 - 2017-11-30 17:55 - 000000000 _____ () C:\Users\Speeder\AppData\Roaming\bitlord_log.txt
2016-06-12 12:35 - 2019-12-25 23:39 - 000099384 _____ () C:\Users\Speeder\AppData\Roaming\inst.exe
2016-06-12 12:35 - 2019-12-25 23:39 - 000007859 _____ () C:\Users\Speeder\AppData\Roaming\pcouffin.cat
2016-06-12 12:35 - 2019-12-25 23:39 - 000001167 _____ () C:\Users\Speeder\AppData\Roaming\pcouffin.inf
2016-06-12 12:35 - 2019-12-25 23:39 - 000000055 _____ () C:\Users\Speeder\AppData\Roaming\pcouffin.log
2016-06-12 12:35 - 2019-12-25 23:39 - 000082816 _____ (VSO Software) C:\Users\Speeder\AppData\Roaming\pcouffin.sys
2019-10-17 16:58 - 2019-10-17 16:58 - 000000001 _____ () C:\Users\Speeder\AppData\Local\llftool.4.40.agreement
2019-02-09 20:03 - 2019-02-09 20:03 - 000000000 _____ () C:\Users\Speeder\AppData\Local\oobelibMkey.log
2017-11-30 17:59 - 2017-11-30 17:59 - 000000218 _____ () C:\Users\Speeder\AppData\Local\recently-used.xbel
2017-05-07 17:21 - 2017-05-07 17:21 - 000000037 _____ () C:\Users\Speeder\AppData\Local\X-Plane Installer.prf
2017-05-07 17:21 - 2017-05-07 17:24 - 000000015 _____ () C:\Users\Speeder\AppData\Local\X-Plane_drm_11.prf
2017-05-07 17:04 - 2017-05-07 17:04 - 000000022 _____ () C:\Users\Speeder\AppData\Local\x-plane_install_11.txt

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2020-06-07 09:53
==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-06-2020
Ran by Speeder (14-06-2020 19:42:43)
Running from D:\downloads
Windows 7 Home Premium Service Pack 1 (X64) (2015-11-23 20:07:26)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3822893454-3942415576-2141635118-500 - Administrator - Disabled)
Guest (S-1-5-21-3822893454-3942415576-2141635118-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3822893454-3942415576-2141635118-1003 - Limited - Enabled)
Speeder (S-1-5-21-3822893454-3942415576-2141635118-1000 - Administrator - Enabled) => C:\Users\Speeder

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
AC3Filter 2.6.0b (HKLM-x32\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.009.20067 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Bridge CC (64 Bit) (HKLM-x32\...\{359F8007-6486-429C-A8C5-D67F6897C88C}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.0.327 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated)
Aktualizace NVIDIA 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
AMD Catalyst Install Manager (HKLM\...\{DD562794-C098-A1E5-66ED-10E8BD1C84C5}) (Version: 3.0.864.0 - Advanced Micro Devices, Inc.)
ARMA 2 Army of The Czech Republic - Data cache removal (HKLM-x32\...\A2ACR Data cache removal) (Version: - )
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.3.2405 - Avast Software)
Backup and Sync from Google (HKLM\...\{FE296942-D2D3-4149-8895-60655FE4CFDE}) (Version: 3.49.9800.0000 - Google, Inc.)
Bandicam (HKLM-x32\...\Bandicamv4.3.3.1498) (Version: v4.3.3.1498 - Friends in War)
Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.5.0 - Canon Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.)
Canon MP Navigator EX 1.0 (HKLM-x32\...\MP Navigator EX 1.0) (Version: - )
Canon MP610 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP610_series) (Version: - )
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.2.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.2.0 - Canon Inc.)
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.10.2.0 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.9.0.0 - Canon Inc.)
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6321 - CDBurnerXP)
Combined Community Codec Pack 64bit 2015-10-18 (HKLM\...\Combined Community Codec Pack 64bit_is1) (Version: 2015.10.19.0 - CCCP Project)
Company of Heroes - FAKEMSI (HKLM-x32\...\{14574B7F-75D1-4718-B7F2-EBF6E2862A35}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{199E6632-EB28-4F73-AECB-3E192EB92D18}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{25724802-CC14-4B90-9F3B-3D6955EE27B1}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{32C4A4EB-C97D-414E-99C5-38F8DFD31D5D}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{50193078-F553-4EBA-AA77-64C9FAA12F98}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{51D718D1-DA81-4FAD-919F-5C1CE3C33379}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{66F78C51-D108-4F0C-A93C-1CBE74CE338F}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{7F4B1592-222F-4E5F-A100-E5AFD61A0BB3}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{80D03817-7943-4839-8E96-B9F924C5E67D}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{97E5205F-EA4F-438F-B211-F1846419F1C1}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{99A7722D-9ACB-43F3-A222-ABC7133F159E}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{BA801B94-C28D-46EE-B806-E1E021A3D519}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{D4D244D1-05E0-4D24-86A2-B2433C435671}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{EAF636A9-F664-4703-A659-85A894DA264F}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes (HKLM-x32\...\Company of Heroes) (Version: 2.301.0 - THQ Inc.)
CPUID CPU-Z 1.90 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.90 - CPUID, Inc.)
CrystalDiskInfo 8.0.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 8.0.0 - Crystal Dew World)
DAEMON Tools Pro Advanced (HKLM-x32\...\DAEMON Tools Pro Advanced) (Version: - )
ETKA Loader 0.8.0.0 International (HKLM-x32\...\{54B46191-19CD-46B0-BC45-FBA59883AE60}_is1) (Version: 0.8.0.0 - algeni)
Farming Simulator 15 (HKLM-x32\...\FarmingSimulator2015CZ_is1) (Version: 1.0 - GIANTS Software)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.97 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Heroes of Might and Magic III Complete (HKLM-x32\...\{EDFB64A7-5BFD-4137-943D-5663149A15F5}) (Version: 1.00.0000 - CD Projekt) Hidden
Heroes of Might and Magic III Complete (HKLM-x32\...\InstallShield_{EDFB64A7-5BFD-4137-943D-5663149A15F5}) (Version: 1.00.0000 - CD Projekt)
IGI 2 (HKLM-x32\...\IGI 2) (Version: - )
Jak věci pracují (HKLM-x32\...\{0CC89282-5DFA-44E5-83CF-F4E725CCBC4A}) (Version: 3.1.0.0 - )
Kodi (HKU\S-1-5-21-3822893454-3942415576-2141635118-1000\...\Kodi) (Version: - XBMC Foundation)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
MediaInfo 0.7.98 (HKLM\...\MediaInfo) (Version: 0.7.98 - MediaArea.net)
Microsoft .NET Framework 4.6.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27012 (HKLM-x32\...\{427ada59-85e7-4bc8-b8d5-ebf59db60423}) (Version: 14.16.27012.6 - Microsoft Corporation)
MSI Afterburner 4.1.1 (HKLM-x32\...\Afterburner) (Version: 4.1.1 - MSI Co., LTD)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NVIDIA Ovladač 3D Vision 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.43 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.43 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
O&O Defrag Professional (HKLM\...\{5E35E094-8057-4ABE-A37A-1BD7D9475B4D}) (Version: 17.0.420 - O&O Software GmbH)
Ovládací panel NVIDIA 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 361.43 - NVIDIA Corporation) Hidden
PdfMerge (HKLM-x32\...\{238BE990-A412-4129-A434-D03B1A9E396E}) (Version: 1.22.0 - PdfMerge)
PicPick (HKLM-x32\...\PicPick) (Version: 5.0.2 - NGWIN)
QuickTime (HKLM-x32\...\QuickTime) (Version: - )
RBR CD Halenkovice (remove only) (HKLM-x32\...\RBRTrack1999) (Version: - )
RBR Foron (remove only) (HKLM-x32\...\RBRTrack550) (Version: - )
RBR Lousada v1.1 (remove only) (HKLM-x32\...\RBRTrack703) (Version: - )
RBR Reversed Tracks (remove only) (HKLM-x32\...\RBRReversedTracks) (Version: - )
RBR Sherwood Forest v1.02 (remove only) (HKLM-x32\...\RBRTrack1521) (Version: - )
RBR Svince v1.1 (remove only) (HKLM-x32\...\RBRTrack929) (Version: - )
RBR Tournament plugin (remove only) (HKLM-x32\...\RBRTM) (Version: - )
RBR Vicar (remove only) (HKLM-x32\...\RBRTrack1996) (Version: - )
RBR Vinec-Skalsko (remove only) (HKLM-x32\...\RBRTrack100) (Version: - )
RBR Zadverice (remove only) (HKLM-x32\...\RBRTrack99) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7634 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.4 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.4 - VS Revo Group, Ltd.)
Richard Burns Rally (HKLM-x32\...\{72CE541B-52BD-4FA1-8CD6-19341939AB21}) (Version: 1.00.000 - Název společnosti:) Hidden
Richard Burns Rally (HKLM-x32\...\InstallShield_{72CE541B-52BD-4FA1-8CD6-19341939AB21}) (Version: 1.00.000 - Název společnosti:)
SD Card Formatter (HKLM-x32\...\{A61131DC-B92D-4AD8-A925-E2D6D5FE217C}) (Version: 5.0.1 - SD Association)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Ski Challenge 16 (HKU\S-1-5-21-3822893454-3942415576-2141635118-1000\...\sc16-GAMETWIST_MAIN) (Version: - )
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spotify (HKU\S-1-5-21-3822893454-3942415576-2141635118-1000\...\Spotify) (Version: 1.1.22.633.g1bab253a - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.5.5819 - TeamViewer)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Wargaming.net Game Center (HKU\S-1-5-21-3822893454-3942415576-2141635118-1000\...\Wargaming.net Game Center) (Version: 20.2.1.112 - Wargaming.net)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
World of Tanks EU (HKU\S-1-5-21-3822893454-3942415576-2141635118-1000\...\WOT.EU.PRODUCTION) (Version: - Wargaming.net)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.1 - ZONER software)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3822893454-3942415576-2141635118-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-04-06] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-04-06] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-04-06] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-24] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DaemonShellExtImage] -> {40966797-8FFE-46C8-9EF8-7003F33CCF0F} => C:\Program Files (x86)\DAEMON Tools Pro Advanced\DTShl64.dll [2013-05-13] (Disc Soft Ltd -> Disc Soft Ltd)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-04-06] (Google LLC -> Google)
ContextMenuHandlers1: [OODefrag] -> {48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => C:\Program Files\OO Software\Defrag\oodsh.dll [2013-09-19] (O and O Software GmbH -> O&O Software GmbH)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDrive] -> {A5415364-784A-41A5-B47A-D452909CA8FF} => C:\Program Files (x86)\DAEMON Tools Pro Advanced\DTShl64.dll [2013-05-13] (Disc Soft Ltd -> Disc Soft Ltd)
ContextMenuHandlers2: [OODefrag] -> {48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => C:\Program Files\OO Software\Defrag\oodsh.dll [2013-09-19] (O and O Software GmbH -> O&O Software GmbH)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-04-06] (Google LLC -> Google)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-12-16] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [OODefrag] -> {48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => C:\Program Files\OO Software\Defrag\oodsh.dll [2013-09-19] (O and O Software GmbH -> O&O Software GmbH)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [msacm.ac3filter] => C:\Windows\system32\ac3filter64.acm [2231296 2013-04-05] () [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2018-09-26] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\system32\bdmjpeg64.dll [75248 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\system32\bdmpegv64.dll [75272 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\system32\bdmpega64.acm [75784 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2018-09-26] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [71152 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [71176 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [71176 2017-01-26] (Bandicam Company -> )

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
Shortcut: C:\Users\Speeder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vetrak.bat.lnk -> C:\Program Files (x86)\SpeedFan\vetrak.bat ()
ShortcutWithArgument: C:\Users\Speeder\Desktop\Horizon TV.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=khacdlnhpilifpplbbafdickbmihjoml
ShortcutWithArgument: C:\Users\Speeder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Horizon TV.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=khacdlnhpilifpplbbafdickbmihjoml
ShortcutWithArgument: C:\Users\Speeder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Unlocker for WakeLockDetector.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=bgeplmmblegmdackkcemjkpngngocgjp

==================== Loaded Modules (Whitelisted) =============

2016-10-12 02:08 - 2016-10-12 02:08 - 000124928 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2016-10-12 02:08 - 2016-10-12 02:08 - 000118272 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2016-10-12 02:08 - 2016-10-12 02:08 - 000166400 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2016-10-12 02:08 - 2016-10-12 02:08 - 000223232 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2016-10-12 02:08 - 2016-10-12 02:08 - 000117248 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2013-05-14 17:33 - 2013-05-14 17:33 - 000002560 _____ () [File not signed] C:\Program Files (x86)\DAEMON Tools Pro Advanced\MSIMG32.dll
2020-06-14 19:27 - 2020-06-14 19:27 - 000114176 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI20882\_ctypes.pyd
2020-06-14 19:27 - 2020-06-14 19:27 - 000173056 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI20882\_elementtree.pyd
2020-06-14 19:27 - 2020-06-14 19:27 - 002133504 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI20882\_hashlib.pyd
2020-06-14 19:27 - 2020-06-14 19:27 - 000032256 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI20882\_multiprocessing.pyd
2020-06-14 19:27 - 2020-06-14 19:27 - 000046080 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI20882\_psutil_windows.pyd
2020-06-14 19:27 - 2020-06-14 19:27 - 000047616 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI20882\_socket.pyd
2020-06-14 19:27 - 2020-06-14 19:27 - 002701824 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI20882\_ssl.pyd
2020-06-14 19:27 - 2020-06-14 19:27 - 000026112 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI20882\_yappi.pyd
2020-06-14 19:27 - 2020-06-14 19:27 - 000080896 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI20882\bz2.pyd
2020-06-14 19:27 - 2020-06-14 19:27 - 000016384 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI20882\common.time34.pyd
2020-06-14 19:27 - 2020-06-14 19:27 - 000007680 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI20882\hashobjs_ext.pyd
2020-06-14 19:27 - 2020-06-14 19:27 - 000301568 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI20882\PIL._imaging.pyd
2020-06-14 19:27 - 2020-06-14 19:27 - 000169472 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI20882\pyexpat.pyd
2020-06-14 19:27 - 2020-06-14 19:27 - 001084416 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI20882\pysqlite2._sqlite.pyd
2020-06-14 19:27 - 2020-06-14 19:27 - 000548864 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI20882\pythoncom27.dll
2020-06-14 19:27 - 2020-06-14 19:27 - 000137728 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI20882\pywintypes27.dll
2020-06-14 19:27 - 2020-06-14 19:27 - 000010752 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI20882\select.pyd
2020-06-14 19:27 - 2020-06-14 19:27 - 000020992 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI20882\thumbnails_ext.pyd
2020-06-14 19:27 - 2020-06-14 19:27 - 000689664 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI20882\unicodedata.pyd
2020-06-14 19:27 - 2020-06-14 19:27 - 000119808 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI20882\usb_ext.pyd
2020-06-14 19:27 - 2020-06-14 19:27 - 000128512 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI20882\win32api.pyd
2020-06-14 19:27 - 2020-06-14 19:27 - 000438784 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI20882\win32com.shell.shell.pyd
2020-06-14 19:27 - 2020-06-14 19:27 - 000011776 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI20882\win32crypt.pyd
2020-06-14 19:27 - 2020-06-14 19:27 - 000023040 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI20882\win32event.pyd
2020-06-14 19:27 - 2020-06-14 19:27 - 000149504 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI20882\win32file.pyd
2020-06-14 19:27 - 2020-06-14 19:27 - 000223232 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI20882\win32gui.pyd
2020-06-14 19:27 - 2020-06-14 19:27 - 000048128 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI20882\win32inet.pyd
2020-06-14 19:27 - 2020-06-14 19:27 - 000029696 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI20882\win32pdh.pyd
2020-06-14 19:27 - 2020-06-14 19:27 - 000027648 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI20882\win32pipe.pyd
2020-06-14 19:27 - 2020-06-14 19:27 - 000044032 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI20882\win32process.pyd
2020-06-14 19:27 - 2020-06-14 19:27 - 000020480 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI20882\win32profile.pyd
2020-06-14 19:27 - 2020-06-14 19:27 - 000136192 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI20882\win32security.pyd
2020-06-14 19:27 - 2020-06-14 19:27 - 000026624 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI20882\win32ts.pyd
2020-06-14 19:27 - 2020-06-14 19:27 - 000034816 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI20882\windows.conditional.pyd
2020-06-14 19:27 - 2020-06-14 19:27 - 000038400 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI20882\windows.connectivity.pyd
2020-06-14 19:27 - 2020-06-14 19:27 - 000071680 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI20882\windows.device_monitor.pyd
2020-06-14 19:27 - 2020-06-14 19:27 - 000109056 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI20882\windows.volumes.pyd
2020-06-14 19:27 - 2020-06-14 19:27 - 000020480 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI20882\windows.winwrap.pyd
2020-06-14 19:27 - 2020-06-14 19:27 - 001325056 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI20882\wx._controls_.pyd
2020-06-14 19:27 - 2020-06-14 19:27 - 001489408 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI20882\wx._core_.pyd
2020-06-14 19:27 - 2020-06-14 19:27 - 001007104 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI20882\wx._gdi_.pyd
2020-06-14 19:27 - 2020-06-14 19:27 - 000103424 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI20882\wx._html2.pyd
2020-06-14 19:27 - 2020-06-14 19:27 - 000916992 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI20882\wx._misc_.pyd
2020-06-14 19:27 - 2020-06-14 19:27 - 001039872 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI20882\wx._windows_.pyd
2016-03-14 21:29 - 2020-06-14 19:27 - 000192512 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\sfamcc00001.dll
2020-01-30 18:44 - 2020-06-14 19:27 - 000158720 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\sfareca00001.dll
2017-10-08 10:46 - 2016-10-04 16:51 - 000076800 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2015-11-23 23:44 - 2015-11-23 23:44 - 000225280 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
2016-01-13 18:10 - 2015-12-16 16:39 - 000840736 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll
2013-09-19 20:13 - 2013-09-27 20:49 - 000317744 ____N (O and O Software GmbH -> O&O Software GmbH) [File not signed] C:\Program Files\OO Software\Defrag\OODSHRS.DLL
2013-09-19 20:13 - 2013-09-27 20:49 - 000884016 _____ (O and O Software GmbH -> O&O Software GmbH) [File not signed] C:\Program Files\OO Software\Defrag\OODTRRS.DLL
2020-06-14 19:27 - 2020-06-14 19:27 - 003042816 _____ (Python Software Foundation) [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI20882\python27.dll
2020-02-25 17:22 - 2015-11-04 11:35 - 001082368 _____ (SafeNet Inc.) [File not signed] C:\Program Files (x86)\Common Files\Aladdin Shared\HASP\haspvlib_64747.dll
2020-06-14 19:27 - 2020-06-14 19:27 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI20882\wxbase30u_net_vc90_x64.dll
2020-06-14 19:27 - 2020-06-14 19:27 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI20882\wxbase30u_vc90_x64.dll
2020-06-14 19:27 - 2020-06-14 19:27 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI20882\wxmsw30u_adv_vc90_x64.dll
2020-06-14 19:27 - 2020-06-14 19:27 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI20882\wxmsw30u_core_vc90_x64.dll
2020-06-14 19:27 - 2020-06-14 19:27 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI20882\wxmsw30u_html_vc90_x64.dll
2020-06-14 19:27 - 2020-06-14 19:27 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI20882\wxmsw30u_webview_vc90_x64.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 [116]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2019-01-04 16:59 - 000001292 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 hl2rcv.adobe.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3822893454-3942415576-2141635118-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Speeder\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^O&O Defrag Tray.lnk => C:\Windows\pss\O&O Defrag Tray.lnk.CommonStartup
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: cz.seznam.software.szndesktop => "C:\Users\Speeder\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
MSCONFIG\startupreg: OODefragTray => C:\Program Files\OO Software\Defrag\oodtray.exe
MSCONFIG\startupreg: seznam-listicka-distribuce => "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
MSCONFIG\startupreg: Zoner Photo Studio Autoupdate => "C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B2CBD845-716B-47AF-9D0B-CBBFE1BCAEA1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F5E8D487-FCD8-4870-A936-D9ACB4516D48}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CB13B2C1-FE8C-4CCE-B6E6-D26AA14D3533}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FE8697BF-E421-43E4-B084-E1BE6BFFA7D4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{84A0AAE3-965D-4818-A353-93739A9DF2CD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{42A1E654-A9F0-4321-9795-91B312EFEDE1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{ADE7D7F6-99A7-4E0C-9216-D988B796D83D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{ED9A5F78-E213-4A00-9B92-02C6A6F798F1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{C991C9E8-931E-4F84-B1DA-782AE74E37C7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{49417113-A61A-4FF1-A967-864A590B43DA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{AD49CB4F-EC52-44E2-9F6E-9F41527F23E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{93487F1F-1C2E-4861-801A-2022C8F6118A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe (Bohemia Interactive a.s. -> Bohemia Interactive)
FirewallRules: [{A41F1135-A43E-4649-859E-FDF0BF41DFC2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe (Bohemia Interactive a.s. -> Bohemia Interactive)
FirewallRules: [{40884517-B8BE-4F81-B19C-AD0122EC26E6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\DLCsetup\ACR\datacachepreprocessor.exe () [File not signed]
FirewallRules: [{69E2F041-2DBF-4DFF-AF6D-6506F1C9C5B6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\DLCsetup\ACR\datacachepreprocessor.exe () [File not signed]
FirewallRules: [{B6DF356F-94AE-4ABE-BCF6-E0F181AE2E3C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 2\arma2.exe (Bohemia Interactive a.s. -> Bohemia Interactive) [File not signed]
FirewallRules: [{A691E615-A015-407B-9B35-FD7B9887FF8A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 2\arma2.exe (Bohemia Interactive a.s. -> Bohemia Interactive) [File not signed]
FirewallRules: [{F1D4FE49-6A63-4BF0-A860-11B49E26D29B}] => (Allow) D:\Games\World_of_Tanks\WoTLauncher.exe (Wargaming PCL -> Wargaming.net)
FirewallRules: [{0DE0C6FA-B1D8-4077-B300-5C28E8C239EF}] => (Allow) D:\Games\World_of_Tanks\WoTLauncher.exe (Wargaming PCL -> Wargaming.net)
FirewallRules: [{B42E6522-4530-4BA0-B087-415265628F1C}] => (Allow) D:\Games\World_of_Tanks\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{F28B0A43-73FD-402D-B9A0-065260C112D3}] => (Allow) D:\Games\World_of_Tanks\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{EF70E70F-A562-4B16-9DC5-4AB27434F91B}F:\hry\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) F:\hry\call of duty 4 - modern warfare\iw3mp.exe () [File not signed]
FirewallRules: [UDP Query User{1CB18811-96CC-4371-BBE3-0F815F745E15}F:\hry\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) F:\hry\call of duty 4 - modern warfare\iw3mp.exe () [File not signed]
FirewallRules: [TCP Query User{FA7AE56B-BB1A-446D-AE23-6A4DEFE835B4}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{61B12395-98AB-4A71-8A9A-9B0066490173}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{2CF68093-6CB6-4FED-BEA5-AFA5D83F5E91}D:\games\coh-of\install\reliccoh.exe] => (Allow) D:\games\coh-of\install\reliccoh.exe (THQ Canada Inc. -> THQ Canada Inc.) [File not signed]
FirewallRules: [UDP Query User{3ED35DA3-7026-4A15-B9A0-F1227BC24205}D:\games\coh-of\install\reliccoh.exe] => (Allow) D:\games\coh-of\install\reliccoh.exe (THQ Canada Inc. -> THQ Canada Inc.) [File not signed]
FirewallRules: [{8D7C7F43-B258-44FD-81A4-22AEF30BB531}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [TCP Query User{777AF9B7-8A76-47DC-9B7B-057818DE0DB6}C:\users\speeder\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\speeder\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{883E45A9-55D7-495B-8FFC-0CB4731B7B1A}C:\users\speeder\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\speeder\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{29B48459-06AF-4C83-9FBD-BA9C41A05EEE}D:\games\x-plane 11\x-plane.exe] => (Allow) D:\games\x-plane 11\x-plane.exe () [File not signed]
FirewallRules: [UDP Query User{5C366A71-6E96-434E-8C53-43DA1816D006}D:\games\x-plane 11\x-plane.exe] => (Allow) D:\games\x-plane 11\x-plane.exe () [File not signed]
FirewallRules: [{FAB9D2BA-C38A-4499-AA1A-B081CF52B07C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{A6B3D5A6-D458-466F-A139-6ADFC61CC78E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{78CE0878-79A6-4E57-BE98-FAEDD5D76D59}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{35183EEF-0990-45E7-B9B2-D40A7C7E6E86}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [TCP Query User{926ED320-5A88-4E0A-ADC6-94E17E9262B3}C:\users\speeder\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\speeder\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{D5E46D66-19C2-4735-9622-C6856A53EE3F}C:\users\speeder\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\speeder\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DCE61E73-4189-4481-9663-BC69E00E80C7}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{C90FD03E-5335-4EA4-B83F-158D22F4E410}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{ACBE8E2D-C1B0-422F-B47A-DAD9EDF96C82}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{85341152-CE7C-4482-B051-8C779CEC1DB5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{21550E44-8EFB-4C5C-A06D-C27AFE98D3B2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{85C28C45-1030-4D9E-AD23-EB1EF2B5124F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [TCP Query User{EE86425D-3CBD-4AD2-B99F-17AA585C56D6}D:\games\world_of_tanks\win32\worldoftanks.exe] => (Allow) D:\games\world_of_tanks\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{24C95E61-5C13-443E-9EA9-D641A26578F1}D:\games\world_of_tanks\win32\worldoftanks.exe] => (Allow) D:\games\world_of_tanks\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{140BDECC-5F70-4F08-A788-A29851F2C40F}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{20255482-7B1B-4802-8A99-8172B594A573}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{61875509-FEA8-4A4E-BB76-3644F035F3D2}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{E39DEBE4-8A45-41AC-B697-050B3ECF1DE9}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{160E64F7-2912-4695-88CE-2717D33E5D8F}] => (Allow) C:\Windows\system32\hasplms.exe (SafeNet, Inc. -> SafeNet, Inc.)
FirewallRules: [{9EC30D65-64DF-49A0-A1EB-05868B8F65AD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\race 07\SteamExpansionApp.exe () [File not signed]
FirewallRules: [{3A1518B0-3140-4A67-93F5-E2B5B5B5C6D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\race 07\SteamExpansionApp.exe () [File not signed]
FirewallRules: [{D6E9E357-93F3-44DF-872B-51E28BF47F8E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{02143647-8F3F-4965-AB1E-946E1B7B2CEA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{FA7755E3-AF9E-462E-8D94-308DC0943B81}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\race 07\SteamProxy.exe () [File not signed]
FirewallRules: [{E3287A04-BF49-459E-ACAF-843D2898A484}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\race 07\SteamProxy.exe () [File not signed]
FirewallRules: [{19503D95-2DBC-4775-9CC2-91196EF17D21}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\race 07\Config.exe (Simbin Development Team AB) [File not signed]
FirewallRules: [{EEDBA786-2C6E-48AC-9EB7-A6BD6D5A158D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\race 07\Config.exe (Simbin Development Team AB) [File not signed]
FirewallRules: [TCP Query User{95B4947E-0EBF-429C-AA77-944A246C6D18}C:\program files (x86)\steam\steamapps\common\race 07\race_steam.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\race 07\race_steam.exe (SimBin) [File not signed]
FirewallRules: [UDP Query User{FA2975C3-7D64-4F8F-AB9F-EA462391DCBB}C:\program files (x86)\steam\steamapps\common\race 07\race_steam.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\race 07\race_steam.exe (SimBin) [File not signed]
FirewallRules: [{B5A6F44A-AE5A-4C8B-B49A-0BB05177AC34}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

29-05-2020 12:39:47 Naplánovaný kontrolní bod
05-06-2020 13:30:52 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (06/14/2020 07:25:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/13/2020 06:55:08 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/12/2020 10:50:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/10/2020 03:12:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/09/2020 04:03:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/09/2020 09:59:52 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/08/2020 03:23:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/08/2020 09:20:53 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (06/14/2020 07:29:35 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby Schedule bylo dosaženo časového limitu (30000 ms).

Error: (06/14/2020 07:29:05 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby Schedule bylo dosaženo časového limitu (30000 ms).

Error: (06/13/2020 06:57:15 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Služba WMPNetworkSvc nebyla spuštěna správně, protože u funkce CoCreateInstance (CLSID_UPnPDeviceFinder) došlo k chybě 0x80004005. Zkontrolujte, zda je spuštěná služba UPnPHost a zda je správně nainstalována součást systému Windows UPnPHost.

Error: (06/13/2020 06:55:20 AM) (Source: hasplms) (EventID: 3) (User: )
Description: ERROR: Sentinel LDK License Manager failed to start in a promptly manner!

Error: (06/12/2020 10:55:09 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Windows Update přestala během spouštění reagovat.

Error: (06/09/2020 10:05:38 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Windows Update přestala během spouštění reagovat.

Error: (06/08/2020 03:23:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba TeamViewer 14 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (06/08/2020 03:23:22 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby TeamViewer 14 bylo dosaženo časového limitu (30000 ms).


Windows Defender:
===================================
Date: 2015-12-13 11:19:11.115
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=223812
Název:BrowserModifier:Win32/Smudplu
ID:223812
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\Program Files\Common Files\ShopperPro\spbii32.exe;process:pid:892
Typ zjišťování:Konkrétní
Zdroj zjišťování:Ochrana v reálném čase
Stav:Neznámý
Uživatel:\
Název procesu:

Date: 2015-12-13 10:24:35.652
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=208154
Název:BrowserModifier:Win32/ShopperProCby
ID:208154
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:driver:SPDRIVER_1.42.1.2719;file:C:\Program Files (x86)\ShopperPro\config.json;file:C:\Program Files (x86)\ShopperPro\database1_0_0.ej;file:C:\Program Files (x86)\ShopperPro\database1_0_0.json;file:C:\Program Files (x86)\ShopperPro\FireFox\chrome.manifest;file:C:\Program Files (x86)\ShopperPro\FireFox\content\overlay.js;file:C:\Program Files (x86)\ShopperPro\FireFox\content\overlay.xul;file:C:\Program Files (x86)\ShopperPro\FireFox\content\shopperpro_128.png;file:C:\Program Files (x86)\ShopperPro\FireFox\install.rdf;file:C:\Program Files (x86)\ShopperPro\JSDriver\1.42.1.2719\config.json;file:C:\Program Files (x86)\ShopperPro\JSDriver\1.42.1.2719\database1_0_0.ej;file:C:\Program Files (x86)\ShopperPro\JSDriver\1.42.1.2719\jsdrv.sys;file:C:\Program Files (x86)\ShopperPro\JSDriver\1.42.1.2719\trz58E9.tmp;file:C:\Program Files (x86)\ShopperPro\JSDriver\jsdrv.exe;file:C:\Program Files (x86)\ShopperPro\JSDriver\jsdrv.sys;file:C:\Program Files (x86)\ShopperPro\manifest.json;file:C:\Program Files (x86)\ShopperPro\Sh
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\SYSTEM
Název procesu:

Date: 2015-12-13 10:21:06.979
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=223812
Název:BrowserModifier:Win32/Smudplu
ID:223812
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\Program Files\Common Files\ShopperPro\spbii64.exe
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\SYSTEM
Název procesu:

Date: 2015-12-13 10:21:06.979
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=208154
Název:BrowserModifier:Win32/ShopperProCby
ID:208154
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\Program Files (x86)\ShopperPro\config.json;file:C:\Program Files (x86)\ShopperPro\database1_0_0.ej;file:C:\Program Files (x86)\ShopperPro\database1_0_0.json;file:C:\Program Files (x86)\ShopperPro\FireFox\chrome.manifest;file:C:\Program Files (x86)\ShopperPro\FireFox\content\overlay.js;file:C:\Program Files (x86)\ShopperPro\FireFox\content\overlay.xul;file:C:\Program Files (x86)\ShopperPro\FireFox\content\shopperpro_128.png;file:C:\Program Files (x86)\ShopperPro\FireFox\install.rdf;file:C:\Program Files (x86)\ShopperPro\JSDriver\1.42.1.2719\config.json;file:C:\Program Files (x86)\ShopperPro\JSDriver\1.42.1.2719\database1_0_0.ej;file:C:\Program Files (x86)\ShopperPro\JSDriver\1.42.1.2719\jsdrv.sys;file:C:\Program Files (x86)\ShopperPro\JSDriver\1.42.1.2719\trz58E9.tmp;file:C:\Program Files (x86)\ShopperPro\JSDriver\jsdrv.exe;file:C:\Program Files (x86)\ShopperPro\JSDriver\jsdrv.sys;file:C:\Program Files (x86)\ShopperPro\manifest.json;file:C:\Program Files (x86)\ShopperPro\ShopperPro.dll;file:C:\Program
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\SYSTEM
Název procesu:

Date: 2015-12-12 21:03:39.381
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=208154
Název:BrowserModifier:Win32/ShopperProCby
ID:208154
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\Program Files (x86)\ShopperPro\ShopperPro.exe;process:pid:4476
Typ zjišťování:Konkrétní
Zdroj zjišťování:Ochrana v reálném čase
Stav:Neznámý
Uživatel:\
Název procesu:

CodeIntegrity:
===================================

Date: 2020-06-14 19:25:18.789
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\multikey.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-06-14 19:25:18.726
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\multikey.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-06-14 19:25:18.664
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\multikey.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-06-14 19:25:18.602
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\multikey.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-06-13 06:53:51.007
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\multikey.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-06-13 06:53:50.945
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\multikey.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-06-13 06:53:50.882
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\multikey.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-06-13 06:53:50.820
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\multikey.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: American Megatrends Inc. V1.9 01/13/2010
Motherboard: MICRO-STAR INTERNATIONAL CO.,LTD 790FX-GD70(MS-7577)
Processor: AMD Phenom(tm) II X4 955 Processor
Percentage of memory in use: 58%
Total physical RAM: 8190.24 MB
Available physical RAM: 3385.03 MB
Total Virtual: 16378.69 MB
Available Virtual: 11686.51 MB

==================== Drives ================================

Drive c: (SYSTEM) (Fixed) (Total:150 GB) (Free:36.67 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:781.51 GB) (Free:179.38 GB) NTFS
Drive f: (SOFT) (Fixed) (Total:232.88 GB) (Free:114.43 GB) NTFS
Drive g: (HEROES3) (CDROM) (Total:0.96 GB) (Free:0 GB) CDFS


==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 17311730)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: E154E154)
Partition 1: (Active) - (Size=150 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=781.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

# -------------------------------
# Malwarebytes AdwCleaner 8.0.5.0
# -------------------------------
# Build: 05-25-2020
# Database: 2020-06-12.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-14-2020
# Duration: 00:00:03
# OS: Windows 7 Home Premium
# Cleaned: 23
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\Program Files (x86)\YouTube Accelerator
Deleted C:\ProgramData\BSD\DriverHive
Deleted C:\ProgramData\BSD\DriverHiveEngine
Deleted C:\ProgramData\ShopperPro
Deleted C:\Users\Public\Documents\Goobzo
Deleted C:\Users\Public\Documents\ShopperPro
Deleted C:\Users\Speeder\AppData\LocalLow\Goobzo
Deleted C:\Users\Speeder\AppData\Local\FileViewPro
Deleted C:\Users\Speeder\AppData\Local\Installer\INSTALL_15651
Deleted C:\Users\Speeder\AppData\Local\Installer\INSTALL_29223
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Solvusoft

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\BSD
Deleted HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm
Deleted HKLM\SOFTWARE\CLASSES\APPLICATIONS\SolvusoftTray.exe
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{136B8F8D-2F2E-4839-A95A-CDD8F99256A3}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DriverDoc Auto Start
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\cz.seznam.software.szndesktop
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\seznam-listicka-distribuce
Deleted HKLM\Software\Wow6432Node\BSD

***** [ Chromium (and derivatives) ] *****

Deleted Seznam doplněk - Email - bgjpfhpjcgdppjbgnpnjllokbmcdllig
Deleted Seznam doplněk - Esko - olfeabkoenfaoljndfecamgilllcpiak

***** [ Chromium URLs ] *****

Deleted Spirální stabilizace páteře - Na Úbočí 10, Praha 8, Czech Republic, 00420-284 810 231, spirstab@spirstab.com

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3289 octets] - [14/06/2020 20:05:46]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

OK. Dejte nové logy FRST+Addition.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-06-2020
Ran by Speeder (administrator) on SPEEDER-PC (MICRO-STAR INTERNATIONAL CO.,LTD MS-7577) (14-06-2020 22:09:45)
Running from D:\downloads
Loaded Profiles: Speeder
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> ) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <2>
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <2>
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro Advanced\DTAgent.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro Advanced\DTShellHlp.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <8>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(O and O Software GmbH -> O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(O and O Software GmbH -> O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodtray.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SafeNet, Inc. -> SafeNet, Inc.) C:\Windows\System32\hasplms.exe
(SOKNO S.R.L. -> Almico Software (www.almico.com)) C:\Program Files (x86)\SpeedFan\speedfan.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\dlls\wgc_renderer.exe <3>
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wargamingerrormonitor.exe
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16407296 2015-10-16] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-04] (Canon Inc. -> CANON INC.)
HKLM\...\Run: [OODefragTray] => C:\Program Files\OO Software\Defrag\oodtray.exe [4449584 2013-09-19] (O and O Software GmbH -> O&O Software GmbH)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [108728 2020-05-24] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-05-05] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\qttask.exe [77824 2016-01-08] (Apple Computer, Inc.) [File not signed]
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3822893454-3942415576-2141635118-1000\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro Advanced\DTAgent.exe [3111456 2013-05-13] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-3822893454-3942415576-2141635118-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3822893454-3942415576-2141635118-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [48214752 2020-04-06] (Google LLC -> )
HKU\S-1-5-21-3822893454-3942415576-2141635118-1000\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2417016 2020-05-15] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-3822893454-3942415576-2141635118-1000\...\MountPoints2: {371a0487-3c20-11e8-9327-406186cc7049} - G:\_AUTORUN\AUTORUN.EXE
HKU\S-1-5-18\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-17] (Piriform Software Ltd -> Piriform Ltd)
HKLM\...\Windows x64\Print Processors\BJ Print Processor4: C:\Windows\System32\spool\prtprocs\x64\CNBPP4.DLL [84992 2009-07-14] (Microsoft Windows -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon MP610 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD93.DLL [27648 2007-04-16] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\BJ Language Monitor4: C:\Windows\system32\CNBLM4.DLL [267776 2009-07-14] (Microsoft Windows -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP610 series: C:\Windows\system32\CNMLM93.DLL [258560 2007-04-16] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.97\Installer\chrmstp.exe [2020-06-03] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2020-05-04] (Adobe Inc. -> Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SpeedFan.lnk [2017-10-10]
ShortcutTarget: SpeedFan.lnk -> C:\Program Files (x86)\SpeedFan\speedfan.exe (SOKNO S.R.L. -> Almico Software (www.almico.com))
Startup: C:\Users\Speeder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vetrak.bat.lnk [2020-01-30]
ShortcutTarget: vetrak.bat.lnk -> C:\Program Files (x86)\SpeedFan\vetrak.bat () [File not signed]
GroupPolicy: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0E8B566C-2A09-4FD9-A50B-B41892CEA909} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {29766580-8D4F-4062-8FE9-9C16E47265E2} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {36AAB464-B482-4896-9E15-5B13CD9F9E1D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {6F5329B2-AD6A-4E54-A9E4-5A7A8029096B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-17] (Piriform Software Ltd -> Piriform Ltd)
Task: {7273CDA8-B971-4588-919A-19152B537F74} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-23] (Google Inc -> Google Inc.)
Task: {75CA7AEA-14CF-47AF-AF3B-F9B702668CBD} - System32\Tasks\{2CEF6DB6-BB5A-4A75-9B77-B8B29787606B} => C:\Windows\system32\pcalua.exe -a "C:\Users\Speeder\Desktop\O&O Defrag 17 Professional 32-64bit + Serial key\64bit\O&O DefragProfessional 17.0.420 64bit ENG.exe" -d "C:\Users\Speeder\Desktop\O&O Defrag 17 Professional 32-64bit + Serial key\64bit"
Task: {8EFDE0F1-9E9A-4ED0-B94E-F06D187B514B} - System32\Tasks\WindowsUpda2ta => C:\Users\Speeder\AppData\Roaming\MICROSOFT\KMS Activator all windows 7 (Crack-kegen-serial).vbs <==== ATTENTION
Task: {B2479568-9AF6-4DD1-83E0-4F5B39B84E81} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-23] (Google Inc -> Google Inc.)
Task: {BEAB5D1A-36DB-4EE0-BB0A-3B97F92FC83F} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-05-05] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {C4B62FB2-C624-48DF-BE7F-39AE7521DED1} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3339472 2020-05-24] (Avast Software s.r.o. -> AVAST Software)
Task: {FE872E32-7124-4BBF-8001-482E02686A42} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{056C0202-572F-4EED-828A-07EECAE75CDB}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKU\S-1-5-21-3822893454-3942415576-2141635118-1000 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (Canon Inc. -> CANON INC.)

FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2014-07-28] (CANON INC.) [File not signed]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-12-16] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-12-16] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)

Chrome:
=======
CHR Profile: C:\Users\Speeder\AppData\Local\Google\Chrome\User Data\Default [2020-06-14]
CHR DownloadDir: D:\downloads
CHR Notifications: Default -> hxxp://forum.skodahome.cz; hxxps://drive.google.com; hxxps://forum.skodahome.cz; hxxps://mail.google.com; hxxps://web.whatsapp.com
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR DefaultSearchURL: Default -> hxxps://www.horizon.tv/etc/designs/orion/theme/ ... -36x36.png
CHR Extension: (Prezentace) - C:\Users\Speeder\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Speeder\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Disk Google) - C:\Users\Speeder\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-20]
CHR Extension: (Unlocker for WakeLockDetector) - C:\Users\Speeder\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgeplmmblegmdackkcemjkpngngocgjp [2018-10-19]
CHR Extension: (YouTube) - C:\Users\Speeder\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-23]
CHR Extension: (Vyhledávání Google) - C:\Users\Speeder\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-23]
CHR Extension: (Tabulky) - C:\Users\Speeder\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\Speeder\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-28]
CHR Extension: (Komponenta pro aplikaci SERVIS 24) - C:\Users\Speeder\AppData\Local\Google\Chrome\User Data\Default\Extensions\gincjcoomijeeoddomaaimknmflggfnb [2019-01-26]
CHR Extension: (Horizon TV) - C:\Users\Speeder\AppData\Local\Google\Chrome\User Data\Default\Extensions\khacdlnhpilifpplbbafdickbmihjoml [2020-06-12]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Speeder\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2019-06-03]
CHR Extension: (Copy Plain Text) - C:\Users\Speeder\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfjlgdbpkjmnofoglhlhcdfhjaglmncp [2018-01-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Speeder\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Speeder\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2020-06-14]
CHR Extension: (Gmail) - C:\Users\Speeder\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\Speeder\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-28]
CHR Profile: C:\Users\Speeder\AppData\Local\Google\Chrome\User Data\System Profile [2020-04-06]
CHR HKU\S-1-5-21-3822893454-3942415576-2141635118-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-3822893454-3942415576-2141635118-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKU\S-1-5-21-3822893454-3942415576-2141635118-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-05-05] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-05-05] (Adobe Inc. -> Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6350752 2020-05-24] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [348968 2020-05-24] (Avast Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1225216 2015-11-24] (Bastian Suter -> )
R2 hasplms; C:\Windows\system32\hasplms.exe [4574520 2017-02-14] (SafeNet, Inc. -> SafeNet, Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [1634096 2013-09-19] (O and O Software GmbH -> O&O Software GmbH)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12001112 2019-08-29] (TeamViewer GmbH -> TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [87864 2017-02-14] (SafeNet, Inc. -> SafeNet, Inc.)
S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [332088 2017-02-14] (SafeNet, Inc. -> SafeNet, Inc.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37136 2020-05-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205880 2020-05-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [234560 2020-05-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [178760 2020-05-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [60480 2020-05-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42784 2020-05-24] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [175704 2020-05-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [501472 2020-05-24] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2020-04-20] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [109272 2020-05-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84856 2020-05-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851592 2020-05-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [460992 2020-05-24] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [235488 2020-05-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [319112 2020-05-28] (Avast Software s.r.o. -> AVAST Software)
R0 AtiPcie; C:\Windows\System32\DRIVERS\AtiPcie64.sys [16440 2010-06-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.)
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-12-13] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [46392 2015-12-13] (Disc Soft Ltd -> Disc Soft Ltd)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2015-12-13] (DT Soft Ltd -> DT Soft Ltd)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [1287496 2017-02-14] (SafeNet, Inc. -> SafeNet, Inc.)
S3 multikey; C:\Windows\System32\DRIVERS\multikey.sys [883424 2017-09-15] (NGO -> TestProtect.com) [File not signed]
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation -> NVIDIA Corporation)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13536 2015-06-02] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R0 speedfan; C:\Windows\SysWow64\speedfan.sys [29592 2011-03-18] (Sokno S.R.L. -> Almico Software)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-06-14 20:05 - 2020-06-14 20:07 - 000000000 ____D C:\AdwCleaner
2020-06-14 19:39 - 2020-06-14 22:10 - 000000000 ____D C:\FRST
2020-06-12 12:22 - 2020-06-12 12:22 - 000002622 _____ C:\Users\Speeder\Desktop\Horizon TV.lnk
2020-06-07 09:14 - 2020-06-07 09:14 - 000001896 _____ C:\Users\Speeder\Desktop\Bandicam.lnk
2020-06-03 14:23 - 2020-06-14 20:19 - 000003450 _____ C:\Windows\system32\Tasks\AdobeGCInvoker-1.0
2020-05-31 21:53 - 2020-05-31 21:53 - 000000000 ____D C:\Users\Speeder\AppData\Local\RBRCIT
2020-05-31 20:56 - 2020-05-31 21:31 - 000000727 _____ C:\Users\Public\Desktop\RBR Car instalation tool.lnk
2020-05-31 20:56 - 2020-05-31 21:31 - 000000727 _____ C:\ProgramData\Desktop\RBR Car instalation tool.lnk
2020-05-29 10:16 - 2020-05-29 10:16 - 000000221 _____ C:\Users\Speeder\Desktop\RACE 07 - Formula RaceRoom Add-On.url
2020-05-28 18:05 - 2020-05-28 18:05 - 000000000 ____D C:\Users\Speeder\Documents\SimBin
2020-05-28 17:59 - 2020-05-28 17:59 - 000000220 _____ C:\Users\Speeder\Desktop\RACE 07.url
2020-05-28 17:52 - 2020-05-28 17:52 - 000000220 _____ C:\Users\Speeder\Desktop\GTR Evolution.url
2020-05-25 17:19 - 2020-05-25 17:19 - 000000000 ____D C:\Users\Speeder\AppData\Local\Tempzxpsigne3b574b0d2694eec
2020-05-25 17:19 - 2020-05-25 17:19 - 000000000 ____D C:\Users\Speeder\AppData\Local\Tempzxpsign6a3590d4c57d7249
2020-05-25 17:10 - 2020-05-25 17:10 - 000002009 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2020-05-25 17:10 - 2020-05-25 17:10 - 000002009 _____ C:\ProgramData\Desktop\Avast Free Antivirus.lnk
2020-05-24 12:11 - 2020-05-24 11:46 - 000337560 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2020-05-24 11:47 - 2020-05-24 11:46 - 000235488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2020-05-24 11:47 - 2020-05-24 11:46 - 000175704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-06-14 20:25 - 2009-07-14 06:45 - 000028128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-06-14 20:25 - 2009-07-14 06:45 - 000028128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-06-14 20:19 - 2017-12-28 11:50 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-06-14 20:19 - 2015-12-03 17:21 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2020-06-14 20:19 - 2015-12-02 14:26 - 000003450 _____ C:\Windows\system32\Tasks\{2CEF6DB6-BB5A-4A75-9B77-B8B29787606B}
2020-06-14 20:19 - 2015-11-24 01:01 - 000002798 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-06-14 20:19 - 2015-11-23 23:47 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-06-14 20:19 - 2015-11-23 22:17 - 000003388 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-06-14 20:19 - 2015-11-23 22:17 - 000003260 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-06-14 20:19 - 2015-11-23 22:10 - 000003370 _____ C:\Windows\system32\Tasks\WindowsUpda2ta
2020-06-14 20:17 - 2019-12-26 22:23 - 000000000 ____D C:\Users\Speeder\AppData\Roaming\Kodi
2020-06-14 20:12 - 2019-06-03 20:42 - 000000000 ___RD C:\Users\Speeder\Disk Google
2020-06-14 20:11 - 2015-11-23 23:05 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2020-06-14 20:10 - 2016-05-16 16:39 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-06-14 20:08 - 2015-11-23 22:12 - 000000000 ____D C:\ProgramData\NVIDIA
2020-06-14 20:08 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-06-14 20:07 - 2018-06-14 20:27 - 000000000 ____D C:\ProgramData\BSD
2020-06-12 12:22 - 2018-10-19 16:48 - 000000000 ____D C:\Users\Speeder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome
2020-06-12 12:17 - 2020-01-05 20:09 - 000000000 ____D C:\Users\Speeder\AppData\Roaming\Bandicam Company
2020-06-12 12:12 - 2015-11-24 16:47 - 000000000 ____D C:\Users\Speeder\AppData\Roaming\vlc
2020-06-12 10:59 - 2017-03-19 12:28 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2020-06-05 11:34 - 2017-07-31 21:25 - 000002065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-06-03 20:07 - 2015-11-23 22:18 - 000002230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-03 14:25 - 2019-10-03 20:44 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-06-03 14:25 - 2019-10-03 20:44 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-05-31 22:40 - 2015-11-24 17:10 - 000000000 ____D C:\Program Files (x86)\Steam
2020-05-28 17:49 - 2015-11-23 23:35 - 000319112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2020-05-24 11:46 - 2020-04-20 19:16 - 000501472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2020-05-24 11:46 - 2019-01-17 22:16 - 000234560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2020-05-24 11:46 - 2019-01-16 22:14 - 000178760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2020-05-24 11:46 - 2019-01-16 22:14 - 000060480 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2020-05-24 11:46 - 2019-01-16 22:14 - 000037136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2020-05-24 11:46 - 2018-10-22 20:45 - 000042784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2020-05-24 11:46 - 2017-11-11 11:56 - 000205880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2020-05-24 11:46 - 2015-11-23 23:35 - 000851592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2020-05-24 11:46 - 2015-11-23 23:35 - 000460992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2020-05-24 11:46 - 2015-11-23 23:35 - 000109272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2020-05-24 11:46 - 2015-11-23 23:35 - 000084856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2020-05-20 22:08 - 2015-11-23 23:34 - 000000000 ____D C:\ProgramData\AVAST Software
2020-05-20 18:50 - 2011-04-12 10:34 - 000668866 _____ C:\Windows\system32\perfh005.dat
2020-05-20 18:50 - 2011-04-12 10:34 - 000141526 _____ C:\Windows\system32\perfc005.dat
2020-05-20 18:50 - 2009-07-14 07:13 - 001584554 _____ C:\Windows\system32\PerfStringBackup.INI
2020-05-20 18:50 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf

==================== Files in the root of some directories ========

2016-01-21 17:34 - 2018-08-07 20:54 - 000000132 _____ () C:\Users\Speeder\AppData\Roaming\Adobe Formát GIF CS5 – předvolby
2017-05-09 21:48 - 2017-11-30 17:55 - 000000000 _____ () C:\Users\Speeder\AppData\Roaming\bitlord_log.txt
2016-06-12 12:35 - 2019-12-25 23:39 - 000099384 _____ () C:\Users\Speeder\AppData\Roaming\inst.exe
2016-06-12 12:35 - 2019-12-25 23:39 - 000007859 _____ () C:\Users\Speeder\AppData\Roaming\pcouffin.cat
2016-06-12 12:35 - 2019-12-25 23:39 - 000001167 _____ () C:\Users\Speeder\AppData\Roaming\pcouffin.inf
2016-06-12 12:35 - 2019-12-25 23:39 - 000000055 _____ () C:\Users\Speeder\AppData\Roaming\pcouffin.log
2016-06-12 12:35 - 2019-12-25 23:39 - 000082816 _____ (VSO Software) C:\Users\Speeder\AppData\Roaming\pcouffin.sys
2019-10-17 16:58 - 2019-10-17 16:58 - 000000001 _____ () C:\Users\Speeder\AppData\Local\llftool.4.40.agreement
2019-02-09 20:03 - 2019-02-09 20:03 - 000000000 _____ () C:\Users\Speeder\AppData\Local\oobelibMkey.log
2017-11-30 17:59 - 2017-11-30 17:59 - 000000218 _____ () C:\Users\Speeder\AppData\Local\recently-used.xbel
2017-05-07 17:21 - 2017-05-07 17:21 - 000000037 _____ () C:\Users\Speeder\AppData\Local\X-Plane Installer.prf
2017-05-07 17:21 - 2017-05-07 17:24 - 000000015 _____ () C:\Users\Speeder\AppData\Local\X-Plane_drm_11.prf
2017-05-07 17:04 - 2017-05-07 17:04 - 000000022 _____ () C:\Users\Speeder\AppData\Local\x-plane_install_11.txt

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2020-06-07 09:53
==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-06-2020
Ran by Speeder (14-06-2020 22:11:23)
Running from D:\downloads
Windows 7 Home Premium Service Pack 1 (X64) (2015-11-23 20:07:26)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3822893454-3942415576-2141635118-500 - Administrator - Disabled)
Guest (S-1-5-21-3822893454-3942415576-2141635118-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3822893454-3942415576-2141635118-1003 - Limited - Enabled)
Speeder (S-1-5-21-3822893454-3942415576-2141635118-1000 - Administrator - Enabled) => C:\Users\Speeder

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
AC3Filter 2.6.0b (HKLM-x32\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.009.20067 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Bridge CC (64 Bit) (HKLM-x32\...\{359F8007-6486-429C-A8C5-D67F6897C88C}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.0.327 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated)
Aktualizace NVIDIA 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
AMD Catalyst Install Manager (HKLM\...\{DD562794-C098-A1E5-66ED-10E8BD1C84C5}) (Version: 3.0.864.0 - Advanced Micro Devices, Inc.)
ARMA 2 Army of The Czech Republic - Data cache removal (HKLM-x32\...\A2ACR Data cache removal) (Version: - )
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.3.2405 - Avast Software)
Backup and Sync from Google (HKLM\...\{FE296942-D2D3-4149-8895-60655FE4CFDE}) (Version: 3.49.9800.0000 - Google, Inc.)
Bandicam (HKLM-x32\...\Bandicamv4.3.3.1498) (Version: v4.3.3.1498 - Friends in War)
Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.5.0 - Canon Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.)
Canon MP Navigator EX 1.0 (HKLM-x32\...\MP Navigator EX 1.0) (Version: - )
Canon MP610 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP610_series) (Version: - )
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.2.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.2.0 - Canon Inc.)
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.10.2.0 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.9.0.0 - Canon Inc.)
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6321 - CDBurnerXP)
Combined Community Codec Pack 64bit 2015-10-18 (HKLM\...\Combined Community Codec Pack 64bit_is1) (Version: 2015.10.19.0 - CCCP Project)
Company of Heroes - FAKEMSI (HKLM-x32\...\{14574B7F-75D1-4718-B7F2-EBF6E2862A35}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{199E6632-EB28-4F73-AECB-3E192EB92D18}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{25724802-CC14-4B90-9F3B-3D6955EE27B1}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{32C4A4EB-C97D-414E-99C5-38F8DFD31D5D}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{50193078-F553-4EBA-AA77-64C9FAA12F98}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{51D718D1-DA81-4FAD-919F-5C1CE3C33379}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{66F78C51-D108-4F0C-A93C-1CBE74CE338F}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{7F4B1592-222F-4E5F-A100-E5AFD61A0BB3}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{80D03817-7943-4839-8E96-B9F924C5E67D}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{97E5205F-EA4F-438F-B211-F1846419F1C1}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{99A7722D-9ACB-43F3-A222-ABC7133F159E}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{BA801B94-C28D-46EE-B806-E1E021A3D519}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{D4D244D1-05E0-4D24-86A2-B2433C435671}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{EAF636A9-F664-4703-A659-85A894DA264F}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes (HKLM-x32\...\Company of Heroes) (Version: 2.301.0 - THQ Inc.)
CPUID CPU-Z 1.90 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.90 - CPUID, Inc.)
CrystalDiskInfo 8.0.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 8.0.0 - Crystal Dew World)
DAEMON Tools Pro Advanced (HKLM-x32\...\DAEMON Tools Pro Advanced) (Version: - )
ETKA Loader 0.8.0.0 International (HKLM-x32\...\{54B46191-19CD-46B0-BC45-FBA59883AE60}_is1) (Version: 0.8.0.0 - algeni)
Farming Simulator 15 (HKLM-x32\...\FarmingSimulator2015CZ_is1) (Version: 1.0 - GIANTS Software)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.97 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Heroes of Might and Magic III Complete (HKLM-x32\...\{EDFB64A7-5BFD-4137-943D-5663149A15F5}) (Version: 1.00.0000 - CD Projekt) Hidden
Heroes of Might and Magic III Complete (HKLM-x32\...\InstallShield_{EDFB64A7-5BFD-4137-943D-5663149A15F5}) (Version: 1.00.0000 - CD Projekt)
IGI 2 (HKLM-x32\...\IGI 2) (Version: - )
Jak věci pracují (HKLM-x32\...\{0CC89282-5DFA-44E5-83CF-F4E725CCBC4A}) (Version: 3.1.0.0 - )
Kodi (HKU\S-1-5-21-3822893454-3942415576-2141635118-1000\...\Kodi) (Version: - XBMC Foundation)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
MediaInfo 0.7.98 (HKLM\...\MediaInfo) (Version: 0.7.98 - MediaArea.net)
Microsoft .NET Framework 4.6.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27012 (HKLM-x32\...\{427ada59-85e7-4bc8-b8d5-ebf59db60423}) (Version: 14.16.27012.6 - Microsoft Corporation)
MSI Afterburner 4.1.1 (HKLM-x32\...\Afterburner) (Version: 4.1.1 - MSI Co., LTD)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NVIDIA Ovladač 3D Vision 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.43 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.43 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
O&O Defrag Professional (HKLM\...\{5E35E094-8057-4ABE-A37A-1BD7D9475B4D}) (Version: 17.0.420 - O&O Software GmbH)
Ovládací panel NVIDIA 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 361.43 - NVIDIA Corporation) Hidden
PdfMerge (HKLM-x32\...\{238BE990-A412-4129-A434-D03B1A9E396E}) (Version: 1.22.0 - PdfMerge)
PicPick (HKLM-x32\...\PicPick) (Version: 5.0.2 - NGWIN)
QuickTime (HKLM-x32\...\QuickTime) (Version: - )
RBR CD Halenkovice (remove only) (HKLM-x32\...\RBRTrack1999) (Version: - )
RBR Foron (remove only) (HKLM-x32\...\RBRTrack550) (Version: - )
RBR Lousada v1.1 (remove only) (HKLM-x32\...\RBRTrack703) (Version: - )
RBR Reversed Tracks (remove only) (HKLM-x32\...\RBRReversedTracks) (Version: - )
RBR Sherwood Forest v1.02 (remove only) (HKLM-x32\...\RBRTrack1521) (Version: - )
RBR Svince v1.1 (remove only) (HKLM-x32\...\RBRTrack929) (Version: - )
RBR Tournament plugin (remove only) (HKLM-x32\...\RBRTM) (Version: - )
RBR Vicar (remove only) (HKLM-x32\...\RBRTrack1996) (Version: - )
RBR Vinec-Skalsko (remove only) (HKLM-x32\...\RBRTrack100) (Version: - )
RBR Zadverice (remove only) (HKLM-x32\...\RBRTrack99) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7634 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.4 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.4 - VS Revo Group, Ltd.)
Richard Burns Rally (HKLM-x32\...\{72CE541B-52BD-4FA1-8CD6-19341939AB21}) (Version: 1.00.000 - Název společnosti:) Hidden
Richard Burns Rally (HKLM-x32\...\InstallShield_{72CE541B-52BD-4FA1-8CD6-19341939AB21}) (Version: 1.00.000 - Název společnosti:)
SD Card Formatter (HKLM-x32\...\{A61131DC-B92D-4AD8-A925-E2D6D5FE217C}) (Version: 5.0.1 - SD Association)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Ski Challenge 16 (HKU\S-1-5-21-3822893454-3942415576-2141635118-1000\...\sc16-GAMETWIST_MAIN) (Version: - )
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spotify (HKU\S-1-5-21-3822893454-3942415576-2141635118-1000\...\Spotify) (Version: 1.1.22.633.g1bab253a - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.5.5819 - TeamViewer)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Wargaming.net Game Center (HKU\S-1-5-21-3822893454-3942415576-2141635118-1000\...\Wargaming.net Game Center) (Version: 20.2.1.112 - Wargaming.net)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
World of Tanks EU (HKU\S-1-5-21-3822893454-3942415576-2141635118-1000\...\WOT.EU.PRODUCTION) (Version: - Wargaming.net)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.1 - ZONER software)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3822893454-3942415576-2141635118-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-04-06] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-04-06] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-04-06] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-24] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DaemonShellExtImage] -> {40966797-8FFE-46C8-9EF8-7003F33CCF0F} => C:\Program Files (x86)\DAEMON Tools Pro Advanced\DTShl64.dll [2013-05-13] (Disc Soft Ltd -> Disc Soft Ltd)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-04-06] (Google LLC -> Google)
ContextMenuHandlers1: [OODefrag] -> {48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => C:\Program Files\OO Software\Defrag\oodsh.dll [2013-09-19] (O and O Software GmbH -> O&O Software GmbH)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDrive] -> {A5415364-784A-41A5-B47A-D452909CA8FF} => C:\Program Files (x86)\DAEMON Tools Pro Advanced\DTShl64.dll [2013-05-13] (Disc Soft Ltd -> Disc Soft Ltd)
ContextMenuHandlers2: [OODefrag] -> {48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => C:\Program Files\OO Software\Defrag\oodsh.dll [2013-09-19] (O and O Software GmbH -> O&O Software GmbH)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-04-06] (Google LLC -> Google)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-12-16] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [OODefrag] -> {48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => C:\Program Files\OO Software\Defrag\oodsh.dll [2013-09-19] (O and O Software GmbH -> O&O Software GmbH)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [msacm.ac3filter] => C:\Windows\system32\ac3filter64.acm [2231296 2013-04-05] () [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2018-09-26] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\system32\bdmjpeg64.dll [75248 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\system32\bdmpegv64.dll [75272 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\system32\bdmpega64.acm [75784 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2018-09-26] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [71152 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [71176 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [71176 2017-01-26] (Bandicam Company -> )

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
Shortcut: C:\Users\Speeder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vetrak.bat.lnk -> C:\Program Files (x86)\SpeedFan\vetrak.bat ()
ShortcutWithArgument: C:\Users\Speeder\Desktop\Horizon TV.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=khacdlnhpilifpplbbafdickbmihjoml
ShortcutWithArgument: C:\Users\Speeder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Horizon TV.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=khacdlnhpilifpplbbafdickbmihjoml
ShortcutWithArgument: C:\Users\Speeder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Unlocker for WakeLockDetector.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=bgeplmmblegmdackkcemjkpngngocgjp

==================== Loaded Modules (Whitelisted) =============

2016-10-12 02:08 - 2016-10-12 02:08 - 000124928 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2016-10-12 02:08 - 2016-10-12 02:08 - 000118272 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2016-10-12 02:08 - 2016-10-12 02:08 - 000166400 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2016-10-12 02:08 - 2016-10-12 02:08 - 000223232 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2016-10-12 02:08 - 2016-10-12 02:08 - 000117248 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2013-05-14 17:33 - 2013-05-14 17:33 - 000002560 _____ () [File not signed] C:\Program Files (x86)\DAEMON Tools Pro Advanced\MSIMG32.dll
2020-06-14 20:08 - 2020-06-14 20:08 - 000114176 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI25922\_ctypes.pyd
2020-06-14 20:08 - 2020-06-14 20:08 - 000173056 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI25922\_elementtree.pyd
2020-06-14 20:08 - 2020-06-14 20:08 - 002133504 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI25922\_hashlib.pyd
2020-06-14 20:08 - 2020-06-14 20:08 - 000032256 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI25922\_multiprocessing.pyd
2020-06-14 20:08 - 2020-06-14 20:08 - 000046080 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI25922\_psutil_windows.pyd
2020-06-14 20:08 - 2020-06-14 20:08 - 000047616 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI25922\_socket.pyd
2020-06-14 20:08 - 2020-06-14 20:08 - 002701824 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI25922\_ssl.pyd
2020-06-14 20:08 - 2020-06-14 20:08 - 000026112 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI25922\_yappi.pyd
2020-06-14 20:08 - 2020-06-14 20:08 - 000080896 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI25922\bz2.pyd
2020-06-14 20:08 - 2020-06-14 20:08 - 000016384 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI25922\common.time34.pyd
2020-06-14 20:08 - 2020-06-14 20:08 - 000007680 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI25922\hashobjs_ext.pyd
2020-06-14 20:08 - 2020-06-14 20:08 - 000301568 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI25922\PIL._imaging.pyd
2020-06-14 20:08 - 2020-06-14 20:08 - 000169472 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI25922\pyexpat.pyd
2020-06-14 20:08 - 2020-06-14 20:08 - 001084416 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI25922\pysqlite2._sqlite.pyd
2020-06-14 20:08 - 2020-06-14 20:08 - 000548864 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI25922\pythoncom27.dll
2020-06-14 20:08 - 2020-06-14 20:08 - 000137728 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI25922\pywintypes27.dll
2020-06-14 20:08 - 2020-06-14 20:08 - 000010752 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI25922\select.pyd
2020-06-14 20:08 - 2020-06-14 20:08 - 000020992 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI25922\thumbnails_ext.pyd
2020-06-14 20:08 - 2020-06-14 20:08 - 000689664 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI25922\unicodedata.pyd
2020-06-14 20:08 - 2020-06-14 20:08 - 000119808 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI25922\usb_ext.pyd
2020-06-14 20:08 - 2020-06-14 20:08 - 000128512 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI25922\win32api.pyd
2020-06-14 20:08 - 2020-06-14 20:08 - 000438784 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI25922\win32com.shell.shell.pyd
2020-06-14 20:08 - 2020-06-14 20:08 - 000011776 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI25922\win32crypt.pyd
2020-06-14 20:08 - 2020-06-14 20:08 - 000023040 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI25922\win32event.pyd
2020-06-14 20:08 - 2020-06-14 20:08 - 000149504 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI25922\win32file.pyd
2020-06-14 20:08 - 2020-06-14 20:08 - 000223232 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI25922\win32gui.pyd
2020-06-14 20:08 - 2020-06-14 20:08 - 000048128 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI25922\win32inet.pyd
2020-06-14 20:08 - 2020-06-14 20:08 - 000029696 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI25922\win32pdh.pyd
2020-06-14 20:08 - 2020-06-14 20:08 - 000027648 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI25922\win32pipe.pyd
2020-06-14 20:08 - 2020-06-14 20:08 - 000044032 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI25922\win32process.pyd
2020-06-14 20:08 - 2020-06-14 20:08 - 000020480 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI25922\win32profile.pyd
2020-06-14 20:08 - 2020-06-14 20:08 - 000136192 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI25922\win32security.pyd
2020-06-14 20:08 - 2020-06-14 20:08 - 000026624 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI25922\win32ts.pyd
2020-06-14 20:08 - 2020-06-14 20:08 - 000034816 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI25922\windows.conditional.pyd
2020-06-14 20:08 - 2020-06-14 20:08 - 000038400 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI25922\windows.connectivity.pyd
2020-06-14 20:08 - 2020-06-14 20:08 - 000071680 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI25922\windows.device_monitor.pyd
2020-06-14 20:08 - 2020-06-14 20:08 - 000109056 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI25922\windows.volumes.pyd
2020-06-14 20:08 - 2020-06-14 20:08 - 000020480 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI25922\windows.winwrap.pyd
2020-06-14 20:08 - 2020-06-14 20:08 - 001325056 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI25922\wx._controls_.pyd
2020-06-14 20:08 - 2020-06-14 20:08 - 001489408 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI25922\wx._core_.pyd
2020-06-14 20:08 - 2020-06-14 20:08 - 001007104 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI25922\wx._gdi_.pyd
2020-06-14 20:08 - 2020-06-14 20:08 - 000103424 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI25922\wx._html2.pyd
2020-06-14 20:08 - 2020-06-14 20:08 - 000916992 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI25922\wx._misc_.pyd
2020-06-14 20:08 - 2020-06-14 20:08 - 001039872 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI25922\wx._windows_.pyd
2016-03-14 21:29 - 2020-06-14 20:11 - 000192512 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\sfamcc00001.dll
2020-01-30 18:44 - 2020-06-14 20:11 - 000158720 _____ () [File not signed] C:\Users\Speeder\AppData\Local\Temp\sfareca00001.dll
2015-11-23 23:44 - 2015-11-23 23:44 - 000225280 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
2013-09-19 20:13 - 2013-09-27 20:49 - 000884016 _____ (O and O Software GmbH -> O&O Software GmbH) [File not signed] C:\Program Files\OO Software\Defrag\OODTRRS.DLL
2020-06-14 20:08 - 2020-06-14 20:08 - 003042816 _____ (Python Software Foundation) [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI25922\python27.dll
2020-02-25 17:22 - 2015-11-04 11:35 - 001082368 _____ (SafeNet Inc.) [File not signed] C:\Program Files (x86)\Common Files\Aladdin Shared\HASP\haspvlib_64747.dll
2020-06-14 20:08 - 2020-06-14 20:08 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI25922\wxbase30u_net_vc90_x64.dll
2020-06-14 20:08 - 2020-06-14 20:08 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI25922\wxbase30u_vc90_x64.dll
2020-06-14 20:08 - 2020-06-14 20:08 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI25922\wxmsw30u_adv_vc90_x64.dll
2020-06-14 20:08 - 2020-06-14 20:08 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI25922\wxmsw30u_core_vc90_x64.dll
2020-06-14 20:08 - 2020-06-14 20:08 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI25922\wxmsw30u_html_vc90_x64.dll
2020-06-14 20:08 - 2020-06-14 20:08 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\Speeder\AppData\Local\Temp\_MEI25922\wxmsw30u_webview_vc90_x64.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 [116]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2019-01-04 16:59 - 000001292 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 hl2rcv.adobe.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3822893454-3942415576-2141635118-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Speeder\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^O&O Defrag Tray.lnk => C:\Windows\pss\O&O Defrag Tray.lnk.CommonStartup
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: OODefragTray => C:\Program Files\OO Software\Defrag\oodtray.exe
MSCONFIG\startupreg: Zoner Photo Studio Autoupdate => "C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B2CBD845-716B-47AF-9D0B-CBBFE1BCAEA1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F5E8D487-FCD8-4870-A936-D9ACB4516D48}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CB13B2C1-FE8C-4CCE-B6E6-D26AA14D3533}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FE8697BF-E421-43E4-B084-E1BE6BFFA7D4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{84A0AAE3-965D-4818-A353-93739A9DF2CD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{42A1E654-A9F0-4321-9795-91B312EFEDE1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{ADE7D7F6-99A7-4E0C-9216-D988B796D83D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{ED9A5F78-E213-4A00-9B92-02C6A6F798F1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{C991C9E8-931E-4F84-B1DA-782AE74E37C7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{49417113-A61A-4FF1-A967-864A590B43DA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{AD49CB4F-EC52-44E2-9F6E-9F41527F23E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{93487F1F-1C2E-4861-801A-2022C8F6118A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe (Bohemia Interactive a.s. -> Bohemia Interactive)
FirewallRules: [{A41F1135-A43E-4649-859E-FDF0BF41DFC2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe (Bohemia Interactive a.s. -> Bohemia Interactive)
FirewallRules: [{40884517-B8BE-4F81-B19C-AD0122EC26E6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\DLCsetup\ACR\datacachepreprocessor.exe () [File not signed]
FirewallRules: [{69E2F041-2DBF-4DFF-AF6D-6506F1C9C5B6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\DLCsetup\ACR\datacachepreprocessor.exe () [File not signed]
FirewallRules: [{B6DF356F-94AE-4ABE-BCF6-E0F181AE2E3C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 2\arma2.exe (Bohemia Interactive a.s. -> Bohemia Interactive) [File not signed]
FirewallRules: [{A691E615-A015-407B-9B35-FD7B9887FF8A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 2\arma2.exe (Bohemia Interactive a.s. -> Bohemia Interactive) [File not signed]
FirewallRules: [{F1D4FE49-6A63-4BF0-A860-11B49E26D29B}] => (Allow) D:\Games\World_of_Tanks\WoTLauncher.exe (Wargaming PCL -> Wargaming.net)
FirewallRules: [{0DE0C6FA-B1D8-4077-B300-5C28E8C239EF}] => (Allow) D:\Games\World_of_Tanks\WoTLauncher.exe (Wargaming PCL -> Wargaming.net)
FirewallRules: [{B42E6522-4530-4BA0-B087-415265628F1C}] => (Allow) D:\Games\World_of_Tanks\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{F28B0A43-73FD-402D-B9A0-065260C112D3}] => (Allow) D:\Games\World_of_Tanks\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{EF70E70F-A562-4B16-9DC5-4AB27434F91B}F:\hry\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) F:\hry\call of duty 4 - modern warfare\iw3mp.exe () [File not signed]
FirewallRules: [UDP Query User{1CB18811-96CC-4371-BBE3-0F815F745E15}F:\hry\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) F:\hry\call of duty 4 - modern warfare\iw3mp.exe () [File not signed]
FirewallRules: [TCP Query User{FA7AE56B-BB1A-446D-AE23-6A4DEFE835B4}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{61B12395-98AB-4A71-8A9A-9B0066490173}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{2CF68093-6CB6-4FED-BEA5-AFA5D83F5E91}D:\games\coh-of\install\reliccoh.exe] => (Allow) D:\games\coh-of\install\reliccoh.exe (THQ Canada Inc. -> THQ Canada Inc.) [File not signed]
FirewallRules: [UDP Query User{3ED35DA3-7026-4A15-B9A0-F1227BC24205}D:\games\coh-of\install\reliccoh.exe] => (Allow) D:\games\coh-of\install\reliccoh.exe (THQ Canada Inc. -> THQ Canada Inc.) [File not signed]
FirewallRules: [{8D7C7F43-B258-44FD-81A4-22AEF30BB531}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [TCP Query User{777AF9B7-8A76-47DC-9B7B-057818DE0DB6}C:\users\speeder\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\speeder\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{883E45A9-55D7-495B-8FFC-0CB4731B7B1A}C:\users\speeder\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\speeder\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{29B48459-06AF-4C83-9FBD-BA9C41A05EEE}D:\games\x-plane 11\x-plane.exe] => (Allow) D:\games\x-plane 11\x-plane.exe () [File not signed]
FirewallRules: [UDP Query User{5C366A71-6E96-434E-8C53-43DA1816D006}D:\games\x-plane 11\x-plane.exe] => (Allow) D:\games\x-plane 11\x-plane.exe () [File not signed]
FirewallRules: [{FAB9D2BA-C38A-4499-AA1A-B081CF52B07C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{A6B3D5A6-D458-466F-A139-6ADFC61CC78E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{78CE0878-79A6-4E57-BE98-FAEDD5D76D59}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{35183EEF-0990-45E7-B9B2-D40A7C7E6E86}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [TCP Query User{926ED320-5A88-4E0A-ADC6-94E17E9262B3}C:\users\speeder\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\speeder\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{D5E46D66-19C2-4735-9622-C6856A53EE3F}C:\users\speeder\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\speeder\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DCE61E73-4189-4481-9663-BC69E00E80C7}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{C90FD03E-5335-4EA4-B83F-158D22F4E410}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{ACBE8E2D-C1B0-422F-B47A-DAD9EDF96C82}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{85341152-CE7C-4482-B051-8C779CEC1DB5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{21550E44-8EFB-4C5C-A06D-C27AFE98D3B2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{85C28C45-1030-4D9E-AD23-EB1EF2B5124F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [TCP Query User{EE86425D-3CBD-4AD2-B99F-17AA585C56D6}D:\games\world_of_tanks\win32\worldoftanks.exe] => (Allow) D:\games\world_of_tanks\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{24C95E61-5C13-443E-9EA9-D641A26578F1}D:\games\world_of_tanks\win32\worldoftanks.exe] => (Allow) D:\games\world_of_tanks\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{140BDECC-5F70-4F08-A788-A29851F2C40F}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{20255482-7B1B-4802-8A99-8172B594A573}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{61875509-FEA8-4A4E-BB76-3644F035F3D2}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{E39DEBE4-8A45-41AC-B697-050B3ECF1DE9}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{160E64F7-2912-4695-88CE-2717D33E5D8F}] => (Allow) C:\Windows\system32\hasplms.exe (SafeNet, Inc. -> SafeNet, Inc.)
FirewallRules: [{9EC30D65-64DF-49A0-A1EB-05868B8F65AD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\race 07\SteamExpansionApp.exe () [File not signed]
FirewallRules: [{3A1518B0-3140-4A67-93F5-E2B5B5B5C6D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\race 07\SteamExpansionApp.exe () [File not signed]
FirewallRules: [{D6E9E357-93F3-44DF-872B-51E28BF47F8E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{02143647-8F3F-4965-AB1E-946E1B7B2CEA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{FA7755E3-AF9E-462E-8D94-308DC0943B81}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\race 07\SteamProxy.exe () [File not signed]
FirewallRules: [{E3287A04-BF49-459E-ACAF-843D2898A484}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\race 07\SteamProxy.exe () [File not signed]
FirewallRules: [{19503D95-2DBC-4775-9CC2-91196EF17D21}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\race 07\Config.exe (Simbin Development Team AB) [File not signed]
FirewallRules: [{EEDBA786-2C6E-48AC-9EB7-A6BD6D5A158D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\race 07\Config.exe (Simbin Development Team AB) [File not signed]
FirewallRules: [TCP Query User{95B4947E-0EBF-429C-AA77-944A246C6D18}C:\program files (x86)\steam\steamapps\common\race 07\race_steam.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\race 07\race_steam.exe (SimBin) [File not signed]
FirewallRules: [UDP Query User{FA2975C3-7D64-4F8F-AB9F-EA462391DCBB}C:\program files (x86)\steam\steamapps\common\race 07\race_steam.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\race 07\race_steam.exe (SimBin) [File not signed]
FirewallRules: [{B5A6F44A-AE5A-4C8B-B49A-0BB05177AC34}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

29-05-2020 12:39:47 Naplánovaný kontrolní bod
05-06-2020 13:30:52 Naplánovaný kontrolní bod
14-06-2020 21:08:56 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (06/14/2020 08:09:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/14/2020 07:25:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/13/2020 06:55:08 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/12/2020 10:50:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/10/2020 03:12:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/09/2020 04:03:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/09/2020 09:59:52 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/08/2020 03:23:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (06/14/2020 08:10:32 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba TeamViewer 14 přestala během spouštění reagovat.

Error: (06/14/2020 08:07:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Windows Media Player Network Sharing neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.

Error: (06/14/2020 08:07:38 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba WMPNetworkSvc se nemohla přihlásit jako NT AUTHORITY\NetworkService s aktuálně konfigurovaným heslem z důvodu následující chyby:
Požadavek není podporován.


Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (06/14/2020 08:07:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA Streamer Network Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/14/2020 08:07:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AdobeUpdateService byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/14/2020 08:07:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (06/14/2020 08:07:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba O&O Defrag byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/14/2020 08:07:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA Streamer Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
===================================
Date: 2015-12-13 11:19:11.115
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=223812
Název:BrowserModifier:Win32/Smudplu
ID:223812
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\Program Files\Common Files\ShopperPro\spbii32.exe;process:pid:892
Typ zjišťování:Konkrétní
Zdroj zjišťování:Ochrana v reálném čase
Stav:Neznámý
Uživatel:\
Název procesu:

Date: 2015-12-13 10:24:35.652
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=208154
Název:BrowserModifier:Win32/ShopperProCby
ID:208154
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:driver:SPDRIVER_1.42.1.2719;file:C:\Program Files (x86)\ShopperPro\config.json;file:C:\Program Files (x86)\ShopperPro\database1_0_0.ej;file:C:\Program Files (x86)\ShopperPro\database1_0_0.json;file:C:\Program Files (x86)\ShopperPro\FireFox\chrome.manifest;file:C:\Program Files (x86)\ShopperPro\FireFox\content\overlay.js;file:C:\Program Files (x86)\ShopperPro\FireFox\content\overlay.xul;file:C:\Program Files (x86)\ShopperPro\FireFox\content\shopperpro_128.png;file:C:\Program Files (x86)\ShopperPro\FireFox\install.rdf;file:C:\Program Files (x86)\ShopperPro\JSDriver\1.42.1.2719\config.json;file:C:\Program Files (x86)\ShopperPro\JSDriver\1.42.1.2719\database1_0_0.ej;file:C:\Program Files (x86)\ShopperPro\JSDriver\1.42.1.2719\jsdrv.sys;file:C:\Program Files (x86)\ShopperPro\JSDriver\1.42.1.2719\trz58E9.tmp;file:C:\Program Files (x86)\ShopperPro\JSDriver\jsdrv.exe;file:C:\Program Files (x86)\ShopperPro\JSDriver\jsdrv.sys;file:C:\Program Files (x86)\ShopperPro\manifest.json;file:C:\Program Files (x86)\ShopperPro\Sh
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\SYSTEM
Název procesu:

Date: 2015-12-13 10:21:06.979
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=223812
Název:BrowserModifier:Win32/Smudplu
ID:223812
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\Program Files\Common Files\ShopperPro\spbii64.exe
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\SYSTEM
Název procesu:

Date: 2015-12-13 10:21:06.979
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=208154
Název:BrowserModifier:Win32/ShopperProCby
ID:208154
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\Program Files (x86)\ShopperPro\config.json;file:C:\Program Files (x86)\ShopperPro\database1_0_0.ej;file:C:\Program Files (x86)\ShopperPro\database1_0_0.json;file:C:\Program Files (x86)\ShopperPro\FireFox\chrome.manifest;file:C:\Program Files (x86)\ShopperPro\FireFox\content\overlay.js;file:C:\Program Files (x86)\ShopperPro\FireFox\content\overlay.xul;file:C:\Program Files (x86)\ShopperPro\FireFox\content\shopperpro_128.png;file:C:\Program Files (x86)\ShopperPro\FireFox\install.rdf;file:C:\Program Files (x86)\ShopperPro\JSDriver\1.42.1.2719\config.json;file:C:\Program Files (x86)\ShopperPro\JSDriver\1.42.1.2719\database1_0_0.ej;file:C:\Program Files (x86)\ShopperPro\JSDriver\1.42.1.2719\jsdrv.sys;file:C:\Program Files (x86)\ShopperPro\JSDriver\1.42.1.2719\trz58E9.tmp;file:C:\Program Files (x86)\ShopperPro\JSDriver\jsdrv.exe;file:C:\Program Files (x86)\ShopperPro\JSDriver\jsdrv.sys;file:C:\Program Files (x86)\ShopperPro\manifest.json;file:C:\Program Files (x86)\ShopperPro\ShopperPro.dll;file:C:\Program
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\SYSTEM
Název procesu:

Date: 2015-12-12 21:03:39.381
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=208154
Název:BrowserModifier:Win32/ShopperProCby
ID:208154
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\Program Files (x86)\ShopperPro\ShopperPro.exe;process:pid:4476
Typ zjišťování:Konkrétní
Zdroj zjišťování:Ochrana v reálném čase
Stav:Neznámý
Uživatel:\
Název procesu:

CodeIntegrity:
===================================

Date: 2020-06-14 20:08:30.059
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\multikey.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-06-14 20:08:29.996
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\multikey.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-06-14 20:08:29.934
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\multikey.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-06-14 20:08:29.872
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\multikey.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-06-14 19:25:18.789
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\multikey.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-06-14 19:25:18.726
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\multikey.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-06-14 19:25:18.664
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\multikey.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-06-14 19:25:18.602
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\multikey.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: American Megatrends Inc. V1.9 01/13/2010
Motherboard: MICRO-STAR INTERNATIONAL CO.,LTD 790FX-GD70(MS-7577)
Processor: AMD Phenom(tm) II X4 955 Processor
Percentage of memory in use: 56%
Total physical RAM: 8190.24 MB
Available physical RAM: 3538.01 MB
Total Virtual: 16378.69 MB
Available Virtual: 11784.41 MB

==================== Drives ================================

Drive c: (SYSTEM) (Fixed) (Total:150 GB) (Free:36.38 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:781.51 GB) (Free:177 GB) NTFS
Drive f: (SOFT) (Fixed) (Total:232.88 GB) (Free:114.43 GB) NTFS
Drive g: (HEROES3) (CDROM) (Total:0.96 GB) (Free:0 GB) CDFS


==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 17311730)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: E154E154)
Partition 1: (Active) - (Size=150 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=781.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
C:\Users\Speeder\AppData\Local\Temp
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 [116]
FirewallRules: [{FAB9D2BA-C38A-4499-AA1A-B081CF52B07C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{A6B3D5A6-D458-466F-A139-6ADFC61CC78E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
C:\Program Files\Common Files\ShopperPro
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3822893454-3942415576-2141635118-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3822893454-3942415576-2141635118-1000\...\MountPoints2: {371a0487-3c20-11e8-9327-406186cc7049} - G:\_AUTORUN\AUTORUN.EXE
GroupPolicy: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {7273CDA8-B971-4588-919A-19152B537F74} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-23] (Google Inc -> Google Inc.)
Task: {75CA7AEA-14CF-47AF-AF3B-F9B702668CBD} - System32\Tasks\{2CEF6DB6-BB5A-4A75-9B77-B8B29787606B} => C:\Windows\system32\pcalua.exe -a "C:\Users\Speeder\Desktop\O&O Defrag 17 Professional 32-64bit + Serial key\64bit\O&O DefragProfessional 17.0.420 64bit ENG.exe" -d "C:\Users\Speeder\Desktop\O&O Defrag 17 Professional 32-64bit + Serial key\64bit"
Task: {8EFDE0F1-9E9A-4ED0-B94E-F06D187B514B} - System32\Tasks\WindowsUpda2ta => C:\Users\Speeder\AppData\Roaming\MICROSOFT\KMS Activator all windows 7 (Crack-kegen-serial).vbs <==== ATTENTION
C:\Windows\system32\Tasks\{2CEF6DB6-BB5A-4A75-9B77-B8B29787606B}
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
Hosts:
End

Uložte do D:\downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Nějak jsem se k tomu dřív nedostal. Log zde.

Fix result of Farbar Recovery Scan Tool (x64) Version: 06-06-2020
Ran by Speeder (18-06-2020 16:06:24) Run:1
Running from D:\downloads
Loaded Profiles: Speeder
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
C:\Users\Speeder\AppData\Local\Temp
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 [116]
FirewallRules: [{FAB9D2BA-C38A-4499-AA1A-B081CF52B07C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{A6B3D5A6-D458-466F-A139-6ADFC61CC78E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
C:\Program Files\Common Files\ShopperPro
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3822893454-3942415576-2141635118-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3822893454-3942415576-2141635118-1000\...\MountPoints2: {371a0487-3c20-11e8-9327-406186cc7049} - G:\_AUTORUN\AUTORUN.EXE
GroupPolicy: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {7273CDA8-B971-4588-919A-19152B537F74} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-23] (Google Inc -> Google Inc.)
Task: {75CA7AEA-14CF-47AF-AF3B-F9B702668CBD} - System32\Tasks\{2CEF6DB6-BB5A-4A75-9B77-B8B29787606B} => C:\Windows\system32\pcalua.exe -a "C:\Users\Speeder\Desktop\O&O Defrag 17 Professional 32-64bit + Serial key\64bit\O&O DefragProfessional 17.0.420 64bit ENG.exe" -d "C:\Users\Speeder\Desktop\O&O Defrag 17 Professional 32-64bit + Serial key\64bit"
Task: {8EFDE0F1-9E9A-4ED0-B94E-F06D187B514B} - System32\Tasks\WindowsUpda2ta => C:\Users\Speeder\AppData\Roaming\MICROSOFT\KMS Activator all windows 7 (Crack-kegen-serial).vbs <==== ATTENTION
C:\Windows\system32\Tasks\{2CEF6DB6-BB5A-4A75-9B77-B8B29787606B}
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.

"C:\Users\Speeder\AppData\Local\Temp" folder move:

Could not move "C:\Users\Speeder\AppData\Local\Temp" => Scheduled to move on reboot.

C:\ProgramData\Reprise => ":wupeogjxldtlfudivq`qsp`26hfm" ADS removed successfully
C:\ProgramData\TEMP => ":56E2E879" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FAB9D2BA-C38A-4499-AA1A-B081CF52B07C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A6B3D5A6-D458-466F-A139-6ADFC61CC78E}" => removed successfully
"C:\Program Files\Common Files\ShopperPro" => not found
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
"HKU\S-1-5-21-3822893454-3942415576-2141635118-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge" => removed successfully
HKU\S-1-5-21-3822893454-3942415576-2141635118-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{371a0487-3c20-11e8-9327-406186cc7049} => removed successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7273CDA8-B971-4588-919A-19152B537F74}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7273CDA8-B971-4588-919A-19152B537F74}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{75CA7AEA-14CF-47AF-AF3B-F9B702668CBD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75CA7AEA-14CF-47AF-AF3B-F9B702668CBD}" => removed successfully
C:\Windows\System32\Tasks\{2CEF6DB6-BB5A-4A75-9B77-B8B29787606B} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2CEF6DB6-BB5A-4A75-9B77-B8B29787606B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8EFDE0F1-9E9A-4ED0-B94E-F06D187B514B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8EFDE0F1-9E9A-4ED0-B94E-F06D187B514B}" => removed successfully
C:\Windows\System32\Tasks\WindowsUpda2ta => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WindowsUpda2ta" => removed successfully
"C:\Windows\system32\Tasks\{2CEF6DB6-BB5A-4A75-9B77-B8B29787606B}" => not found
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 37349642 B
Java, Flash, Steam htmlcache => 424103334 B
Windows/system/drivers => 11526086 B
Edge => 0 B
Chrome => 672929992 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 66228 B
Public => 66228 B
ProgramData => 66228 B
systemprofile => 149988 B
systemprofile32 => 217734 B
LocalService => 283962 B
NetworkService => 283962 B
Speeder => 815004802 B
UpdatusUser => 815004802 B

RecycleBin => 0 B
EmptyTemp: => 2.6 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 18-06-2020 16:19:02)

C:\Users\Speeder\AppData\Local\Temp => moved successfully

==== End of Fixlog 16:19:02 ====

OK, smazáno. Nastala nějaká změna?

Uvidíme během několika dní. Nejhorší je to po spuštění PC. Teď se mi navíc sama aktualizuje hra, takže je to zkreslené. Děkuji moc a snad si vzpomenu a dám vědět.

OK. Nechám to tu otevřené.