VIRY.CZ

V prohlížeči se mi otevírají zdvojená nebo ztrojená okna, zdá se mi, že myš špatně reaguje na klik, nejde mi spustit Gmail /náhodná chyba/ už týden, ale nevím, jestli to spolu souvisí. Předem děkuji

Logfile of random's system information tool 1.10 (written by random/random)
Run by KAREL at 2022-12-10 11:47:04
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 2 GB (2%) free of 71 GB
Total RAM: 3001 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:47:12, on 10.12.2022
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Users\KAREL\AppData\Roaming\ckgkr\corsve.exe
C:\Program Files\trend micro\KAREL.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O17 - HKLM\System\CCS\Services\Tcpip\..\{E28415F2-DD36-4578-8DA7-537087953C9F}: NameServer = 8.8.8.8,8.8.4.4
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: CCleaner Performance Optimizer Service (CCleanerPerformanceOptimizerService) - Piriform Software Ltd - C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GalaxyClientService - GOG.com - C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe
O23 - Service: GalaxyCommunication - GOG.com - C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 4917 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\Explorer.EXE
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-e36a71db-9446-4554-92cf-f498d1e26b25 -SystemEventPortName:HostProcess-ed3a6956-62ea-4764-9efd-e1c997c33efa -IoCancelEventPortName:HostProcess-5da6228f-2b83-4359-afc7-eacc8c657cae -NonStateChangingEventPortName:HostProcess-32cfba49-d141-43ce-95b8-76e5cd36f1ba -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:2151ac0a-6ea4-422e-b86d-fc265ef8c2c7
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
taskeng.exe {C2BEE4A9-7C0E-4A21-89AB-5F13323D3D07}
C:\Users\KAREL\AppData\Roaming\ckgkr\corsve.exe "C:\Users\KAREL\AppData\Roaming\ckgkr\corsve.dat"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe"
"C:\Program Files\Mozilla Firefox\firefox.exe"
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2968.0.1514780633\481822948" -parentBuildID 20221128144904 -prefsHandle 1064 -prefMapHandle 1056 -prefsLen 28571 -prefMapSize 234015 -appDir "C:\Program Files\Mozilla Firefox\browser" - {17c73143-1239-4fce-a305-d5e3aa6e13b8} 2968 "\\.\pipe\gecko-crash-server-pipe.2968" 1148 11922958 gpu
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2968.1.1404449285\345913368" -parentBuildID 20221128144904 -prefsHandle 1280 -prefMapHandle 1276 -prefsLen 28616 -prefMapSize 234015 -appDir "C:\Program Files\Mozilla Firefox\browser" - {877eb6b6-6d77-4307-8ed5-5c56014f85a8} 2968 "\\.\pipe\gecko-crash-server-pipe.2968" 1304 1245d258 socket
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2968.2.1041317365\1209599669" -childID 1 -isForBrowser -prefsHandle 1920 -prefMapHandle 1560 -prefsLen 28808 -prefMapSize 234015 -jsInitHandle 872 -jsInitLen 246704 -a11yResourceId 64 -parentBuildID 20221128144904 -appDir "C:\Program Files\Mozilla Firefox\browser" - {eff2761a-adeb-41d4-a015-b7675b662bca} 2968 "\\.\pipe\gecko-crash-server-pipe.2968" 1568 19d34558 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2968.3.1532327201\57405661" -childID 2 -isForBrowser -prefsHandle 2840 -prefMapHandle 2836 -prefsLen 34286 -prefMapSize 234015 -jsInitHandle 872 -jsInitLen 246704 -a11yResourceId 64 -parentBuildID 20221128144904 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c85a9c6f-5989-46a6-9fdc-f3cba4bd423a} 2968 "\\.\pipe\gecko-crash-server-pipe.2968" 2852 1ee07558 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2968.11.1303864253\24904238" -parentBuildID 20221128144904 -prefsHandle 1420 -prefMapHandle 4568 -prefsLen 34286 -prefMapSize 234015 -appDir "C:\Program Files\Mozilla Firefox\browser" - {334568d4-802a-4f9c-b0f0-fad533005a19} 2968 "\\.\pipe\gecko-crash-server-pipe.2968" 3868 206b1e58 rdd
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2968.12.318543571\1127553368" -parentBuildID 20221128144904 -sandboxingKind 1 -prefsHandle 3784 -prefMapHandle 3932 -prefsLen 34286 -prefMapSize 234015 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d6278df4-9c11-4d4a-b303-99fc01afd70b} 2968 "\\.\pipe\gecko-crash-server-pipe.2968" 4776 21afde58 utility
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2968.13.1906558241\1088851588" -parentBuildID 20221128144904 -sandboxingKind 0 -prefsHandle 8416 -prefMapHandle 8420 -prefsLen 34286 -prefMapSize 234015 -appDir "C:\Program Files\Mozilla Firefox\browser" - {de9cca4d-ba5e-4613-ad2f-28084671f2c3} 2968 "\\.\pipe\gecko-crash-server-pipe.2968" 8404 1fc21f58 utility
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2968.40.2008587875\609523111" -childID 36 -isForBrowser -prefsHandle 4736 -prefMapHandle 3644 -prefsLen 34286 -prefMapSize 234015 -jsInitHandle 872 -jsInitLen 246704 -a11yResourceId 64 -parentBuildID 20221128144904 -appDir "C:\Program Files\Mozilla Firefox\browser" - {18b5b08b-7ccb-4f9d-9c86-1ecc5eb5f977} 2968 "\\.\pipe\gecko-crash-server-pipe.2968" 8084 17aaec58 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2968.41.904343850\998306174" -childID 37 -isForBrowser -prefsHandle 4364 -prefMapHandle 8512 -prefsLen 34286 -prefMapSize 234015 -jsInitHandle 872 -jsInitLen 246704 -a11yResourceId 64 -parentBuildID 20221128144904 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c49184c3-f335-436f-8e0c-8cff881394f6} 2968 "\\.\pipe\gecko-crash-server-pipe.2968" 4712 23ca2358 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2968.42.660471742\676350570" -childID 38 -isForBrowser -prefsHandle 3760 -prefMapHandle 3936 -prefsLen 34286 -prefMapSize 234015 -jsInitHandle 872 -jsInitLen 246704 -a11yResourceId 64 -parentBuildID 20221128144904 -appDir "C:\Program Files\Mozilla Firefox\browser" - {927e2b24-3551-4dd0-898e-6965ec2cdb4d} 2968 "\\.\pipe\gecko-crash-server-pipe.2968" 7972 23e5c358 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2968.43.1977308442\1865528447" -childID 39 -isForBrowser -prefsHandle 4108 -prefMapHandle 4792 -prefsLen 34286 -prefMapSize 234015 -jsInitHandle 872 -jsInitLen 246704 -a11yResourceId 64 -parentBuildID 20221128144904 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1dce0173-9b9a-405b-945f-9b3cb505b20c} 2968 "\\.\pipe\gecko-crash-server-pipe.2968" 8552 23a31b58 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2968.44.1872515337\741879704" -childID 40 -isForBrowser -prefsHandle 7836 -prefMapHandle 7840 -prefsLen 34286 -prefMapSize 234015 -jsInitHandle 872 -jsInitLen 246704 -a11yResourceId 64 -parentBuildID 20221128144904 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c29eeab5-dfe2-4f9b-8e31-8d892eef0cdb} 2968 "\\.\pipe\gecko-crash-server-pipe.2968" 7856 24612058 tab
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"C:\Users\KAREL\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\CCleanerCrashReporting.job - C:\Program Files\CCleaner\CCleanerBugReport.exe --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "515fbcf1-c488-4adb-87c8-d426745eb0a5" --version "6.06.10144" --silent

=========Mozilla firefox=========

ProfilePath - C:\Users\KAREL\AppData\Roaming\Mozilla\Firefox\Profiles\jzmbh3ho.default-release

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.11]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2021-05-29 163384]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2021-05-29 387640]
"Persistence"=C:\Windows\system32\igfxpers.exe [2021-05-29 418360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe -automount []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2022-11-09 38650192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Smart Cleaning]
C:\Program Files\CCleaner\CCleaner64.exe [2022-11-09 38650192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\chrome]
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --headless --disable-gpu --remote-debugging-port=9222 http://mi-ner-nis-de-6.info/cdn-1006.html?t=0.4 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Launch LCore]
C:\Program Files\Logitech Gaming Software\LCore.exe /minimized []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\launchOnStartup]
C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [2020-06-13 13971528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\M-Audio Taskbar Icon]
C:\Windows\system32\M-AudioTaskBarIcon.exe [2010-03-31 798728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Path]
C:\Program Files (x86)\ZOOM\Edit_Share\bin\ZOOM Edit&Share startup.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files\PowerISO\PWRISOVM.EXE [2018-06-17 456160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Host Services x64.lnk]
C:\PROGRA~1\qemu\HOSTSE~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^KAREL^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^SmartClock.lnk]
C:\Users\KAREL\AppData\Roaming\SMARTC~1\SMARTC~1.EXE []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2021-05-29 272384]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux2"=wdmaud.drv
"wave5"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux3"=wdmaud.drv
"wave6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"mixer7"=wdmaud.drv
"midi8"=wdmaud.drv
"aux4"=wdmaud.drv
"midi6"=wdmaud.drv
"midi7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer9"=wdmaud.drv
"midi9"=wdmaud.drv
"aux5"=wdmaud.drv
"aux6"=wdmaud.drv
"aux7"=wdmaud.drv
"aux8"=wdmaud.drv
"aux9"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2022-12-10 11:47:04 ----D---- C:\rsit
2022-12-10 07:18:46 ----D---- C:\ProgramData\Piriform
2022-12-01 19:27:16 ----D---- C:\Program Files\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2022-12-10 11:47:12 ----D---- C:\Windows\Temp
2022-12-10 11:47:11 ----D---- C:\Program Files\trend micro
2022-12-10 11:47:08 ----D---- C:\Windows\Prefetch
2022-12-10 11:37:06 ----D---- C:\Windows\system32\drivers\etc
2022-12-10 11:32:55 ----D---- C:\Program Files\CCleaner
2022-12-10 11:07:16 ----D---- C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-12-10 07:18:46 ----HD---- C:\ProgramData
2022-12-10 06:59:46 ----D---- C:\Windows
2022-12-10 06:58:13 ----D---- C:\Windows\system32\Tasks
2022-12-10 06:58:11 ----D---- C:\Windows\Tasks
2022-12-08 15:46:26 ----D---- C:\Windows\system32\config
2022-12-08 15:42:50 ----SHD---- C:\System Volume Information
2022-12-03 15:15:04 ----D---- C:\Users\KAREL\AppData\Roaming\AIMP
2022-12-03 14:49:10 ----D---- C:\Windows\System32
2022-12-03 14:49:10 ----A---- C:\Windows\system32\PerfStringBackup.INI
2022-12-03 14:49:09 ----D---- C:\Windows\inf
2022-12-03 14:45:20 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2022-12-02 15:52:05 ----D---- C:\Program Files
2022-11-26 10:13:03 ----D---- C:\Windows\SoftwareDistribution
2022-11-20 16:13:21 ----A---- C:\Windows\system32\msvcsv60.dll
2022-11-20 16:13:21 ----A---- C:\Users\KAREL\AppData\Roaming\msregsvv.dll
2022-11-20 10:41:08 ----D---- C:\Users\KAREL\AppData\Roaming\Tracktion
2022-11-19 05:27:17 ----D---- C:\Windows\system32\catroot2
2022-11-12 19:25:01 ----D---- C:\Users\KAREL\AppData\Roaming\vlc

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2020-10-10 393880]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2017-06-07 138296]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 MBAMChameleon;MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [2022-10-16 220752]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-10-20 2770944]
R3 BEHRINGER_2902;usb-audio.de driver for BEHRINGER USB AUDIO; C:\Windows\System32\Drivers\BUSB2902.sys [2009-10-30 460864]
R3 BUSB_AUDIO_WDM;BEHRINGER USB WDM AUDIO; C:\Windows\system32\drivers\busbwdm.sys [2009-10-30 49728]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2019-12-12 33240]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2021-05-29 10629408]
R3 NIWinCDEmu;ISO Mounter driver; C:\Windows\system32\DRIVERS\NIWinCDEmu.sys [2015-08-24 112408]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2010-04-27 26440]
R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2010-04-27 77512]
S0 Partizan;Partizan; C:\Windows\system32\drivers\Partizan.sys []
S3 aswTap;avast! SecureLine TAP Adapter v3; C:\Windows\system32\DRIVERS\aswTap.sys [2018-09-05 53904]
S3 BazisVirtualCDBus;WinCDEmu Virtual Bus Driver; C:\Windows\system32\DRIVERS\BazisVirtualCDBus.sys [2015-09-28 172376]
S3 cpuz148;cpuz148; \??\C:\Windows\temp\cpuz148\cpuz148_x64.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2016-12-29 30264]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2016-12-29 47672]
S3 fiddrv64;fiddrv64; C:\Windows\system32\drivers\fiddrv64.sys []
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
S3 LGBusEnum;Logitech Gaming Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\LGBusEnum.sys [2018-05-07 36496]
S3 LGJoyXlCore;Logitech Translation Layer Driver (LGS); C:\Windows\system32\drivers\LGJoyXlCore.sys [2018-05-07 67736]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver; C:\Windows\system32\drivers\LGVirHid.sys [2018-05-07 26008]
S3 MADFUOZONE;Service for M-Audio Ozone DFU; C:\Windows\system32\DRIVERS\MAudioOzone_DFU.sys [2010-03-31 46088]
S3 MAUSBOZONE;Service for M-Audio Ozone; C:\Windows\system32\DRIVERS\MAudioOzone.sys [2010-03-31 187912]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 pgusbmme;usb-audio.de MME-Adapter; C:\Windows\system32\drivers\pgusbmm3.sys [2010-08-13 49728]
S3 pgusbwdm;usb-audio.de driver (commercial 2.8.45); C:\Windows\System32\Drivers\pgusbwdm.sys [2010-08-13 466496]
S3 piddrv64;piddrv64; \??\C:\Windows\piddrv64.sys [2019-11-30 37256]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2018-08-11 25608]
S3 tapwindscribe0901;Windscribe VPN; C:\Windows\system32\DRIVERS\tapwindscribe0901.sys [2018-02-01 45560]
S3 tapwp01;TAP-Windows Adapter V9 (WiFi Protector); C:\Windows\system32\DRIVERS\tapwp01.sys [2014-12-11 40664]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2010-04-27 43976]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2010-04-27 16200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R3 CCleanerPerformanceOptimizerService;CCleaner Performance Optimizer Service; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [2022-11-09 1003344]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 GalaxyClientService;GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2020-06-13 1748552]
S3 GalaxyCommunication;GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [2020-02-24 6821960]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2022-12-01 231328]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 RapoRespondNa;RapoRespondNa; C:\Program Files (x86)\RapoRespondNa\RapoRespondNa.exe -system -token 5e227c []

-----------------EOF-----------------

Zdravím!
Dejte logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=152706 . RSIT není plně kompatibilní s 64b systémy. Děkuji.

Také zdravím a díky za rychlou reakci. Po stažení FRST a vytvoření logu se mi zhroutil počítač, zavalený neustále se otvírající stránkou na stažení FRST a průzkumníkem Windows !?! který se nedal vypnout a nakonec mi zůstala jen úvodní obrazovka bez ikon na ploše. šmejdovi se asi nechce z teplíčka.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-12-2022
Ran by KAREL (administrator) on KITCHEN (Acer Aspire 5730) (10-12-2022 12:25:39)
Running from C:\Users\KAREL\Desktop
Loaded Profiles: KAREL
Platform: Microsoft Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(explorer.exe ->) (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(explorer.exe ->) (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(explorer.exe ->) (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <11>
(services.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(taskeng.exe ->) (AutoIt Consulting Ltd -> AutoIt Team) C:\Users\KAREL\AppData\Roaming\ckgkr\corsve.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02B8A45D-ACA1-425B-8006-08DA12B43B83} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe /from_scheduler:1 (No File)
Task: {035FC0CD-9A4C-4301-BB4C-88D42C6E35A1} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (No File)
Task: {07DA11D1-1FC3-4A33-91AD-F4C3FC3E6EA8} - System32\Tasks\{FFFA3BB9-42AB-40FA-B88B-D5657C155F54} => C:\Program Files (x86)\Slime Rancher Galactic Bundle\SlimeRancher.exe (No File)
Task: {145EE993-0760-44DA-B7E4-47ECFB2D6C54} - System32\Tasks\CCleanerSkipUAC - KAREL => C:\Program Files\CCleaner\CCleaner.exe [32325456 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {1B24893B-3CA5-4E74-A808-6F5E77975FB1} - System32\Tasks\{0A9A365D-A59A-46B8-9C72-FAA1566F00AB} => E:\VOODOO95.EXE (No File)
Task: {259B69B1-38A3-404B-A2D4-99BAD3F87D22} - System32\Tasks\{01C28555-F9A9-462A-BC8C-F4215CFB05FB} => C:\Program Files\IK Multimedia\AmpliTube 4\AmpliTube 4.exe [9582592 2015-11-02] () [File not signed]
Task: {2D8D6347-4001-42C6-BB09-92B14B33D307} - System32\Tasks\{3A58ED83-AFCF-4884-A605-99829F7213E7} => C:\Program Files\IK Multimedia\AmpliTube 4\AmpliTube 4.exe [9582592 2015-11-02] () [File not signed]
Task: {35AF161E-FCDE-4C0F-92BB-1F53024C1ED8} - System32\Tasks\{449317E1-2D25-436C-8F8E-A871A209A9EF} => C:\Users\KAREL\Downloads\setup_0691868207.exe (No File)
Task: {4C1BB226-18D7-4420-BC49-AEDB411C2049} - System32\Tasks\{169902B3-BA28-4545-9A63-4EE1724B002F} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Might and Magic X Legacy\LegacyGDFInstall.exe" -d "C:\Program Files (x86)\Might and Magic X Legacy"
Task: {4E2B118A-9E94-4BA1-A051-B48DB2D943C7} - System32\Tasks\{9D283823-A7FA-4FC5-B56B-4F868743FAA4} => C:\Program Files\IK Multimedia\AmpliTube 4\AmpliTube 4.exe [9582592 2015-11-02] () [File not signed]
Task: {5A66ECF8-7B14-46E8-90F6-717572840165} - System32\Tasks\{5EB6BD77-1954-4BC8-99FA-5FBE4660458D} => E:\VOODOO95.EXE (No File)
Task: {5CC91BA4-75AE-4EE8-98D0-DA3E1F5D360A} - System32\Tasks\{14017357-C67B-46C3-A464-2201CBD55EE9} => C:\Program Files\PreSonus\Studio One 4\Studio One.exe (No File)
Task: {5EF60F6C-80B8-44F2-98AB-FDBCCFC3F60E} - System32\Tasks\{4662BC60-24BA-42C0-A8E1-7B5B77770B19} => C:\Windows\system32\pcalua.exe -a C:\Xpadder.exe\setup.exe -d C:\Xpadder.exe
Task: {5F885CE4-53BD-4399-A0FC-25C63650CF7C} - System32\Tasks\{EB6FE80C-5095-481A-888F-1B95BB14ED01} => C:\Users\KAREL\Downloads\setup_0691868207.exe (No File)
Task: {6086DB67-6885-4428-AC92-2DF1E405E905} - System32\Tasks\{1B171CED-8A1D-446E-B9ED-A06BD1A82CC2} => C:\Windows\system32\pcalua.exe -a C:\Users\KAREL\Downloads\ASIO4ALL_2_13_English.exe -d C:\Users\KAREL\Downloads
Task: {60FCC82F-F022-4EB7-BEFD-2202A397C61B} - System32\Tasks\{FD93F1E4-331B-4280-94C6-993DF520876D} => C:\Pac3D\pac3d.exe [48640 2020-10-09] () [File not signed]
Task: {71C028CB-E12C-4753-80FA-EEDB8BDB842A} - System32\Tasks\{C8F9A9BC-9F53-481D-A538-E455076C48B1} => C:\Program Files (x86)\Slime Rancher Galactic Bundle\SlimeRancher.exe (No File)
Task: {7454B545-8056-42BB-A86B-8BFD2D66EFA0} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-11-09] (Piriform Software Ltd -> Piriform)
Task: {759A2481-BC17-45B5-9DA0-31A055FC490B} - System32\Tasks\{1DB85FA2-0ABC-4859-8443-D1A3DEC0F92C} => C:\Pac3D\pac3d.exe [48640 2020-10-09] () [File not signed]
Task: {7BE8554D-2856-4BAD-9307-9B5F0C5E34BA} - System32\Tasks\{B1380AC8-6875-48B2-A443-8CF5141F0931} => C:\Windows\system32\pcalua.exe -a C:\Users\KAREL\Desktop\ASIO4ALL_2_14_English.exe -d C:\Users\KAREL\Desktop
Task: {85C9DE96-589A-41E4-957C-5FCB7BA2D29F} - System32\Tasks\{B871BD0F-DE5A-452B-ADBC-2EB97E253BC0} => C:\Program Files\IK Multimedia\AmpliTube 4\AmpliTube 4.exe [9582592 2015-11-02] () [File not signed]
Task: {9BC7F26A-8376-49C2-B379-DF04D6D689B8} - System32\Tasks\{11F93713-7C60-4C38-BDA7-D7C05B74B1EF} => C:\Users\KAREL\Downloads\xpadder_gamepad_profiler\Xpadder.exe (No File)
Task: {B4299B76-0E43-431B-A711-476497A4B05A} - System32\Tasks\{7C83B485-1D4B-4BC7-88F0-6AED99D5858F} => C:\Program Files (x86)\Slime Rancher Galactic Bundle\SlimeRancher.exe (No File)
Task: {B8629C57-4DEF-4AA2-A32B-59FF8E188A68} - System32\Tasks\{246D1223-1A1C-4FCE-BC9F-894CF6A28FF7} => C:\Program Files\IK Multimedia\AmpliTube 4\AmpliTube 4.exe [9582592 2015-11-02] () [File not signed]
Task: {BFF43C10-67D2-4531-A20F-7769D46518E4} - System32\Tasks\Diagnostic\Service => C:\Users\KAREL\AppData\Roaming\ckgkr\corsve.exe [893608 2022-10-23] (AutoIt Consulting Ltd -> AutoIt Team) -> "C:\Users\KAREL\AppData\Roaming\ckgkr\corsve.dat"
Task: {C390C4F1-CA5F-4BC3-8401-4997A951F630} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (No File)
Task: {C6728E35-841C-4104-9D9C-B92EC3BCC25A} - System32\Tasks\{A3D90B19-CB8F-4E95-BADF-9369F84753DB} => C:\Windows\system32\pcalua.exe -a C:\Users\KAREL\Downloads\ASIO4ALL_2_14_English.exe -d C:\Users\KAREL\Downloads
Task: {D068792B-1716-4449-8F45-6408A5D2B6D8} - System32\Tasks\{FE82AF94-82B7-46D3-9DA0-8703D06BA97B} => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe (No File)
Task: {D29E8231-4AA2-4989-8FF9-604EB698C592} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4669264 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "515fbcf1-c488-4adb-87c8-d426745eb0a5" --version "6.06.10144" --silent
Task: {D51B3C56-795A-468D-B759-7A9BD9388779} - System32\Tasks\{970E1A6D-763E-4BCC-BF90-7C2C69129272} => E:\VOODOO95.EXE (No File)
Task: {D8A5FCC7-AF5A-4C84-A64A-56C1B9872966} - System32\Tasks\{E0E3BD52-D561-4794-BDC9-C9430D1BC5D4} => C:\Windows\system32\pcalua.exe -a E:\Setup.exe -d E:\
Task: {E6317CBE-DF18-40F0-A071-F6FEB676C14C} - System32\Tasks\{C03A226D-65F7-4681-9D89-C1B2DF6E45D2} => C:\Windows\system32\pcalua.exe -a "C:\Users\KAREL\Downloads\Sonic Mania Installer.exe" -d C:\Users\KAREL\Downloads
Task: {E79F6DF8-BB51-4FEB-8C92-49145B541227} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {EA2C7982-770C-48D5-91B5-4E6C2031FD53} - System32\Tasks\{C214BC00-0E95-4DCA-8C7B-9530DFF53BA2} => C:\Program Files\IK Multimedia\AmpliTube 4\AmpliTube 4.exe [9582592 2015-11-02] () [File not signed]
Task: {EBDDB1BB-9A49-4880-ACB7-03E98CA2B1C1} - System32\Tasks\{E7904902-D05C-40E5-8FEB-60A6405CD001} => C:\Users\KAREL\Downloads\xpadder_gamepad_profiler\Xpadder.exe (No File)
Task: {F91509FE-1A80-4149-9D91-09C2F1186E75} - \KAREL -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{E28415F2-DD36-4578-8DA7-537087953C9F}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{E28415F2-DD36-4578-8DA7-537087953C9F}: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF DefaultProfile: n6ss50s3.default
FF ProfilePath: C:\Users\KAREL\AppData\Roaming\Mozilla\Firefox\Profiles\n6ss50s3.default [2021-12-04]
FF ProfilePath: C:\Users\KAREL\AppData\Roaming\Mozilla\Firefox\Profiles\jzmbh3ho.default-release [2022-12-10]
FF Notifications: Mozilla\Firefox\Profiles\jzmbh3ho.default-release -> hxxps://drive.google.com
FF Extension: (AdBlocker Ultimate) - C:\Users\KAREL\AppData\Roaming\Mozilla\Firefox\Profiles\jzmbh3ho.default-release\Extensions\adblockultimate@adblockultimate.net.xpi [2022-10-01]
FF Extension: (TWP - Translate Web Pages) - C:\Users\KAREL\AppData\Roaming\Mozilla\Firefox\Profiles\jzmbh3ho.default-release\Extensions\{036a55b4-5e72-4d05-a06c-cba2dfcc134a}.xpi [2022-10-04]
FF Extension: (Open in PDF Reader) - C:\Users\KAREL\AppData\Roaming\Mozilla\Firefox\Profiles\jzmbh3ho.default-release\Extensions\{0d3afca0-aedf-491f-b0f9-9ffc22113ea8}.xpi [2022-08-15]
FF ProfilePath: C:\Users\KAREL\AppData\Roaming\AMozilla\AFirefox\Profiles\mb0mwdp8.default [2018-10-02] <==== ATTENTION
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1003344 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1748552 2020-06-13] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6821960 2020-02-24] (GOG Sp. z o.o. -> GOG.com)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
S2 HPSLPSVC; C:\Users\KAREL\AppData\Local\Temp\7zS3513\hpslpsvc64.dll [X] <==== ATTENTION
S4 RapoRespondNa; C:\Program Files (x86)\RapoRespondNa\RapoRespondNa.exe -system -token 5e227c [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [53904 2018-09-05] (AVAST Software s.r.o. -> The OpenVPN Project)
R3 athr; C:\Windows\System32\DRIVERS\athrx.sys [2770944 2011-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R3 BEHRINGER_2902; C:\Windows\System32\Drivers\BUSB2902.sys [460864 2009-10-30] (Ploytec GmbH -> BEHRINGER)
R3 BUSB_AUDIO_WDM; C:\Windows\System32\drivers\busbwdm.sys [49728 2009-10-30] (Ploytec GmbH -> BEHRINGER)
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-12-29] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-12-29] (Disc Soft Ltd -> Disc Soft Ltd)
S3 fiddrv64; no ImagePath
S3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [67736 2018-05-07] (Logitech Inc -> Logitech Inc.)
S3 MADFUOZONE; C:\Windows\System32\DRIVERS\MAudioOzone_DFU.sys [46088 2010-03-31] (M-Audio -> M-Audio)
S3 MAUSBOZONE; C:\Windows\System32\DRIVERS\MAudioOzone.sys [187912 2010-03-31] (M-Audio -> Avid Technology, Inc.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [220752 2022-10-16] (Malwarebytes Inc -> Malwarebytes)
R3 NIWinCDEmu; C:\Windows\System32\DRIVERS\NIWinCDEmu.sys [112408 2015-08-24] (NATIVE INSTRUMENTS GmbH -> )
S3 pgusbmme; C:\Windows\System32\drivers\pgusbmm3.sys [49728 2010-08-13] (Ploytec GmbH -> usb-audio.de)
S3 pgusbwdm; C:\Windows\System32\Drivers\pgusbwdm.sys [466496 2010-08-13] (Ploytec GmbH -> usb-audio.de)
S3 piddrv64; C:\Windows\piddrv64.sys [37256 2019-11-30] (Microsoft Windows Hardware Compatibility Publisher -> )
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [393880 2020-10-10] (Disc Soft Ltd -> Duplex Secure Ltd.)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [25608 2018-08-11] (AVG Technologies CZ, s.r.o. -> SlimWare Utilities, Inc.)
S3 tapwindscribe0901; C:\Windows\System32\DRIVERS\tapwindscribe0901.sys [45560 2018-02-01] (Windscribe Limited -> The OpenVPN Project)
S3 tapwp01; C:\Windows\System32\DRIVERS\tapwp01.sys [40664 2014-12-11] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [398112 2011-07-12] (Marvell Semiconductor -> Marvell)
S3 cpuz148; \??\C:\Windows\temp\cpuz148\cpuz148_x64.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
U0 Partizan; system32\drivers\Partizan.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-12-10 12:25 - 2022-12-10 12:30 - 000015480 _____ C:\Users\KAREL\Desktop\FRST.txt
2022-12-10 12:23 - 2022-12-10 12:23 - 002375680 _____ (Farbar) C:\Users\KAREL\Desktop\FRST64(1).exe
2022-12-10 11:47 - 2022-12-10 11:47 - 000000000 ____D C:\rsit
2022-12-10 11:46 - 2022-12-10 11:46 - 001222144 _____ C:\Users\KAREL\Downloads\RSITx64.exe
2022-12-10 11:36 - 2022-12-10 11:36 - 000388608 _____ (Trend Micro Inc.) C:\Users\KAREL\Downloads\hijackthis.exe
2022-12-10 07:18 - 2022-12-10 07:18 - 000000000 ____D C:\ProgramData\Piriform
2022-12-10 06:58 - 2022-12-10 06:58 - 000003350 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2022-12-10 06:58 - 2022-12-10 06:58 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2022-12-08 17:13 - 2022-12-08 17:13 - 000000017 _____ C:\Users\KAREL\Downloads\whitelist(1).txt
2022-12-08 17:12 - 2022-12-08 17:12 - 000000017 _____ C:\Users\KAREL\Downloads\whitelist.txt
2022-12-03 15:09 - 2022-12-03 15:09 - 045374608 _____ C:\Users\KAREL\Downloads\YTMp3_YTMP3WEB_v4.4.1.apk
2022-12-01 20:52 - 2022-12-01 20:52 - 000001779 _____ C:\Users\KAREL\Desktop\projev.txt
2022-12-01 19:27 - 2022-12-03 14:45 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-11-26 17:14 - 2021-05-26 22:04 - 000013993 _____ C:\Users\KAREL\Downloads\Guitar Pro File - Metal Riffs and Licks - Jason Stallworth.gp
2022-11-26 17:13 - 2022-11-26 17:13 - 000283268 _____ C:\Users\KAREL\Downloads\Guitar-Pro-File-Metal-Riffs-and-Licks-Jason-Stallworth.gp_(1).exe
2022-11-26 17:11 - 2022-11-26 17:11 - 000013988 _____ C:\Users\KAREL\Downloads\Guitar-Pro-File-Metal-Riffs-and-Licks-Jason-Stallworth.gp_(1).zip
2022-11-19 09:04 - 2022-11-26 10:13 - 000000000 ____D C:\Users\KAREL\AppData\Local\CrashDumps

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-12-10 12:27 - 2022-10-21 09:27 - 000000000 ____D C:\FRST
2022-12-10 12:08 - 2022-02-09 12:33 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-12-10 12:07 - 2021-12-04 07:08 - 000000000 ____D C:\Users\KAREL\AppData\LocalLow\Mozilla
2022-12-10 11:47 - 2018-01-10 13:58 - 000000000 ____D C:\Program Files\trend micro
2022-12-10 11:32 - 2018-06-24 05:59 - 000000000 ____D C:\Program Files\CCleaner
2022-12-10 06:58 - 2018-06-24 05:59 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2022-12-10 06:57 - 2009-07-14 05:45 - 000031088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2022-12-10 06:57 - 2009-07-14 05:45 - 000031088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2022-12-10 06:50 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-12-03 15:15 - 2016-12-26 07:31 - 000000000 ____D C:\Users\KAREL\AppData\Roaming\AIMP
2022-12-03 14:49 - 2010-11-21 10:27 - 000668376 _____ C:\Windows\system32\perfh005.dat
2022-12-03 14:49 - 2010-11-21 10:27 - 000141004 _____ C:\Windows\system32\perfc005.dat
2022-12-03 14:49 - 2009-07-14 06:13 - 001582262 _____ C:\Windows\system32\PerfStringBackup.INI
2022-12-03 14:49 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2022-12-03 14:45 - 2021-12-04 07:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-12-02 15:47 - 2009-07-14 06:08 - 000032586 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2022-11-20 16:13 - 2017-06-25 14:05 - 000000032 _____ C:\Windows\system32\w3data.vss
2022-11-20 16:13 - 2017-06-25 14:05 - 000000032 _____ C:\Windows\system32\msvcsv60.dll
2022-11-20 16:13 - 2017-06-25 14:05 - 000000032 _____ C:\Windows\msocreg32.dat
2022-11-20 16:13 - 2017-02-03 08:34 - 000000032 _____ C:\Users\KAREL\AppData\Roaming\msregsvv.dll
2022-11-20 16:13 - 2017-02-03 08:34 - 000000032 _____ C:\ProgramData\autobk.inc
2022-11-20 11:19 - 2022-10-14 17:43 - 000000000 ____D C:\Users\KAREL\Documents\kytara bicí
2022-11-20 10:41 - 2019-02-24 08:28 - 000000000 ____D C:\Users\KAREL\AppData\Roaming\Tracktion
2022-11-12 19:25 - 2017-01-07 11:03 - 000000000 ____D C:\Users\KAREL\AppData\Roaming\vlc

==================== Files in the root of some directories ========

2017-05-23 15:58 - 2012-04-11 03:27 - 000003584 _____ () C:\Users\KAREL\ezdrummer.dll
2012-11-27 17:00 - 2012-04-11 03:27 - 000003584 _____ () C:\Users\KAREL\Guitar Rig 5.dll
2017-05-20 06:04 - 2012-04-11 03:27 - 000003584 _____ () C:\Users\KAREL\Massive.64.dll
2017-05-23 15:58 - 2012-04-11 03:27 - 000003584 _____ () C:\Users\KAREL\Massive.dll
2017-05-20 06:04 - 2012-04-11 03:27 - 000003584 _____ () C:\Users\KAREL\Metronome.64.dll
2017-05-23 15:58 - 2012-04-11 03:27 - 000003584 _____ () C:\Users\KAREL\Metronome.dll
2017-04-13 08:47 - 2011-02-09 15:51 - 022814720 _____ () C:\Users\KAREL\TH2.dll
2017-05-23 15:58 - 2012-04-11 03:27 - 000003584 _____ () C:\Users\KAREL\TH3.dll
2017-02-23 20:32 - 2015-10-09 14:53 - 004357120 _____ () C:\Users\KAREL\TyrellN6(x64).dll
2020-02-29 07:19 - 2020-02-29 07:19 - 000000000 ____D () C:\Users\KAREL\Xpadder.exe
2017-02-03 08:34 - 2022-11-20 16:13 - 000000032 _____ () C:\Users\KAREL\AppData\Roaming\msregsvv.dll
2021-02-21 20:41 - 2021-02-21 20:41 - 000000014 _____ () C:\Users\KAREL\AppData\Roaming\obs-virtualcam.txt
2018-09-29 11:37 - 2018-08-06 23:55 - 011924306 _____ (InstallShield Software Corporation) C:\Users\KAREL\AppData\Roaming\pinnacle-setup.exe
2021-10-29 10:06 - 2021-10-29 10:06 - 048903224 _____ (WebDiscover Media ) C:\Users\KAREL\AppData\Roaming\WebDiscover_setup.exe
2020-09-19 18:48 - 2020-10-03 06:41 - 000016438 _____ () C:\Users\KAREL\AppData\Local\partner.bmp
2018-01-14 18:15 - 2018-06-23 06:08 - 000007650 _____ () C:\Users\KAREL\AppData\Local\Resmon.ResmonCfg
2017-01-12 19:00 - 2016-11-23 14:37 - 000000570 _____ () C:\Users\KAREL\AppData\Local\TroubleshooterConfig.json

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2022-12-08 15:35
==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-12-2022
Ran by KAREL (10-12-2022 12:30:53)
Running from C:\Users\KAREL\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X64) (2016-12-16 17:02:58)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-577945811-771457962-1855025614-500 - Administrator - Disabled)
Guest (S-1-5-21-577945811-771457962-1855025614-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-577945811-771457962-1855025614-1002 - Limited - Enabled)
KAREL (S-1-5-21-577945811-771457962-1855025614-1000 - Administrator - Enabled) => C:\Users\KAREL

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4Media MP4 to MP3 Converter 6 (HKLM-x32\...\4Media MP4 to MP3 Converter 6) (Version: 6.8.0.1101 - 4Media)
Ableton Live 9 Suite (HKLM\...\{7597F2DC-003A-476E-9281-774AB112B7BE}) (Version: 9.0.0.0 - Ableton)
Abyss version 1.2.2 (HKLM-x32\...\{73586F08-45E2-4BE2-82BF-24A591D742AA}_is1) (Version: 1.2.2 - Dawesome)
Adobe Flash Player ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 9.0.124.0 - Adobe Systems Incorporated)
AIMP (HKLM-x32\...\AIMP) (Version: v4.70.2227, 01.09.2020 - AIMP DevTeam)
AmpliTube 4 version 4.0.1 (HKLM\...\{21B0C8E0-7EB7-4832-B764-20A7DAE86E02}_is1) (Version: 4.0.1 - IK Multimedia)
AmpliTube 5 version 5.0.3 (HKLM\...\{D831D61F-EBF5-4158-AEE1-F58A7B8C04C8}_is1) (Version: 5.0.3 - IK Multimedia)
ARIA Engine v1.9.1.6 (HKLM\...\ARIA Engine_is1) (Version: v1.9.1.6 - Plogue Art et Technologie, Inc)
ArtRage 6 (HKLM\...\{7AF6962D-016E-4084-ADF8-84891B95D815}) (Version: 6.1.2.0 - Ambient Design) Hidden
ArtRage 6 (HKLM-x32\...\ArtRage 6 6.1.2.0) (Version: 6.1.2.0 - Ambient Design)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.15 - tippach engineering)
BEHRINGER USB AUDIO DRIVER (HKLM\...\USB_AUDIO_DEusb-audio.deBehringer2902) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 6.06 - Piriform)
Creaks (HKLM-x32\...\1623513243_is1) (Version: 1.0.9 - GOG.com)
DAW Essentials Collection version 1.0.0 (HKLM\...\DAW Essentials Collection_is1) (Version: 1.0.0 - )
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
EZdrummer (HKLM-x32\...\{43E8D9E7-AFC9-4BA3-8106-B95E02B87AB7}) (Version: 1.0.2 - Toontrack)
EZdrummer 2 64-bit (HKLM\...\{B9217824-0EBE-49C7-98A0-A76CC46BBB7D}) (Version: 2.0.0 - Toontrack)
EZXClaustrophobic (HKLM-x32\...\{8094F7AE-CA21-4AF2-A256-BC918CE0E796}) (Version: 1.0 - Toontrack)
EZXCocktail (HKLM-x32\...\{147567F0-8575-4BE0-B5B3-62706C67FA5A}) (Version: 1.0 - Toontrack)
EZXDfh (HKLM-x32\...\{DB1299AF-9EE0-422B-959E-F4171B2AE0F7}) (Version: 1.0 - Toontrack)
EZXMetalHeads (HKLM-x32\...\{F4F365AB-BD66-4775-A36A-E3D8055873FD}) (Version: 1.0.0 - Toontrack)
EZXMetalMachine (HKLM-x32\...\{88A1D1DA-4327-4CAF-BA74-00D85D9353E8}) (Version: 1.0.0 - Toontrack)
EZXNashville (HKLM-x32\...\{82DF9225-13EC-41BD-BE31-AAB121B38166}) (Version: 1.0 - Toontrack)
EZXPercussion (HKLM-x32\...\{2CC4BC82-41CF-43D3-B533-7283AA8BB86F}) (Version: 1.0 - Toontrack)
EZXTwisted (HKLM-x32\...\{D1EBF11E-8CE3-4EF5-8E2D-FD5B8D6BD294}) (Version: 1.0 - Toontrack)
EZXVintage (HKLM-x32\...\{430399DC-98BC-4A7F-8F8E-77981CABAE05}) (Version: 1.0 - Toontrack)
FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Guitar Pro 7 - Soundbanks (HKLM-x32\...\com.arobas-music.guitarpro7-soundbanks_is1) (Version: 1.0.69 - Arobas Music)
Guitar Pro 7 (HKLM-x32\...\Guitar Pro 7_is1) (Version: 7.5.2.1586 - Arobas Music)
Helix Native (HKLM\...\Helix Native_is1) (Version: 1.9.1 - Line6 & Team V.R)
K-Lite Codec Pack 14.9.4 Standard (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.9.4 - KLCP)
Krita (x64) 4.4.8 (HKLM\...\Krita_x64) (Version: 4.4.8.0 - Krita Foundation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.44.1.3 - Marvell)
M-Audio Ozone Driver 6.0.3 (x64) (HKLM\...\{DD06AA57-1DF1-45E6-B234-07110667DD28}) (Version: 6.0.3 - M-Audio)
Microsoft .NET Framework 4.6.1 (CSY) (HKLM\...\{3C38CA01-7933-31E7-A1F6-EAA1DF9BEDF3}) (Version: 4.6.01055 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{BD6F5371-DAC1-30F0-9DDE-CAC6791E28C3}) (Version: 4.6.01055 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.30.30708 (HKLM-x32\...\{ee198d9f-cfe1-4f8a-bf5f-7b1be355b63d}) (Version: 14.30.30708.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.25.28508 (HKLM-x32\...\{0FA68574-690B-4B00-89AA-B28946231449}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.25.28508 (HKLM-x32\...\{2BC3BD4D-FABA-4394-93C7-9AC82A263FE2}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.30.30708 (HKLM\...\{12A2980B-E47B-491B-92F5-0BC703841ED4}) (Version: 14.30.30708 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.30.30708 (HKLM\...\{AE043016-3897-41D4-870B-1DAEE62CF152}) (Version: 14.30.30708 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 107.0.1 (x64 cs)) (Version: 107.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 94.0.2 - Mozilla)
Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version: - Native Instruments)
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version: - Native Instruments)
NI Guitar Rig (HKLM\...\{48878FDB-8FEB-4503-A444-11F6BD85114C}) (Version: 5.2.2 - Native Instruments)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Overloud TH-U (HKLM\...\{B7B70E5E-3373-4799-B37F-06E603B0FC2B}_is1) (Version: 1.1.8 - Overloud)
Ozone 9 Standard (HKLM\...\Ozone 9) (Version: 9.1.0 - iZotope, Inc.)
Plogue AlterEgo v1.516 (HKLM\...\__ARIA_1019___is1) (Version: v1.516 - Plogue)
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.2 - Power Software Ltd)
TH3 (HKLM\...\{84958137-F2F7-4DC8-A29E-B69F6553BE4F}_is1) (Version: 3.4.5 - Overloud)
Toneforge - Misha Mansoor Advanced version 1.0.1 (HKLM\...\Toneforge - Misha Mansoor Advanced_is1) (Version: 1.0.1 - )
Torpedo Wall Of Sound VST Win64 4.3.8 (HKU\S-1-5-21-577945811-771457962-1855025614-1000\...\Torpedo Wall Of Sound VST Win64) (Version: 4.3.8 - Two Notes Audio Engineering)
Tracktion Software BioTek (HKLM\...\BioTek_is1) (Version: 1.5.1 - Tracktion Software)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Waveform 11 (HKLM\...\{0EDB70B6-EEA7-413B-BBC4-89E2CD36EFDE}_is1) (Version: 11.1.0 - Tracktion Corporation)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-577945811-771457962-1855025614-1000_Classes\CLSID\{8FA6DC22-9574-427B-914B-CD9ACE26E5CB}\InprocServer32 -> C:\Users\KAREL\AppData\Local\easyxplore\Update\1.3.99.0\psuser_64.dll (easyxplore.) [File not signed]
CustomCLSID: HKU\S-1-5-21-577945811-771457962-1855025614-1000_Classes\CLSID\{DD7F56DA-A71C-4C82-924B-F68028BCB2A4}\InprocServer32 -> C:\Users\KAREL\AppData\Local\easyxplore\Update\1.3.99.0\psuser_64.dll (easyxplore.) [File not signed]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [AIMP] -> [CC]{1F77B17B-F531-44DB-ACA4-76ABB5010A28} => -> No File
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-06-17] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [AIMP] -> [CC]{1F77B17B-F531-44DB-ACA4-76ABB5010A28} => -> No File
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-06-17] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2021-05-29] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-06-17] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:DocumentSummaryInformation [63]
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:SummaryInformation [63]
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\ProgramData\PACE:8307D8F8C9EA4484 [217]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Version 8) (Whitelisted) ==========

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-577945811-771457962-1855025614-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKU\S-1-5-21-577945811-771457962-1855025614-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-577945811-771457962-1855025614-1000 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-577945811-771457962-1855025614-1000 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-07-22 14:30 - 2022-12-10 11:37 - 000000958 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 www.overloud.com
127.0.0.1 www.r2rdownload.net
127.0.0.1 www.r2rdownload.com
127.0.0.1 www.elephantafiles.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-577945811-771457962-1855025614-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\KAREL\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: AudioSrv => 2
MSCONFIG\Services: AxAutoMntSrv => 2
MSCONFIG\Services: WMPNetworkSvc => 2
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\Services: wuauserv => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Host Services x64.lnk => C:\Windows\pss\Host Services x64.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^KAREL^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^SmartClock.lnk => C:\Windows\pss\SmartClock.lnk.Startup
MSCONFIG\startupreg: AlcoholAutomount => "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: chrome => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --headless --disable-gpu --remote-debugging-port=9222 http://mi-ner-nis-de-6.info/cdn-1006.html?t=0.4
MSCONFIG\startupreg: Launch LCore => C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
MSCONFIG\startupreg: launchOnStartup => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe /launchViaAutoStart
MSCONFIG\startupreg: M-Audio Taskbar Icon => C:\Windows\system32\M-AudioTaskBarIcon.exe
MSCONFIG\startupreg: Path => "C:\Program Files (x86)\ZOOM\Edit_Share\bin\ZOOM Edit&Share startup.exe"
MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files\PowerISO\PWRISOVM.EXE -startup
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{4403B449-6EB8-4B4D-8C58-F2FAAE363D16}C:\programdata\ableton\live 9 suite\program\ableton live 9 suite.exe] => (Block) C:\programdata\ableton\live 9 suite\program\ableton live 9 suite.exe (Ableton AG -> Ableton) [File not signed]
FirewallRules: [UDP Query User{F56D2214-EDC0-4925-85F9-B98AAC259F49}C:\programdata\ableton\live 9 suite\program\ableton live 9 suite.exe] => (Block) C:\programdata\ableton\live 9 suite\program\ableton live 9 suite.exe (Ableton AG -> Ableton) [File not signed]
FirewallRules: [TCP Query User{EB6B0B9E-3D3C-49C3-A901-3E2ECD195630}C:\programdata\ableton\live 9 suite\program\ableton live 9 suite.exe] => (Block) C:\programdata\ableton\live 9 suite\program\ableton live 9 suite.exe (Ableton AG -> Ableton) [File not signed]
FirewallRules: [UDP Query User{EC475A34-53A4-4791-8141-C3CA2D64306E}C:\programdata\ableton\live 9 suite\program\ableton live 9 suite.exe] => (Block) C:\programdata\ableton\live 9 suite\program\ableton live 9 suite.exe (Ableton AG -> Ableton) [File not signed]
FirewallRules: [TCP Query User{B8344DC4-609A-4104-849B-393B61D57F9F}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{FECC9637-9631-4BA7-BF89-4584A565AED2}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{82E4E9BB-7468-42DB-842A-139B82A692FC}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{DFC7F17A-7870-4FA5-AC14-8644B4307B0B}] => (Block) ableton live 10 => No File
FirewallRules: [{320CCE03-3ED8-4863-959A-6F49C164CFF8}] => (Block) ableton live 10 => No File
FirewallRules: [{45FD3A48-C762-4702-A10B-88E3F468F46B}] => (Block) ableton live 10 => No File
FirewallRules: [{4ACC72A8-2DE7-405F-8D34-1BA9A2F59B3A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D34AF7C2-8B39-4C23-B302-C7263A5A8EA1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

==================== Restore Points =========================

27-11-2022 10:04:02 Naplánovaný kontrolní bod
08-12-2022 15:42:30 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (12/10/2022 12:39:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Certifikační řetěz byl zpracován, ale byl ukončen v kořenovém certifikátu, který nemá důvěru zprostředkovatele důvěryhodnosti.
.

Error: (12/10/2022 12:39:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Certifikační řetěz byl zpracován, ale byl ukončen v kořenovém certifikátu, který nemá důvěru zprostředkovatele důvěryhodnosti.
.

Error: (12/10/2022 12:34:46 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Certifikační řetěz byl zpracován, ale byl ukončen v kořenovém certifikátu, který nemá důvěru zprostředkovatele důvěryhodnosti.
.

Error: (12/10/2022 12:34:41 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Certifikační řetěz byl zpracován, ale byl ukončen v kořenovém certifikátu, který nemá důvěru zprostředkovatele důvěryhodnosti.
.

Error: (12/10/2022 12:34:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Certifikační řetěz byl zpracován, ale byl ukončen v kořenovém certifikátu, který nemá důvěru zprostředkovatele důvěryhodnosti.
.

Error: (12/10/2022 12:31:34 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Certifikační řetěz byl zpracován, ale byl ukončen v kořenovém certifikátu, který nemá důvěru zprostředkovatele důvěryhodnosti.
.

Error: (12/10/2022 12:31:30 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Certifikační řetěz byl zpracován, ale byl ukončen v kořenovém certifikátu, který nemá důvěru zprostředkovatele důvěryhodnosti.
.

Error: (12/10/2022 12:31:22 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Certifikační řetěz byl zpracován, ale byl ukončen v kořenovém certifikátu, který nemá důvěru zprostředkovatele důvěryhodnosti.
.


System errors:
=============
Error: (12/10/2022 12:38:36 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/10/2022 11:39:58 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (12/10/2022 11:39:58 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.


==================== Memory info ===========================

BIOS: Phoenix Technologies LTD V1.07 08/27/2008
Motherboard: Acer CathedralPeak
Processor: Intel(R) Pentium(R) Dual CPU T3400 @ 2.16GHz
Percentage of memory in use: 88%
Total physical RAM: 3000.86 MB
Available physical RAM: 351.38 MB
Total Virtual: 5999.93 MB
Available Virtual: 1578.64 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:69.65 GB) (Free:1.55 GB) (Model: Hitachi HTS543216L9A300 ATA Device) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:69.64 GB) (Free:1.87 GB) (Model: Hitachi HTS543216L9A300 ATA Device) NTFS

\\?\Volume{d23b0824-c3af-11e6-bfe3-806e6f6e6963}\ (PQSERVICE) (Fixed) (Total:9.76 GB) (Free:2.23 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 149.1 GB) (Disk ID: 2933491A)
Partition 1: (Not Active) - (Size=9.8 GB) - (Type=27)
Partition 2: (Active) - (Size=69.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=69.6 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Otevřte poznámkový blok a zkopírujte do něj:

SDtart

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {02B8A45D-ACA1-425B-8006-08DA12B43B83} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe /from_scheduler:1 (No File)
Task: {035FC0CD-9A4C-4301-BB4C-88D42C6E35A1} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (No File)
Task: {07DA11D1-1FC3-4A33-91AD-F4C3FC3E6EA8} - System32\Tasks\{FFFA3BB9-42AB-40FA-B88B-D5657C155F54} => C:\Program Files (x86)\Slime Rancher Galactic Bundle\SlimeRancher.exe (No File)
Task: {1B24893B-3CA5-4E74-A808-6F5E77975FB1} - System32\Tasks\{0A9A365D-A59A-46B8-9C72-FAA1566F00AB} => E:\VOODOO95.EXE (No File)
Task: {35AF161E-FCDE-4C0F-92BB-1F53024C1ED8} - System32\Tasks\{449317E1-2D25-436C-8F8E-A871A209A9EF} => C:\Users\KAREL\Downloads\setup_0691868207.exe (No File)
Task: {5A66ECF8-7B14-46E8-90F6-717572840165} - System32\Tasks\{5EB6BD77-1954-4BC8-99FA-5FBE4660458D} => E:\VOODOO95.EXE (No File)
Task: {5CC91BA4-75AE-4EE8-98D0-DA3E1F5D360A} - System32\Tasks\{14017357-C67B-46C3-A464-2201CBD55EE9} => C:\Program Files\PreSonus\Studio One 4\Studio One.exe (No File)
Task: {5EF60F6C-80B8-44F2-98AB-FDBCCFC3F60E} - System32\Tasks\{4662BC60-24BA-42C0-A8E1-7B5B77770B19} => C:\Windows\system32\pcalua.exe -a C:\Xpadder.exe\setup.exe -d C:\Xpadder.exe
Task: {5F885CE4-53BD-4399-A0FC-25C63650CF7C} - System32\Tasks\{EB6FE80C-5095-481A-888F-1B95BB14ED01} => C:\Users\KAREL\Downloads\setup_0691868207.exe (No File)
Task: {6086DB67-6885-4428-AC92-2DF1E405E905} - System32\Tasks\{1B171CED-8A1D-446E-B9ED-A06BD1A82CC2} => C:\Windows\system32\pcalua.exe -a C:\Users\KAREL\Downloads\ASIO4ALL_2_13_English.exe -d C:\Users\KAREL\Downloads
Task: {71C028CB-E12C-4753-80FA-EEDB8BDB842A} - System32\Tasks\{C8F9A9BC-9F53-481D-A538-E455076C48B1} => C:\Program Files (x86)\Slime Rancher Galactic Bundle\SlimeRancher.exe (No File)
Task: {9BC7F26A-8376-49C2-B379-DF04D6D689B8} - System32\Tasks\{11F93713-7C60-4C38-BDA7-D7C05B74B1EF} => C:\Users\KAREL\Downloads\xpadder_gamepad_profiler\Xpadder.exe (No File)
ask: {C390C4F1-CA5F-4BC3-8401-4997A951F630} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (No File)
Task: {C6728E35-841C-4104-9D9C-B92EC3BCC25A} - System32\Tasks\{A3D90B19-CB8F-4E95-BADF-9369F84753DB} => C:\Windows\system32\pcalua.exe -a C:\Users\KAREL\Downloads\ASIO4ALL_2_14_English.exe -d C:\Users\KAREL\Downloads
Task: {D068792B-1716-4449-8F45-6408A5D2B6D8} - System32\Tasks\{FE82AF94-82B7-46D3-9DA0-8703D06BA97B} => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe (No File)
Task: {D51B3C56-795A-468D-B759-7A9BD9388779} - System32\Tasks\{970E1A6D-763E-4BCC-BF90-7C2C69129272} => E:\VOODOO95.EXE (No File)
Task: {D8A5FCC7-AF5A-4C84-A64A-56C1B9872966} - System32\Tasks\{E0E3BD52-D561-4794-BDC9-C9430D1BC5D4} => C:\Windows\system32\pcalua.exe -a E:\Setup.exe -d E:\
Task: {E6317CBE-DF18-40F0-A071-F6FEB676C14C} - System32\Tasks\{C03A226D-65F7-4681-9D89-C1B2DF6E45D2} => C:\Windows\system32\pcalua.exe -a "C:\Users\KAREL\Downloads\Sonic Mania Installer.exe" -d C:\Users\KAREL\Downloads
Task: {EBDDB1BB-9A49-4880-ACB7-03E98CA2B1C1} - System32\Tasks\{E7904902-D05C-40E5-8FEB-60A6405CD001} => C:\Users\KAREL\Downloads\xpadder_gamepad_profiler\Xpadder.exe (No File)
Task: {F91509FE-1A80-4149-9D91-09C2F1186E75} - \KAREL -> No File <==== ATTENTION
FF ProfilePath: C:\Users\KAREL\AppData\Roaming\AMozilla\AFirefox\Profiles\mb0mwdp8.default [2018-10-02] <==== ATTENTION
S2 HPSLPSVC; C:\Users\KAREL\AppData\Local\Temp\7zS3513\hpslpsvc64.dll [X] <==== ATTENTION
S3 fiddrv64; no ImagePath
U0 Partizan; system32\drivers\Partizan.sys [X]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [AIMP] -> [CC]{1F77B17B-F531-44DB-ACA4-76ABB5010A28} => -> No File
ContextMenuHandlers4: [AIMP] -> [CC]{1F77B17B-F531-44DB-ACA4-76ABB5010A28} => -> No File
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:DocumentSummaryInformation [63]
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:SummaryInformation [63]
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\ProgramData\PACE:8307D8F8C9EA4484 [217]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
FirewallRules: [{DFC7F17A-7870-4FA5-AC14-8644B4307B0B}] => (Block) ableton live 10 => No File
FirewallRules: [{320CCE03-3ED8-4863-959A-6F49C164CFF8}] => (Block) ableton live 10 => No File
FirewallRules: [{45FD3A48-C762-4702-A10B-88E3F468F46B}] => (Block) ableton live 10 => No File

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 04-12-2022
Ran by KAREL (10-12-2022 15:26:18) Run:1
Running from C:\Users\KAREL\Desktop
Loaded Profiles: KAREL
Boot Mode: Normal
==============================================

fixlist content:
*****************
SDtart

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {02B8A45D-ACA1-425B-8006-08DA12B43B83} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe /from_scheduler:1 (No File)
Task: {035FC0CD-9A4C-4301-BB4C-88D42C6E35A1} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (No File)
Task: {07DA11D1-1FC3-4A33-91AD-F4C3FC3E6EA8} - System32\Tasks\{FFFA3BB9-42AB-40FA-B88B-D5657C155F54} => C:\Program Files (x86)\Slime Rancher Galactic Bundle\SlimeRancher.exe (No File)
Task: {1B24893B-3CA5-4E74-A808-6F5E77975FB1} - System32\Tasks\{0A9A365D-A59A-46B8-9C72-FAA1566F00AB} => E:\VOODOO95.EXE (No File)
Task: {35AF161E-FCDE-4C0F-92BB-1F53024C1ED8} - System32\Tasks\{449317E1-2D25-436C-8F8E-A871A209A9EF} => C:\Users\KAREL\Downloads\setup_0691868207.exe (No File)
Task: {5A66ECF8-7B14-46E8-90F6-717572840165} - System32\Tasks\{5EB6BD77-1954-4BC8-99FA-5FBE4660458D} => E:\VOODOO95.EXE (No File)
Task: {5CC91BA4-75AE-4EE8-98D0-DA3E1F5D360A} - System32\Tasks\{14017357-C67B-46C3-A464-2201CBD55EE9} => C:\Program Files\PreSonus\Studio One 4\Studio One.exe (No File)
Task: {5EF60F6C-80B8-44F2-98AB-FDBCCFC3F60E} - System32\Tasks\{4662BC60-24BA-42C0-A8E1-7B5B77770B19} => C:\Windows\system32\pcalua.exe -a C:\Xpadder.exe\setup.exe -d C:\Xpadder.exe
Task: {5F885CE4-53BD-4399-A0FC-25C63650CF7C} - System32\Tasks\{EB6FE80C-5095-481A-888F-1B95BB14ED01} => C:\Users\KAREL\Downloads\setup_0691868207.exe (No File)
Task: {6086DB67-6885-4428-AC92-2DF1E405E905} - System32\Tasks\{1B171CED-8A1D-446E-B9ED-A06BD1A82CC2} => C:\Windows\system32\pcalua.exe -a C:\Users\KAREL\Downloads\ASIO4ALL_2_13_English.exe -d C:\Users\KAREL\Downloads
Task: {71C028CB-E12C-4753-80FA-EEDB8BDB842A} - System32\Tasks\{C8F9A9BC-9F53-481D-A538-E455076C48B1} => C:\Program Files (x86)\Slime Rancher Galactic Bundle\SlimeRancher.exe (No File)
Task: {9BC7F26A-8376-49C2-B379-DF04D6D689B8} - System32\Tasks\{11F93713-7C60-4C38-BDA7-D7C05B74B1EF} => C:\Users\KAREL\Downloads\xpadder_gamepad_profiler\Xpadder.exe (No File)
ask: {C390C4F1-CA5F-4BC3-8401-4997A951F630} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (No File)
Task: {C6728E35-841C-4104-9D9C-B92EC3BCC25A} - System32\Tasks\{A3D90B19-CB8F-4E95-BADF-9369F84753DB} => C:\Windows\system32\pcalua.exe -a C:\Users\KAREL\Downloads\ASIO4ALL_2_14_English.exe -d C:\Users\KAREL\Downloads
Task: {D068792B-1716-4449-8F45-6408A5D2B6D8} - System32\Tasks\{FE82AF94-82B7-46D3-9DA0-8703D06BA97B} => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe (No File)
Task: {D51B3C56-795A-468D-B759-7A9BD9388779} - System32\Tasks\{970E1A6D-763E-4BCC-BF90-7C2C69129272} => E:\VOODOO95.EXE (No File)
Task: {D8A5FCC7-AF5A-4C84-A64A-56C1B9872966} - System32\Tasks\{E0E3BD52-D561-4794-BDC9-C9430D1BC5D4} => C:\Windows\system32\pcalua.exe -a E:\Setup.exe -d E:\
Task: {E6317CBE-DF18-40F0-A071-F6FEB676C14C} - System32\Tasks\{C03A226D-65F7-4681-9D89-C1B2DF6E45D2} => C:\Windows\system32\pcalua.exe -a "C:\Users\KAREL\Downloads\Sonic Mania Installer.exe" -d C:\Users\KAREL\Downloads
Task: {EBDDB1BB-9A49-4880-ACB7-03E98CA2B1C1} - System32\Tasks\{E7904902-D05C-40E5-8FEB-60A6405CD001} => C:\Users\KAREL\Downloads\xpadder_gamepad_profiler\Xpadder.exe (No File)
Task: {F91509FE-1A80-4149-9D91-09C2F1186E75} - \KAREL -> No File <==== ATTENTION
FF ProfilePath: C:\Users\KAREL\AppData\Roaming\AMozilla\AFirefox\Profiles\mb0mwdp8.default [2018-10-02] <==== ATTENTION
S2 HPSLPSVC; C:\Users\KAREL\AppData\Local\Temp\7zS3513\hpslpsvc64.dll [X] <==== ATTENTION
S3 fiddrv64; no ImagePath
U0 Partizan; system32\drivers\Partizan.sys [X]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [AIMP] -> [CC]{1F77B17B-F531-44DB-ACA4-76ABB5010A28} => -> No File
ContextMenuHandlers4: [AIMP] -> [CC]{1F77B17B-F531-44DB-ACA4-76ABB5010A28} => -> No File
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:DocumentSummaryInformation [63]
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:SummaryInformation [63]
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\ProgramData\PACE:8307D8F8C9EA4484 [217]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
FirewallRules: [{DFC7F17A-7870-4FA5-AC14-8644B4307B0B}] => (Block) ableton live 10 => No File
FirewallRules: [{320CCE03-3ED8-4863-959A-6F49C164CFF8}] => (Block) ableton live 10 => No File
FirewallRules: [{45FD3A48-C762-4702-A10B-88E3F468F46B}] => (Block) ableton live 10 => No File

EmptyTemp:
End
*****************

SDtart => Error: No automatic fix found for this entry.
Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate => removed successfully
C:\ProgramData\NTUSER.pol => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{02B8A45D-ACA1-425B-8006-08DA12B43B83}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{02B8A45D-ACA1-425B-8006-08DA12B43B83}" => removed successfully
C:\Windows\System32\Tasks\Avast Software\Overseer => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Software\Overseer" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{035FC0CD-9A4C-4301-BB4C-88D42C6E35A1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{035FC0CD-9A4C-4301-BB4C-88D42C6E35A1}" => removed successfully
C:\Windows\System32\Tasks\AVAST Software\Avast settings backup => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Avast settings backup" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{07DA11D1-1FC3-4A33-91AD-F4C3FC3E6EA8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{07DA11D1-1FC3-4A33-91AD-F4C3FC3E6EA8}" => removed successfully
C:\Windows\System32\Tasks\{FFFA3BB9-42AB-40FA-B88B-D5657C155F54} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FFFA3BB9-42AB-40FA-B88B-D5657C155F54}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1B24893B-3CA5-4E74-A808-6F5E77975FB1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1B24893B-3CA5-4E74-A808-6F5E77975FB1}" => removed successfully
C:\Windows\System32\Tasks\{0A9A365D-A59A-46B8-9C72-FAA1566F00AB} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0A9A365D-A59A-46B8-9C72-FAA1566F00AB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{35AF161E-FCDE-4C0F-92BB-1F53024C1ED8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{35AF161E-FCDE-4C0F-92BB-1F53024C1ED8}" => removed successfully
C:\Windows\System32\Tasks\{449317E1-2D25-436C-8F8E-A871A209A9EF} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{449317E1-2D25-436C-8F8E-A871A209A9EF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5A66ECF8-7B14-46E8-90F6-717572840165}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5A66ECF8-7B14-46E8-90F6-717572840165}" => removed successfully
C:\Windows\System32\Tasks\{5EB6BD77-1954-4BC8-99FA-5FBE4660458D} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5EB6BD77-1954-4BC8-99FA-5FBE4660458D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5CC91BA4-75AE-4EE8-98D0-DA3E1F5D360A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5CC91BA4-75AE-4EE8-98D0-DA3E1F5D360A}" => removed successfully
C:\Windows\System32\Tasks\{14017357-C67B-46C3-A464-2201CBD55EE9} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{14017357-C67B-46C3-A464-2201CBD55EE9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5EF60F6C-80B8-44F2-98AB-FDBCCFC3F60E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5EF60F6C-80B8-44F2-98AB-FDBCCFC3F60E}" => removed successfully
C:\Windows\System32\Tasks\{4662BC60-24BA-42C0-A8E1-7B5B77770B19} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4662BC60-24BA-42C0-A8E1-7B5B77770B19}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5F885CE4-53BD-4399-A0FC-25C63650CF7C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F885CE4-53BD-4399-A0FC-25C63650CF7C}" => removed successfully
C:\Windows\System32\Tasks\{EB6FE80C-5095-481A-888F-1B95BB14ED01} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{EB6FE80C-5095-481A-888F-1B95BB14ED01}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6086DB67-6885-4428-AC92-2DF1E405E905}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6086DB67-6885-4428-AC92-2DF1E405E905}" => removed successfully
C:\Windows\System32\Tasks\{1B171CED-8A1D-446E-B9ED-A06BD1A82CC2} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1B171CED-8A1D-446E-B9ED-A06BD1A82CC2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{71C028CB-E12C-4753-80FA-EEDB8BDB842A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{71C028CB-E12C-4753-80FA-EEDB8BDB842A}" => removed successfully
C:\Windows\System32\Tasks\{C8F9A9BC-9F53-481D-A538-E455076C48B1} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C8F9A9BC-9F53-481D-A538-E455076C48B1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9BC7F26A-8376-49C2-B379-DF04D6D689B8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9BC7F26A-8376-49C2-B379-DF04D6D689B8}" => removed successfully
C:\Windows\System32\Tasks\{11F93713-7C60-4C38-BDA7-D7C05B74B1EF} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{11F93713-7C60-4C38-BDA7-D7C05B74B1EF}" => removed successfully
ask: {C390C4F1-CA5F-4BC3-8401-4997A951F630} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (No File) => Error: No automatic fix found for this entry.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C6728E35-841C-4104-9D9C-B92EC3BCC25A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C6728E35-841C-4104-9D9C-B92EC3BCC25A}" => removed successfully
C:\Windows\System32\Tasks\{A3D90B19-CB8F-4E95-BADF-9369F84753DB} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A3D90B19-CB8F-4E95-BADF-9369F84753DB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D068792B-1716-4449-8F45-6408A5D2B6D8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D068792B-1716-4449-8F45-6408A5D2B6D8}" => removed successfully
C:\Windows\System32\Tasks\{FE82AF94-82B7-46D3-9DA0-8703D06BA97B} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FE82AF94-82B7-46D3-9DA0-8703D06BA97B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D51B3C56-795A-468D-B759-7A9BD9388779}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D51B3C56-795A-468D-B759-7A9BD9388779}" => removed successfully
C:\Windows\System32\Tasks\{970E1A6D-763E-4BCC-BF90-7C2C69129272} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{970E1A6D-763E-4BCC-BF90-7C2C69129272}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D8A5FCC7-AF5A-4C84-A64A-56C1B9872966}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D8A5FCC7-AF5A-4C84-A64A-56C1B9872966}" => removed successfully
C:\Windows\System32\Tasks\{E0E3BD52-D561-4794-BDC9-C9430D1BC5D4} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E0E3BD52-D561-4794-BDC9-C9430D1BC5D4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E6317CBE-DF18-40F0-A071-F6FEB676C14C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E6317CBE-DF18-40F0-A071-F6FEB676C14C}" => removed successfully
C:\Windows\System32\Tasks\{C03A226D-65F7-4681-9D89-C1B2DF6E45D2} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C03A226D-65F7-4681-9D89-C1B2DF6E45D2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EBDDB1BB-9A49-4880-ACB7-03E98CA2B1C1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EBDDB1BB-9A49-4880-ACB7-03E98CA2B1C1}" => removed successfully
C:\Windows\System32\Tasks\{E7904902-D05C-40E5-8FEB-60A6405CD001} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E7904902-D05C-40E5-8FEB-60A6405CD001}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{F91509FE-1A80-4149-9D91-09C2F1186E75}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F91509FE-1A80-4149-9D91-09C2F1186E75}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\KAREL" => removed successfully
C:\Users\KAREL\AppData\Roaming\AMozilla\AFirefox\Profiles\mb0mwdp8.default => moved successfully
C:\Users\KAREL\AppData\Roaming\AMozilla\AFirefox\Profiles\mb0mwdp8.default => path removed successfully
HKLM\System\CurrentControlSet\Services\HPSLPSVC => removed successfully
HPSLPSVC => service removed successfully
HKLM\System\CurrentControlSet\Services\fiddrv64 => removed successfully
fiddrv64 => service removed successfully
HKLM\System\CurrentControlSet\Services\Partizan => removed successfully
Partizan => service removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\AIMP => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\AIMP => removed successfully
C:\Windows\SysWOW64\zlib.dll => ":DocumentSummaryInformation" ADS could not remove.
C:\Windows\SysWOW64\zlib.dll => ":SummaryInformation" ADS could not remove.
C:\Windows\SysWOW64\zlib.dll => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS removed successfully
C:\ProgramData\PACE => ":8307D8F8C9EA4484" ADS removed successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DFC7F17A-7870-4FA5-AC14-8644B4307B0B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{320CCE03-3ED8-4863-959A-6F49C164CFF8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{45FD3A48-C762-4702-A10B-88E3F468F46B}" => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 5852716 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 4172 B
Edge => 0 B
Chrome => 0 B
Firefox => 304096177 B
Opera => 157933 B

Temp, IE cache, history, cookies, recent:
Default => 66228 B
Public => 66228 B
ProgramData => 66228 B
systemprofile => 13843477 B
systemprofile32 => 13961015 B
LocalService => 14093259 B
NetworkService => 14166069 B
KAREL => 2412960052 B

RecycleBin => 0 B
EmptyTemp: => 2.6 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 15:27:04 ====

Smazno. Nastala nějaká změna?

Vypadá to dobře, dokonce se rozjel i Gmail. Dobrá práce, pane, děkuji moc!!!

Rádo se stalo!