Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Nefunkční klávesnice

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní: http://forum.viry.cz/viewtopic.php?f=12&t=123975 . Děkujeme za pochopení.
Zpráva
Autor
Stene
Návštěvník
Návštěvník
Příspěvky: 236
Registrován: 03 pro 2013 19:42

Nefunkční klávesnice

#1 Příspěvek od Stene »

Ahoj. Z ničeho nic mi někde ve windows přestala fungovat klávesnice.. V programech jako excel, word, chrome, discord, telegram mi klávesnice normálně funguje.
Ale když kliknu na start a začnu něco psát, nic se nestane. Dřív po kliknutí na klávesnici ve startu začal pc vyhledávat. To samé, když kliknu start -> nastavení tak do vyhledávače nemůžu nic napsat. Jsem bez těchto vyhledávačů jako bez nohy.. Kde by mohl být problém?

Děkuji! Petr Kittler

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118152
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Nefunkční klávesnice

#2 Příspěvek od Rudy »

Zdravím!
Zkuste obnovu systému k datu, kdy korektně fungoval.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Stene
Návštěvník
Návštěvník
Příspěvky: 236
Registrován: 03 pro 2013 19:42

Re: Nefunkční klávesnice

#3 Příspěvek od Stene »

Prý nebyl vytvořen žádný bod obnovy :-(

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118152
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Nefunkční klávesnice

#4 Příspěvek od Rudy »

Tak to máte vypnuté. Dejte logy FRST+Addition: http://forum.viry.cz/viewtopic.php?f=24&t=132509 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Stene
Návštěvník
Návštěvník
Příspěvky: 236
Registrován: 03 pro 2013 19:42

Re: Nefunkční klávesnice

#5 Příspěvek od Stene »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-08-2021
Ran by lenovo y50 (17-08-2021 20:04:34)
Running from C:\Users\lenovo y50\Desktop
Windows 10 Home Version 2004 19041.1083 (X64) (2020-08-17 17:21:11)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3824366190-495201528-3455353946-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3824366190-495201528-3455353946-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3824366190-495201528-3455353946-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-3824366190-495201528-3455353946-501 - Limited - Disabled)
lenovo y50 (S-1-5-21-3824366190-495201528-3455353946-1001 - Administrator - Enabled) => C:\Users\lenovo y50
WDAGUtilityAccount (S-1-5-21-3824366190-495201528-3455353946-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Disabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.005.20060 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 31.0.0.96 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.0.327 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CS6 (HKLM-x32\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe InDesign CC 2017 (HKLM-x32\...\IDSN_12_0_0) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Altap Salamander 3.08 (x64) (HKLM\...\Altap Salamander 3.08 (x64)) (Version: 3.08 - ALTAP)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{795ee3a0-97fa-489a-9543-7564ccc43be4}) (Version: 18.12.0 - Intel Corporation)
AutoCAD 2018 – Čeština (Czech) (HKLM\...\{28B89EEF-1001-0405-2102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
Autodesk 360 (HKLM\...\{556966D9-F7F6-421B-9707-D07901604DDF}) (Version: 5.0.27.1100 - Autodesk)
Autodesk Advanced Material Library Image Library 2018 (HKLM-x32\...\{177AD7F6-9C77-4E50-BA53-B7259C5F282D}) (Version: 16.11.1.0 - Autodesk)
Autodesk App Manager (HKLM-x32\...\{C8125548-F2D5-4059-823F-1F3C5BBD9F19}) (Version: 1.2.0 - Autodesk)
Autodesk App Manager 2016-2019 (HKLM-x32\...\{C1BF29A7-2D9E-4E8D-A3C1-02F6B20B8AB7}) (Version: 2.5.0 - Autodesk)
Autodesk AutoCAD 2018 – Čeština (Czech) (HKLM\...\AutoCAD 2018 – Čeština (Czech)) (Version: 22.0.49.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.3.0 (HKLM-x32\...\{448BC38C-2654-48CD-BB43-F59A37854A3E}) (Version: 1.3.0.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2015 Add-in 64 bit (HKLM\...\{9D589081-AFC2-4932-9071-AC585AC1EA83}) (Version: 3.32.3004 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service Language Pack (HKLM-x32\...\{A37CDB58-AAE8-0001-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library 2018 (HKLM-x32\...\{7847611E-92E9-4917-B395-71C91D523104}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library 2019 (HKLM-x32\...\{8F69EE2C-DC34-4746-9B47-7511147BD4B0}) (Version: 17.11.3.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2018 (HKLM-x32\...\{FCDED119-A969-4E48-8A32-D21AD6B03253}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2019 (HKLM-x32\...\{3AAA4C1B-51DA-487D-81A3-4234DBB9A8F9}) (Version: 17.11.3.0 - Autodesk)
Autodesk ReCap (HKLM\...\Autodesk ReCap 360) (Version: 5.0.0.40 - Autodesk)
Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.3.1.39 - Autodesk)
Autodesk ReCap Photo (HKLM\...\Autodesk ReCap Photo) (Version: 19.0.0.38 - Autodesk)
Avast Cleanup Premium (HKLM\...\Avast Cleanup) (Version: 21.1.9940.2746 - Avast Software)
Avast Premium Security (HKLM\...\Avast Antivirus) (Version: 21.6.2474 - Avast Software)
balenaEtcher 1.5.113 (HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b) (Version: 1.5.113 - Balena Inc.)
Balíček ovladače systému Windows - Silicon Laboratories (silabenm) Ports (03/19/2014 6.7.0.0) (HKLM\...\B97004A400E30DCF940971EFA7A0C13C6B0A4B66) (Version: 03/19/2014 6.7.0.0 - Silicon Laboratories)
Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden
CPUID HWMonitor 1.43 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.43 - CPUID, Inc.)
CrystalDiskInfo 6.7.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.7.0 - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.6.0.0283 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\Discord) (Version: 1.0.9002 - Discord Inc.)
DocRepair (HKLM-x32\...\DocRepair) (Version: - )
EPSON SX125 Series Printer Uninstall (HKLM\...\EPSON SX125 Series) (Version: - SEIKO EPSON Corporation)
ExultMySQLTrial (HKLM-x32\...\ExultMySQLTrial) (Version: 1.4 - Novixys Software, Inc.)
FARO LS 1.1.700.0 (64bit) (HKLM-x32\...\{FF6E9382-0B85-48DE-888F-76EFD9A87038}) (Version: 7.0.0.23 - FARO Scanner Production)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 92.0.4515.131 - Google LLC)
HD Tune Pro 5.75 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software)
Import souborů SketchUp (HKLM-x32\...\{C403E867-FCF1-432B-BCC1-8FFD40A10A6E}) (Version: 1.2.0 - Autodesk)
InfoRapid Search & Replace (HKLM-x32\...\InfoRapid Search & Replace) (Version: 3.1f - Ingo Straub Softwareentwicklung)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4624 - Intel Corporation)
IVI VISA COM Standard Components (HKLM-x32\...\{D2533218-3B3D-46C6-ABAA-898EB2908589}) (Version: 1.0.0 - IVI Foundation Inc.) Hidden
IVI VISA COM Standard Components (HKLM-x32\...\IviVisaComStandardComponents) (Version: - )
Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Ledger Live 2.26.1 (HKLM\...\c62032b2-0bca-5abc-b458-fd67cfc9e49b) (Version: 2.26.1 - Ledger Live Team)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Light Image Resizer 4.7.7.0 (HKLM-x32\...\{EBE030DD-D404-4D92-85E9-8C3624820808}_is1) (Version: 4.7.7.0 - ObviousIdea)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 92.0.902.73 - Microsoft Corporation)
Microsoft Office Professional 2019 - cs-cz (HKLM\...\Professional2019Retail - cs-cz) (Version: 16.0.14026.20264 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\OneDriveSetup.exe) (Version: 21.109.0530.0001 - Microsoft Corporation)
Microsoft Project - en-us (HKLM\...\ProjectProRetail - en-us) (Version: 16.0.14026.20264 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 - Microsoft Corporation)
Microsoft Visio - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.14026.20264 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 91.0.1 (x64 cs)) (Version: 91.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 78.5.0 - Mozilla)
National Instruments Software (HKLM-x32\...\NI Uninstaller) (Version: - National Instruments)
NVIDIA GeForce Experience 3.12.0.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.12.0.84 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 390.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 390.77 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 390.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 390.77 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20264 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20264 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PingPlotter 5 (HKLM-x32\...\{84B2BC22-7967-47A5-B7FF-6297F95E1D39}) (Version: 5.4.3.2773 - Pingman Tools, LLC) Hidden
PingPlotter 5 (HKLM-x32\...\PingPlotter 5 5.4.3.2773) (Version: 5.4.3.2773 - Pingman Tools, LLC)
Počítačová aplikace Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 8.0.0.46 - Autodesk)
PremiumSoft Navicat Premium 12.0 (HKLM\...\PremiumSoft Navicat Premium 12_is1) (Version: 12.0.29 - PremiumSoft CyberTech Ltd.)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.2.2750 - Jan Fiala)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.1 - Qualcomm Atheros)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7525 - Realtek Semiconductor Corp.)
Replace Text (HKLM-x32\...\{E9DD578F-85DD-4FA4-B861-7752F75F6324}) (Version: 2.2 - Ecobyte)
Rozvrh 6 (HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\Rozvrh 6) (Version: 6.17 - RNDr. Červený)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.06.00.08(07.09.2016) - Samsung Electronics Co., Ltd.)
Samsung M2070 Series (HKLM-x32\...\Samsung M2070 Series) (Version: 1.27 (21.07.2017) - Samsung Electronics Co., Ltd.)
Samsung OCR Software (HKLM-x32\...\Samsung OCR Software) (Version: 1.01.18 (31.05.2018) - HP Printing Korea Co., Ltd.)
Samsung Printer Diagnostics (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.1.6.02 - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (HKLM-x32\...\Samsung Scan Process Machine) (Version: 1.03.05.18 - Samsung Electronics Co., Ltd.) Hidden
Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 1.2.19.0 - Samsung Electronics Co., Ltd.)
Search and Replace (x64) (HKLM\...\Search and Replace (x64 Shareware)_is1) (Version: 8.1 - Funduc Software Inc.)
SetIP (HKLM-x32\...\SetIP) (Version: 1.05.08.00 - Samsung Electronics Co., Ltd.)
Speciální aplikace Autodesk (HKLM-x32\...\{EDDEE94B-214D-4B07-9727-A3E46F3E379A}) (Version: 1.2.0 - Autodesk)
Speciální aplikace Autodesk 2016-2019 (HKLM-x32\...\{79F5747D-A961-4CCD-88B0-41F004D79AEB}) (Version: 2.5.0 - Autodesk)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
SSDlife Pro (HKLM-x32\...\{274A0362-DB46-4C5F-9D03-B1EEE404ED2B}) (Version: 2.5.76 - BinarySense Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.5 - Synaptics Incorporated)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Telegram Desktop version 2.7.4 (HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.7.4 - Telegram FZ-LLC)
TextCrawler Pro 3.1.1 (HKLM-x32\...\TextCrawler Pro) (Version: 3.1.1 - DigitalVolcano Software Ltd)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{F49D6A65-1AB6-4728-9FDA-DB5BAB631CF6}) (Version: 1.23.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinHTTrack Website Copier 3.49-2 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.49.2 - HTTrack)
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
Xml Viewer (HKLM-x32\...\{F58E04CD-6E76-43C8-AAF1-482225C2910E}) (Version: 3 - MindFusion Limited)
Zoner Callisto 5 FREE (HKLM-x32\...\ZonerCallisto5_CZ_is1) (Version: 5.0.5000.16 - ZONER software)
Zoner Photo Studio X CS (HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\ZPS X) (Version: 19.2009.2.286 - ZONER software)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-07] (Autodesk Inc.)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-03-04] (Microsoft Corporation)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt [2021-04-11] (Facebook Inc) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5310.0_x64__8wekyb3d8bbwe [2021-06-08] (Microsoft Studios) [MS Ad]
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2019-07-10] (Samsung Electronics Co. Ltd.)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3824366190-495201528-3455353946-1001_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-3824366190-495201528-3455353946-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-3824366190-495201528-3455353946-1001_Classes\CLSID\{4AC6DFE1-607B-45B2-B289-D7FBCD44169C}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2019\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-3824366190-495201528-3455353946-1001_Classes\CLSID\{74D0CE91-F931-4FAC-BEA9-EE32E43EAD37}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2019\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-3824366190-495201528-3455353946-1001_Classes\CLSID\{9AAF0EB6-42D8-46C1-A2EF-679511B37A0D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3824366190-495201528-3455353946-1001_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3824366190-495201528-3455353946-1001_Classes\CLSID\{C78B614E-F3EA-11D2-94A1-00E0292A01E3}\InprocServer32 -> C:\Program Files\Altap Salamander\utils\salextx64.dll (ALTAP) [File not signed]
CustomCLSID: HKU\S-1-5-21-3824366190-495201528-3455353946-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2018\cs-CZ\acadficn.dll (Autodesk Development Sarl -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3824366190-495201528-3455353946-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-3824366190-495201528-3455353946-1001_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll () [File not signed]
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-08-16] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2018-06-07] (Autodesk, Inc. -> Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-08-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2018-06-07] (Autodesk, Inc. -> Autodesk)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-08-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1-x32: [SEStart] -> {0CAF1FA2-6F8D-11D5-84C7-0000836958D3} => C:\Program Files (x86)\seRapid\SEStart.dll [2003-07-12] () [File not signed]
ContextMenuHandlers1: [SrExt] -> {a90d5ea2-a1d7-11cf-8dc1-00805fc2353f} => C:\Program Files\SR\SrExt64.dll [2017-06-01] (Funduc Software Inc -> Funduc Software Inc. hxxp://www.funduc.com)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2-x32: [SEStart] -> {0CAF1FA2-6F8D-11D5-84C7-0000836958D3} => C:\Program Files (x86)\seRapid\SEStart.dll [2003-07-12] () [File not signed]
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-08-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4-x32: [SEStart] -> {0CAF1FA2-6F8D-11D5-84C7-0000836958D3} => C:\Program Files (x86)\seRapid\SEStart.dll [2003-07-12] () [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-04-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-01-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-08-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [SrExt] -> {a90d5ea2-a1d7-11cf-8dc1-00805fc2353f} => C:\Program Files\SR\SrExt64.dll [2017-06-01] (Funduc Software Inc -> Funduc Software Inc. hxxp://www.funduc.com)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-3824366190-495201528-3455353946-1001: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] () [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\lenovo y50\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Ledger Manager.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=beimhnaefocolcplfimocfiaiefpkgbf
ShortcutWithArgument: C:\Users\lenovo y50\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Ledger Wallet Bitcoin.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=kkdpmhnladdopljabkgpacgpliggeeaf
ShortcutWithArgument: C:\Users\lenovo y50\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Ledger Wallet Ethereum.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=hmlhkialjkaldndjnlcdfdphcgeadkkm
ShortcutWithArgument: C:\Users\lenovo y50\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Kristýna - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) =============

2017-06-01 14:49 - 2014-11-02 18:45 - 000029184 _____ () [File not signed] C:\Program Files (x86)\PSPad editor\pspshellx64.dll
2008-06-17 18:38 - 2008-06-17 18:38 - 000144896 _____ (National Instruments Corporation) [File not signed] C:\Program Files (x86)\National Instruments\Shared\Security\nidm_client_thinauth.dll
2020-08-17 19:08 - 2018-01-24 00:42 - 000877440 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll
2020-08-17 19:08 - 2018-01-24 00:42 - 000343912 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NvStereo\_nvstapisvr64.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:4FC01C57 [136]
AlternateDataStreams: C:\ProgramData\TEMP:F0DEC06E [134]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-3824366190-495201528-3455353946-1001\Software\Classes\.scr: AutoCADScriptFile =>

==================== Internet Explorer (Whitelisted) ==========

SearchScopes: HKU\S-1-5-21-3824366190-495201528-3455353946-1001 -> {091087FD-CDC1-4F59-8FCB-4D4A5D89393B} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3824366190-495201528-3455353946-1001 -> {1F03A840-5BEF-4413-9892-597FE9C93E5D} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3824366190-495201528-3455353946-1001 -> {25E918EB-C90B-43DF-B0D8-574F25A01A04} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3824366190-495201528-3455353946-1001 -> {33304E3D-0A76-451E-B571-EFB0EB73F618} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-3824366190-495201528-3455353946-1001 -> {59AC8252-9653-4045-BBBF-11CAF3F328D8} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-3824366190-495201528-3455353946-1001 -> {6861D191-73D2-4D98-ADF7-328D3F745575} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3824366190-495201528-3455353946-1001 -> {995C9CAF-FD95-4C4E-B06F-6196A01030DE} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3824366190-495201528-3455353946-1001 -> {A4695064-4274-472E-B9A6-78127035FF11} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-3824366190-495201528-3455353946-1001 -> {B874AA26-D789-49A0-A95A-5236495DD86D} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-05-14] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-04-06] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-04-06] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-14] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-11-21 15:53 - 2020-02-14 16:04 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\IVI Foundation\VISA\WinNT\Bin\;C:\Program Files (x86)\IVI Foundation\VISA\WinNT\Bin;C:\Program Files\IVI Foundation\VISA\Win64\Bin\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-3824366190-495201528-3455353946-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\Control Panel\Desktop\\Wallpaper -> c:\veci na plose\svatba\svatba fotky - viktor\dsc00086.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "RtHDVCpl"
HKLM\...\StartupApproved\Run: => "RtHDVBg_Dolby"
HKLM\...\StartupApproved\Run: => "RtHDVBg_LENOVO_DOLBYDRAGON"
HKLM\...\StartupApproved\Run: => "RtHDVBg_LENOVO_MICPKEY"
HKLM\...\StartupApproved\Run: => "SynTPEnh"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "CDAServer"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "ADSKAppManager"
HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"
HKU\S-1-5-21-3824366190-495201528-3455353946-1000\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\StartupApproved\StartupFolder: => "DeskPins.lnk"
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\StartupApproved\Run: => "EPSON SX125 Series"
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\StartupApproved\Run: => "Boxoft Tools"
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\StartupApproved\Run: => "Autodesk Sync"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{24E3ECB3-BCE8-4F1B-980A-D599E5D702BB}C:\program files\altap salamander\salamand.exe] => (Allow) C:\program files\altap salamander\salamand.exe (ALTAP, spol. s r.o. -> ALTAP)
FirewallRules: [TCP Query User{D9E9C92F-D061-4FF4-ABF2-28FB012ABE35}C:\program files\altap salamander\salamand.exe] => (Allow) C:\program files\altap salamander\salamand.exe (ALTAP, spol. s r.o. -> ALTAP)
FirewallRules: [UDP Query User{828C045F-A5CE-495C-A731-89CCA2D7327E}C:\users\lenovo y50\desktop\miner\ethdcrminer64.exe] => (Allow) C:\users\lenovo y50\desktop\miner\ethdcrminer64.exe => No File
FirewallRules: [TCP Query User{6B2C73A6-A77E-4E18-97DC-1EB4832B922C}C:\users\lenovo y50\desktop\miner\ethdcrminer64.exe] => (Allow) C:\users\lenovo y50\desktop\miner\ethdcrminer64.exe => No File
FirewallRules: [{41741D08-F46D-427C-85A7-1F18B7665862}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{737C3AEA-8CFC-430A-AACA-61CBDCA2EFE7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CE71205E-63F9-4C49-A5E6-3714EBF7F383}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8ECD812E-18FC-426A-AF5A-57D0DD9D24DF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{79D71EBB-14A0-40F8-BB44-E064B05920AD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C1E8B986-76DD-4349-94E9-744D72BC1493}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{53573FF1-DE9D-423D-9246-A4BC24B6CB77}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{AA52A424-8544-4211-B759-68B170C2B6E2}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{17CE20AE-45F6-462A-A219-FC237B6C4CDA}C:\users\lenovo y50\desktop\stronghold crusader\stronghold crusader.exe] => (Allow) C:\users\lenovo y50\desktop\stronghold crusader\stronghold crusader.exe => No File
FirewallRules: [TCP Query User{0FE0672C-67A9-420F-9702-FFDFA93989BC}C:\users\lenovo y50\desktop\stronghold crusader\stronghold crusader.exe] => (Allow) C:\users\lenovo y50\desktop\stronghold crusader\stronghold crusader.exe => No File
FirewallRules: [UDP Query User{7FD20A1F-8728-46DC-9360-5DCFC1F2E9D5}C:\program files (x86)\altap salamander\salamand.exe] => (Allow) C:\program files (x86)\altap salamander\salamand.exe => No File
FirewallRules: [TCP Query User{5E5AB382-1EDA-494E-A553-F46B27C852C0}C:\program files (x86)\altap salamander\salamand.exe] => (Allow) C:\program files (x86)\altap salamander\salamand.exe => No File
FirewallRules: [{9D5E78E9-B093-4C3F-BA1A-E39AA12EE7E9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{56E3EF4D-4367-48CA-9DBB-BE3C0AA382BB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D95C6490-E670-4482-A363-51AF160B28F6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe => No File
FirewallRules: [{311DC6F6-1F0F-458E-A3B9-FC064BF68DB5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe => No File
FirewallRules: [TCP Query User{42F3CAA6-7D73-470D-A881-A840C85F08DC}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{11C7AEFC-4285-4311-A457-EE0289047ED1}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{ABA7FC40-8BB0-4891-BB2F-DD2975AD16E0}] => (Allow) C:\Users\lenovo y50\AppData\Local\Apowersoft\Online Video Converter\Online Video Converter.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{ACF5B076-FE40-4631-8A66-378656FFDD0D}] => (Allow) C:\Users\lenovo y50\AppData\Local\Apowersoft\Online Video Converter\Online Video Converter.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{BBBE9C57-E134-4C29-9A7D-2F2008D7F2DA}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe => No File
FirewallRules: [{890A6187-5440-4002-AB6C-B94DBB6C7979}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe => No File
FirewallRules: [TCP Query User{6FD2326B-7FDB-48BE-83E6-DE048F417422}C:\program files\benbox\3.7.99\bin\laserdaemon.exe] => (Allow) C:\program files\benbox\3.7.99\bin\laserdaemon.exe => No File
FirewallRules: [UDP Query User{293A24BB-7CE5-4352-AD64-241CBC3B7EA4}C:\program files\benbox\3.7.99\bin\laserdaemon.exe] => (Allow) C:\program files\benbox\3.7.99\bin\laserdaemon.exe => No File
FirewallRules: [{86683E34-1918-480E-BF45-2166F1EB244E}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{02FC82C0-293B-4A02-BE2A-F4F524CD1451}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{D8BD20AA-9B71-40B1-8662-30DCFF4612E5}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{627E4181-15D3-4476-96C7-BFF742FA50D7}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{7533975D-9629-4C81-B6A5-43A01F8B71E3}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe (Samsung Electronics Co., Ltd.) [File not signed]
FirewallRules: [{861A7102-F4A8-46A2-A0AA-41393696E8B9}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe (Samsung Electronics Co., Ltd.) [File not signed]
FirewallRules: [{F495A3C4-F2A6-4BA3-AA61-B1A3401F3988}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe (Samsung Electronics Co., Ltd.) [File not signed]
FirewallRules: [{04BE3727-7C73-4019-8570-4CA37AEC9397}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe (Samsung Electronics Co., Ltd.) [File not signed]
FirewallRules: [{B8A01C71-0AC6-4945-84A7-7F97D5717313}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe (Samsung Electronics Co., Ltd.) [File not signed]
FirewallRules: [{70909B39-8CEF-428F-9FDB-9DE550B558F9}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe (ScanProcess) [File not signed]
FirewallRules: [{51A0723C-E1D8-4C1D-A894-F8FC7C9DD399}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe (Scan2PCNotify) [File not signed]
FirewallRules: [{BBEA11FE-4E4C-42DA-A091-AE01AD5D703F}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe => No File
FirewallRules: [{6E45816B-D29B-4FDC-BDB0-66F368058BD1}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe => No File
FirewallRules: [{44A95CD4-7AAE-4F79-8325-B953667A4908}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{753BD8AA-2FFD-4D31-94F7-9AEA47AF329B}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{26C1745E-8BEF-4EB7-BA0F-D0F6D80EEEE6}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{559824FF-091D-41CF-B9A0-4B1534B51471}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{DE83186A-119F-4208-8B03-F0806A776493}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )
FirewallRules: [{575EA4A2-B27A-4C17-8DBF-B10532CA3832}] => (Allow) LPort=50248
FirewallRules: [TCP Query User{EC33E075-BEE4-4E8A-9AC0-C608B1E592C5}C:\counter-strike 1.6 [cswos.com]\hl.exe] => (Allow) C:\counter-strike 1.6 [cswos.com]\hl.exe => No File
FirewallRules: [UDP Query User{528621B9-36B1-4C5F-8CBA-F0F10C02F976}C:\counter-strike 1.6 [cswos.com]\hl.exe] => (Allow) C:\counter-strike 1.6 [cswos.com]\hl.exe => No File
FirewallRules: [{02ED1C72-9781-4955-A1E8-2792211D2723}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4112258B-FFB8-44FA-939C-7209BC7E897E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E3FBE89A-01BE-4D00-B394-769B73719AC3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D5BB7B9B-1864-4C38-AC44-80DD836DA6C6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C4C7CF4A-6FE8-480C-B4CA-7D29714BDB55}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0A481E00-70D9-43CD-ADE7-FFE34CC49B6E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:117.82 GB) (Free:13.93 GB) (12%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (08/17/2021 08:08:05 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2021-09-15T18:02:05Z. Kód chyby: 0x80070002

Error: (08/17/2021 08:07:32 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2021-09-15T18:02:32Z. Kód chyby: 0x80070002

Error: (08/17/2021 08:07:02 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2021-09-15T18:03:02Z. Kód chyby: 0x80070002

Error: (08/17/2021 08:06:32 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2021-09-15T18:02:32Z. Kód chyby: 0x80070002

Error: (08/17/2021 08:06:02 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2021-09-15T18:03:02Z. Kód chyby: 0x80070002

Error: (08/17/2021 08:05:32 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2021-09-15T18:02:32Z. Kód chyby: 0x80070002

Error: (08/17/2021 08:05:02 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2021-09-15T18:03:02Z. Kód chyby: 0x80070002

Error: (08/17/2021 08:04:32 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2021-09-15T18:02:32Z. Kód chyby: 0x80070002


System errors:
=============
Error: (08/17/2021 02:45:22 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1ASUH46)
Description: Server {5F7F3F7B-1177-4D4B-B1DB-BC6F671B8F25} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/16/2021 08:05:25 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1ASUH46)
Description: Server {3EEF301F-B596-4C0B-BD92-013BEAFCE793} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/16/2021 08:02:09 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Avast Cleanup se po přijetí pokynu pro vypnutí neukončila správně.

Error: (08/16/2021 07:57:34 PM) (Source: DCOM) (EventID: 10029) (User: DESKTOP-1ASUH46)
Description: U aktivace identifikátoru CLSID {E60687F7-01A1-40AA-86AC-DB1CBF673334} vypršel časový limit během čekání na zastavení služby wuauserv.

Error: (08/16/2021 07:51:19 PM) (Source: DCOM) (EventID: 10029) (User: DESKTOP-1ASUH46)
Description: U aktivace identifikátoru CLSID {E60687F7-01A1-40AA-86AC-DB1CBF673334} vypršel časový limit během čekání na zastavení služby wuauserv.

Error: (08/16/2021 03:03:35 PM) (Source: DCOM) (EventID: 10029) (User: DESKTOP-1ASUH46)
Description: U aktivace identifikátoru CLSID {E60687F7-01A1-40AA-86AC-DB1CBF673334} vypršel časový limit během čekání na zastavení služby wuauserv.

Error: (08/16/2021 02:22:05 PM) (Source: DCOM) (EventID: 10029) (User: NT AUTHORITY)
Description: U aktivace identifikátoru CLSID {E60687F7-01A1-40AA-86AC-DB1CBF673334} vypršel časový limit během čekání na zastavení služby wuauserv.

Error: (08/16/2021 02:18:04 PM) (Source: DCOM) (EventID: 10029) (User: DESKTOP-1ASUH46)
Description: U aktivace identifikátoru CLSID {E60687F7-01A1-40AA-86AC-DB1CBF673334} vypršel časový limit během čekání na zastavení služby wuauserv.


CodeIntegrity:
===============
Date: 2021-08-17 20:00:21
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2021-08-17 14:48:41
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO 9ECN43WW(V3.03) 08/12/2015
Motherboard: LENOVO Lenovo Y50-70
Processor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Percentage of memory in use: 29%
Total physical RAM: 16296.27 MB
Available physical RAM: 11547.1 MB
Total Virtual: 18728.27 MB
Available Virtual: 13923.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:117.82 GB) (Free:13.93 GB) NTFS

\\?\Volume{ae0069c6-5eb7-4d22-825f-989da3ffc9f1}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{2d9286d5-7479-4fb1-909a-d2b4c50cfc92}\ () (Fixed) (Total:0.87 GB) (Free:0.4 GB) NTFS
\\?\Volume{0e7f7cd5-22df-464a-8ce3-0804deb18d0e}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 119.2 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================




















Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-08-2021
Ran by lenovo y50 (administrator) on DESKTOP-1ASUH46 (LENOVO 20378) (17-08-2021 20:01:11)
Running from C:\Users\lenovo y50\Desktop
Loaded Profiles: lenovo y50
Platform: Windows 10 Home Version 2004 19041.1083 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Cleanup\TuneupSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Cleanup\TuneupUI.exe <3>
(Avast Software s.r.o. -> Avast Software) C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe
(Discord Inc. -> Discord Inc.) C:\Users\lenovo y50\AppData\Local\Discord\app-1.0.9002\Discord.exe <6>
(Flexera Software LLC -> Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler64.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2105.19601.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(National Instruments Corporation -> National Instruments Corporation) C:\Windows\SysWOW64\lkads.exe
(National Instruments Corporation -> National Instruments Corporation) C:\Windows\SysWOW64\lktsrv.exe
(National Instruments Corporation -> National Instruments, Inc.) C:\Windows\SysWOW64\lkcitdl.exe
(NITestingCert -> National Instruments Corporation) [File not signed] C:\Windows\SysWOW64\nisvcloc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [123672 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] (Samsung Electronics CO., LTD. -> )
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\Avast Software\Cleanup\TuneupUI.exe [2429664 2021-03-23] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3947704 2015-08-29] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [664872 2020-03-04] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4836032 2017-08-14] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\Run: [Boxoft Tools] => C:\ProgramData\Boxtools\Boxofttoolbox.exe [2590208 2010-11-19] () [File not signed]
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\Run: [EPSON SX125 Series] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGGE.EXE [224768 2009-09-14] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1193352 2014-02-08] (Autodesk, Inc -> Autodesk, Inc.)
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\Run: [Discord] => C:\Users\lenovo y50\AppData\Local\Discord\Update.exe [1512104 2021-05-24] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\Policies\Explorer: []
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\MountPoints2: {e01ab139-4494-11ea-89bb-28e34710e678} - "D:\WifiAutoInstallSetup.exe"
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\MountPoints2: {f8c76e50-dfce-11e9-89b2-28e34710e678} - "D:\WifiAutoInstallSetup.exe"
HKLM\...\Windows x64\Print Processors\ssm4mPC: C:\Windows\System32\spool\prtprocs\x64\ssm4mpc.dll [43520 2017-07-10] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\ssm4m Langmon: C:\WINDOWS\system32\ssm4mlm.dll [22528 2017-07-10] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\92.0.4515.131\Installer\chrmstp.exe [2021-08-10] (Google LLC -> Google LLC)
BootExecute: autocheck autochk * icarus_rvrt.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {3FF1B38B-6AC4-4E08-A1A5-9A453FC9CDC5} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-04-29] (Avast Software s.r.o. -> Avast Software)
Task: {4C468DEB-5790-4C41-B8C9-D94A0871B40D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-01] (Google Inc -> Google Inc.)
Task: {4FEC45B1-9C98-4206-ADB5-AEEB267B1485} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-01] (Google Inc -> Google Inc.)
Task: {7FAAD9D1-921C-49A2-A1FE-65E22FE2DDFF} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4902680 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
Task: {A0C85F1E-DB22-4C4F-A8DD-75C24BDB2021} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [745664 2016-01-12] (@ByELDI -> @ByELDI) [File not signed]
Task: {E5DCDEDA-DFE9-4931-B8FB-7C243BE35750} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-26] (Adobe Inc. -> Adobe Inc.)
Task: {F1DBEDC2-1674-40B2-BC6A-D9CB637DAAE9} - System32\Tasks\Optimize Thumbnail Cache => C:\Program Files (x86)\Common Files\installshield\engine\8\intel 32\isupdate.exe [61104 2020-09-26] (Flexera Software LLC -> InstallShield®) [File not signed]

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1c5338a1-16ff-41ed-9741-a4798804c049}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{3564587d-8761-4c69-be3d-1664156dc6f5}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{6320084a-1dea-4c69-833c-46d4604e39dc}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{650a28d4-a1d6-4c21-a0a2-38cc38b8de5c}: [DhcpNameServer] 213.226.224.12 8.8.8.8
Tcpip\..\Interfaces\{695c092f-959c-43d9-b8aa-c742d88190ac}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\lenovo y50\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-16]

FireFox:
========
FF DefaultProfile: 2bz1rpyr.default
FF ProfilePath: C:\Users\lenovo y50\AppData\Roaming\Mozilla\Firefox\Profiles\2bz1rpyr.default [2021-05-02]
FF user.js: detected! => C:\Users\lenovo y50\AppData\Roaming\Mozilla\Firefox\Profiles\2bz1rpyr.default\user.js [2018-02-28]
FF NewTabOverride: Mozilla\Firefox\Profiles\2bz1rpyr.default -> Enabled: {ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: (Seznam doplněk - Esko) - C:\Users\lenovo y50\AppData\Roaming\Mozilla\Firefox\Profiles\2bz1rpyr.default\Extensions\sko-extension@firma.seznam.cz.xpi [2021-01-10]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\lenovo y50\AppData\Roaming\Mozilla\Firefox\Profiles\2bz1rpyr.default\Extensions\sp@avast.com.xpi [2021-01-10]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-04-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-04-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-01-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-01-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-07-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default [2021-08-17]
CHR Notifications: Default -> hxxps://chat.simplemining.net; hxxps://coinstats.app; hxxps://www.malvik.cz; hxxps://www.tradingview.com; hxxps://www.youtube.com
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://seznam.cz/"
CHR Extension: (Překladač Google) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2021-08-15]
CHR Extension: (Prezentace) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-27]
CHR Extension: (Ledger Manager) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\beimhnaefocolcplfimocfiaiefpkgbf [2020-07-24]
CHR Extension: (YouTube) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-01]
CHR Extension: (Webkamera) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfpjcegkjhdnnempidlgmeoaiilpidep [2018-05-17]
CHR Extension: (Proxy SwitchySharp) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm [2020-03-15]
CHR Extension: (Adobe Acrobat) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-03-12]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-11-10]
CHR Extension: (Tabulky) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-25]
CHR Extension: (Ledger Wallet Ethereum) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmlhkialjkaldndjnlcdfdphcgeadkkm [2019-03-20]
CHR Extension: (Ledger Wallet Bitcoin) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkdpmhnladdopljabkgpacgpliggeeaf [2020-07-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2020-04-06]
CHR Extension: (Gmail) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-30]
CHR Profile: C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-08-17]
CHR Profile: C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-08-16]
CHR HomePage: Profile 1 -> hxxps://www.google.com/
CHR StartupUrls: Profile 1 -> "hxxps://www.google.cz/"
CHR Extension: (Překladač Google) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-03-20]
CHR Extension: (Prezentace) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-05-11]
CHR Extension: (Dokumenty) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2019-05-11]
CHR Extension: (Disk Google) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-11]
CHR Extension: (YouTube) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-05-11]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-07-28]
CHR Extension: (Adobe Acrobat) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-03-29]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-11-11]
CHR Extension: (Tabulky) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-05-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-11]
CHR Extension: (Gmail) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-27]
CHR Extension: (Chrome Media Router) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-11]
CHR Profile: C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\System Profile [2021-08-17]
CHR HKU\S-1-5-21-3824366190-495201528-3455353946-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1046904 2020-03-04] (Autodesk, Inc. -> Autodesk Inc.)
S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-26] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8262736 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
S4 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc -> Autodesk, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [627480 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [1616664 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [374552 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-05-22] (Avast Software s.r.o. -> AVAST Software)
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [12414176 2021-03-23] (Avast Software s.r.o. -> AVAST Software)
S4 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11279752 2021-05-25] (Microsoft Corporation -> Microsoft Corporation)
S4 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-08-14] (Disc Soft Ltd -> Disc Soft Ltd)
R2 LkCitadelServer; C:\WINDOWS\SysWOW64\lkcitdl.exe [695136 2008-06-17] (National Instruments Corporation -> National Instruments, Inc.)
R2 lkClassAds; C:\WINDOWS\SysWOW64\lkads.exe [40488 2008-06-17] (National Instruments Corporation -> National Instruments Corporation)
R2 lkTimeSync; C:\WINDOWS\SysWOW64\lktsrv.exe [50736 2008-06-17] (National Instruments Corporation -> National Instruments Corporation)
S4 mxssvr; C:\Program Files (x86)\National Instruments\MAX\nimxs.exe [12696 2008-04-02] (National Instruments Corporation -> National Instruments Corporation)
S4 NIDomainService; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [213552 2008-06-17] (National Instruments Corporation -> National Instruments Corporation)
S4 NILM License Manager; C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe [1007616 2008-06-12] (Macrovision Corporation) [File not signed]
S4 niLXIDiscovery; C:\Program Files (x86)\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe [129144 2008-06-20] (National Instruments Corporation -> National Instruments Corporation)
S4 nimDNSResponder; C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [192112 2008-06-18] (National Instruments Corporation -> National Instruments Corporation)
R2 niSvcLoc; C:\WINDOWS\SysWOW64\nisvcloc.exe [8656 2007-11-06] (NITestingCert -> National Instruments Corporation) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\NisSrv.exe [3004048 2019-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MsMpEng.exe [103384 2019-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2017-04-15] (ASUSTeK Computer Inc. -> )
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [218976 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [367640 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250392 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99352 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [17344 2021-08-16] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41352 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [184648 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [559816 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108408 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82904 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851704 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [471920 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215392 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [328568 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [21928 2013-06-04] (BoiseTest -> Windows (R) Win 7 DDK provider)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-09-25] (Disc Soft Ltd -> Disc Soft Ltd)
S3 nidimk; C:\WINDOWS\system32\drivers\nidimkl.sys [11872 2008-06-13] (National Instruments Corporation -> National Instruments Corporation)
S3 niorbk; C:\WINDOWS\system32\drivers\niorbkl.sys [11856 2008-06-13] (National Instruments Corporation -> National Instruments Corporation)
S3 nipalfwedl; C:\WINDOWS\System32\drivers\nipalfwedl.sys [12928 2008-06-13] (National Instruments Corporation -> National Instruments Corporation)
R0 NIPALK; C:\WINDOWS\System32\drivers\nipalk.sys [875096 2008-06-13] (National Instruments Corporation -> National Instruments Corporation)
S3 nipalusbedl; C:\WINDOWS\System32\drivers\nipalusbedl.sys [12920 2008-06-13] (National Instruments Corporation -> National Instruments Corporation)
R0 nipbcfk; C:\WINDOWS\System32\drivers\nipbcfk.sys [16472 2007-07-10] (National Instruments Corporation -> National Instruments Corporation)
S3 NiViFWK; C:\WINDOWS\System32\drivers\NiViFWKl.sys [11896 2008-06-20] (National Instruments Corporation -> National Instruments Corporation)
S3 NiViPciK; C:\WINDOWS\System32\drivers\NiViPciKl.sys [11872 2008-06-20] (National Instruments Corporation -> National Instruments Corporation)
R2 NiViPxiK; C:\WINDOWS\System32\drivers\NiViPxiKl.sys [11872 2008-06-20] (National Instruments Corporation -> National Instruments Corporation)
S3 RtlWlanu; C:\WINDOWS\System32\drivers\rtl8188gu.sys [1208768 2018-04-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46688 2019-10-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [350136 2019-10-14] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54200 2019-10-14] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-17 20:01 - 2021-08-17 20:02 - 000030478 _____ C:\Users\lenovo y50\Desktop\FRST.txt
2021-08-17 20:00 - 2021-08-17 20:00 - 002300416 _____ (Farbar) C:\Users\lenovo y50\Downloads\FRST64.exe
2021-08-17 20:00 - 2021-08-17 20:00 - 002300416 _____ (Farbar) C:\Users\lenovo y50\Desktop\FRST64.exe
2021-08-17 14:47 - 2021-08-17 14:47 - 005209200 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-08-17 14:16 - 2021-08-17 14:16 - 000000000 ___HD C:\$WinREAgent
2021-08-16 20:17 - 2021-08-17 14:48 - 000000000 ____D C:\Users\lenovo y50\AppData\Local\Discord
2021-08-16 14:17 - 2021-08-16 14:16 - 000339736 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-08-16 14:16 - 2021-08-16 14:16 - 000215392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-08-16 14:14 - 2021-08-16 20:05 - 000003542 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-08-11 08:46 - 2021-08-11 08:46 - 000509114 _____ C:\Users\lenovo y50\Downloads\2217468546.pdf
2021-08-10 16:35 - 2021-08-16 20:38 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-08-10 16:35 - 2021-08-16 20:38 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-08-07 10:01 - 2021-08-07 10:01 - 000017408 _____ C:\Users\lenovo y50\Downloads\www (1).xlsx

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-17 20:01 - 2020-02-03 16:27 - 000000000 ____D C:\FRST
2021-08-17 20:01 - 2017-06-03 09:11 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-08-17 20:01 - 2017-06-03 09:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-08-17 19:59 - 2021-03-24 16:12 - 000000000 ____D C:\Users\lenovo y50\AppData\Roaming\discord
2021-08-17 19:57 - 2017-06-01 14:36 - 000000000 ____D C:\Program Files (x86)\Google
2021-08-17 19:55 - 2020-08-17 19:09 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-08-17 19:55 - 2019-12-07 16:41 - 000718024 _____ C:\WINDOWS\system32\perfh005.dat
2021-08-17 19:55 - 2019-12-07 16:41 - 000145166 _____ C:\WINDOWS\system32\perfc005.dat
2021-08-17 19:55 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-08-17 14:48 - 2018-04-20 16:54 - 000000000 ____D C:\Users\lenovo y50\AppData\Local\AVAST Software
2021-08-17 14:47 - 2020-08-17 19:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-17 14:47 - 2020-08-17 19:01 - 000008192 ___SH C:\DumpStack.log.tmp
2021-08-17 14:47 - 2020-08-17 19:01 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-08-17 14:47 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-08-17 14:47 - 2017-09-25 16:07 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-08-17 14:47 - 2017-06-01 14:37 - 000000000 ____D C:\ProgramData\AVAST Software
2021-08-17 14:47 - 2016-11-22 01:34 - 000000000 __SHD C:\Users\lenovo y50\IntelGraphicsProfiles
2021-08-17 14:47 - 2016-11-22 01:24 - 000000000 ____D C:\ProgramData\NVIDIA
2021-08-17 14:45 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-08-17 14:25 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-08-17 14:20 - 2021-06-29 20:30 - 000003572 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-17 14:20 - 2021-06-29 20:30 - 000003348 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-08-17 14:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-08-16 20:38 - 2021-06-13 08:58 - 000002932 _____ C:\WINDOWS\system32\Tasks\Optimize Thumbnail Cache
2021-08-16 20:38 - 2021-06-13 08:58 - 000002558 _____ C:\WINDOWS\system32\Tasks\AutoPico Daily Restart
2021-08-16 20:38 - 2020-08-17 19:20 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-08-16 20:36 - 2021-06-13 09:12 - 000000000 ____D C:\WINDOWS\AutoKMS
2021-08-16 20:36 - 2021-03-24 16:11 - 000000000 ____D C:\Users\lenovo y50\AppData\Local\SquirrelTemp
2021-08-16 20:36 - 2020-08-02 09:32 - 000000000 ____D C:\Users\lenovo y50\AppData\Roaming\Telegram Desktop
2021-08-16 20:36 - 2017-06-01 15:23 - 000000000 ____D C:\Users\lenovo y50\AppData\Local\CrashDumps
2021-08-16 20:17 - 2021-03-24 16:12 - 000002288 _____ C:\Users\lenovo y50\Desktop\Discord.lnk
2021-08-16 20:17 - 2021-03-24 16:12 - 000000000 ____D C:\Users\lenovo y50\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2021-08-16 20:13 - 2017-12-27 14:03 - 000000000 ____D C:\Users\lenovo y50\AppData\Local\ElevatedDiagnostics
2021-08-16 20:02 - 2017-06-02 14:22 - 000000000 ____D C:\Program Files\WinRAR
2021-08-16 14:17 - 2021-06-21 20:00 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-08-16 14:17 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-08-16 14:16 - 2020-10-17 01:30 - 000184648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-08-16 14:16 - 2020-04-16 11:12 - 000559816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-08-16 14:16 - 2019-01-14 16:44 - 000367640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-08-16 14:16 - 2019-01-07 08:05 - 000250392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-08-16 14:16 - 2019-01-07 08:05 - 000099352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-08-16 14:16 - 2018-10-28 19:23 - 000041352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-08-16 14:16 - 2018-06-24 11:25 - 000017344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2021-08-16 14:16 - 2017-11-19 20:14 - 000218976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-08-16 14:16 - 2017-06-01 14:41 - 000851704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-08-16 14:16 - 2017-06-01 14:41 - 000471920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-08-16 14:16 - 2017-06-01 14:41 - 000328568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-08-16 14:16 - 2017-06-01 14:41 - 000108408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-08-16 14:16 - 2017-06-01 14:41 - 000082904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-08-16 14:14 - 2017-08-20 13:48 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-08-16 14:14 - 2017-06-02 14:22 - 000000000 ____D C:\Users\lenovo y50\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-08-16 14:14 - 2017-06-02 14:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-08-15 18:18 - 2020-06-03 23:57 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-15 18:18 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-08-15 18:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-08-10 20:12 - 2017-06-01 14:37 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-08-07 10:02 - 2018-01-29 19:29 - 000000000 ____D C:\Users\lenovo y50\AppData\Local\Packages

==================== Files in the root of some directories ========

2019-01-27 17:51 - 2019-07-31 19:46 - 000000132 _____ () C:\Users\lenovo y50\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2019-04-23 19:06 - 2019-04-23 19:06 - 000000132 _____ () C:\Users\lenovo y50\AppData\Roaming\Filtr IIIExport Adobe CS6 – předvolby
2017-06-03 12:38 - 2017-06-03 12:38 - 000000600 _____ () C:\Users\lenovo y50\AppData\Roaming\winscp.rnd
2017-06-03 10:53 - 2021-01-10 10:59 - 000001480 _____ () C:\Users\lenovo y50\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2018-10-01 20:19 - 2018-10-01 20:19 - 000000000 _____ () C:\Users\lenovo y50\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118152
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Nefunkční klávesnice

#6 Příspěvek od Rudy »

Teď spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Stene
Návštěvník
Návštěvník
Příspěvky: 236
Registrován: 03 pro 2013 19:42

Re: Nefunkční klávesnice

#7 Příspěvek od Stene »

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 18.08.21
Čas skenování: 20:16
Logovací soubor: 59afaf9a-0050-11ec-abe6-f8a96336862b.json

-Informace o softwaru-
Verze: 4.4.4.126
Verze komponentů: 1.0.1413
Aktualizovat verzi balíku komponent: 1.0.44226
Licence: Zkušební

-Systémová informace-
OS: Windows 10 (Build 19041.1083)
CPU: x64
Systém souborů: NTFS
Uživatel: DESKTOP-1ASUH46\lenovo y50

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 352771
Zjištěné hrozby: 20
Hrozby umístěné do karantény: 20
Uplynulý čas: 4 min, 38 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 8
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Optimize Thumbnail Cache, V karanténě, 3900, 943626, , , , , ,
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{F1DBEDC2-1674-40B2-BC6A-D9CB637DAAE9}, V karanténě, 3900, 943626, , , , , ,
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{F1DBEDC2-1674-40B2-BC6A-D9CB637DAAE9}, V karanténě, 3900, 943626, , , , , ,
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, V karanténě, 3900, -1, 0.0.0, , action, , ,
Backdoor.Bladabindi.E, HKU\S-1-5-21-3824366190-495201528-3455353946-1001\SOFTWARE\6df0da3e142ce95d9a96d94d160e9392, V karanténě, 3911, 948611, 1.0.44226, , ame, , ,
HackTool.KMSpico, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\AutoPico Daily Restart, V karanténě, 7264, 921559, , , , , ,
HackTool.KMSpico, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{A0C85F1E-DB22-4C4F-A8DD-75C24BDB2021}, V karanténě, 7264, 921559, , , , , ,
HackTool.KMSpico, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{A0C85F1E-DB22-4C4F-A8DD-75C24BDB2021}, V karanténě, 7264, 921559, , , , , ,

Hodnota v registru: 4
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, V karanténě, 3900, -1, 0.0.0, , action, , ,
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-21-3824366190-495201528-3455353946-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, V karanténě, 3900, -1, 0.0.0, , action, , ,
Hijack.AutoConfigURL.PrxySvrRST, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, V karanténě, 3900, -1, 0.0.0, , action, , ,
Backdoor.Bladabindi.E, HKU\S-1-5-21-3824366190-495201528-3455353946-1001\SOFTWARE\6df0da3e142ce95d9a96d94d160e9392|[KL], V karanténě, 3911, 948611, 1.0.44226, , ame, , ,

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 2
HackTool.KMSpico, C:\PROGRAM FILES\KMSPICO, V karanténě, 7264, 921550, 1.0.44226, , ame, , ,
HackTool.KMSpico, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\KMSPICO, V karanténě, 7264, 921555, 1.0.44226, , ame, , ,

Soubor: 6
Hijack.AutoConfigURL.PrxySvrRST, C:\WINDOWS\SYSTEM32\TASKS\OPTIMIZE THUMBNAIL CACHE, V karanténě, 3900, 943626, 1.0.44226, , ame, , 552AA9358BD6AAC4818373C7EA424701, ABE7FF97AF6B8FF9F9BFED3306281A7D50E6990519E0F3559A0A0A303B20DF76
HackTool.KMSpico, C:\WINDOWS\SYSTEM32\TASKS\AutoPico Daily Restart, V karanténě, 7264, 921559, 1.0.44226, , ame, , 43106A32A68E3DF04D6E1A1F7063E1EA, 1A47A1110164218E5BB39957B5597FB538D73549E4BA850FEB3D79A18322A6A7
Trojan.Crypt, C:\$RECYCLE.BIN\S-1-5-21-3824366190-495201528-3455353946-1001\$RL1CMAW.EXE, V karanténě, 603, 946698, 1.0.44226, 992D35E782D12B3C3F07EC0D, dds, 01382764, 647BCA4D01AF48E3DB97BF2A20788ACF, E3A9E8368E87B76DE04517472BB70FBEF9264C3814D63E6E3D936EF52F18820C
Malware.AI.1245535842, C:\$RECYCLE.BIN\S-1-5-21-3824366190-495201528-3455353946-1001\$RPR43LI.EXE, V karanténě, 1000000, 0, 1.0.44226, 00410020004100004A3D5E62, dds, 01382764, 69F0B5101B68EE990C628DB680767EC8, DCEA8D2286FD6D69B9EEB2D646C9759FEDB00710CF6849B2DAF259FA637351C4
Malware.AI.1791241675, C:\USERS\LENOVO Y50\DOWNLOADS\WINDOWS8 OR 8.1 BY BLUETECHSUPPORT KMSAUTO.ZIP, V karanténě, 1000000, 0, 1.0.44226, 3EC7056BF120B4096AC42DCB, dds, 01382764, 6EA3E1D99599E3D7769AC44D8B980EE0, 6627FBB2A6C1064D5CD2A3A684FFEBAF397EE681DF79352FE6CA09D5DEC22DC1
AutoKMS.HackTool.Patcher.DDS, C:\USERS\LENOVO Y50\DESKTOP\OFFICE\KMSPICO_SETUP.EXE, V karanténě, 1000002, 0, 1.0.44226, 864BFEED806E1AF8BEF223FB, dds, 01382764, 9255DA57BB36247DB4AC983B8183BAB5, B03C86AE3DE18F79382E9DC23992850C7C952C01AA14475E85F280BAFE734BD4

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118152
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Nefunkční klávesnice

#8 Příspěvek od Rudy »

Nalezené položky smažte (dejte do karantény), restartujte a pak dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Stene
Návštěvník
Návštěvník
Příspěvky: 236
Registrován: 03 pro 2013 19:42

Re: Nefunkční klávesnice

#9 Příspěvek od Stene »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-08-2021
Ran by lenovo y50 (23-08-2021 16:24:35)
Running from C:\Users\lenovo y50\Desktop
Windows 10 Home Version 2004 19041.1165 (X64) (2020-08-17 17:21:11)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3824366190-495201528-3455353946-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3824366190-495201528-3455353946-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3824366190-495201528-3455353946-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-3824366190-495201528-3455353946-501 - Limited - Disabled)
lenovo y50 (S-1-5-21-3824366190-495201528-3455353946-1001 - Administrator - Enabled) => C:\Users\lenovo y50
WDAGUtilityAccount (S-1-5-21-3824366190-495201528-3455353946-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.005.20060 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 31.0.0.96 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.0.327 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CS6 (HKLM-x32\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe InDesign CC 2017 (HKLM-x32\...\IDSN_12_0_0) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Altap Salamander 3.08 (x64) (HKLM\...\Altap Salamander 3.08 (x64)) (Version: 3.08 - ALTAP)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{795ee3a0-97fa-489a-9543-7564ccc43be4}) (Version: 18.12.0 - Intel Corporation)
AutoCAD 2018 – Čeština (Czech) (HKLM\...\{28B89EEF-1001-0405-2102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
Autodesk 360 (HKLM\...\{556966D9-F7F6-421B-9707-D07901604DDF}) (Version: 5.0.27.1100 - Autodesk)
Autodesk Advanced Material Library Image Library 2018 (HKLM-x32\...\{177AD7F6-9C77-4E50-BA53-B7259C5F282D}) (Version: 16.11.1.0 - Autodesk)
Autodesk App Manager (HKLM-x32\...\{C8125548-F2D5-4059-823F-1F3C5BBD9F19}) (Version: 1.2.0 - Autodesk)
Autodesk App Manager 2016-2019 (HKLM-x32\...\{C1BF29A7-2D9E-4E8D-A3C1-02F6B20B8AB7}) (Version: 2.5.0 - Autodesk)
Autodesk AutoCAD 2018 – Čeština (Czech) (HKLM\...\AutoCAD 2018 – Čeština (Czech)) (Version: 22.0.49.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.3.0 (HKLM-x32\...\{448BC38C-2654-48CD-BB43-F59A37854A3E}) (Version: 1.3.0.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2015 Add-in 64 bit (HKLM\...\{9D589081-AFC2-4932-9071-AC585AC1EA83}) (Version: 3.32.3004 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service Language Pack (HKLM-x32\...\{A37CDB58-AAE8-0001-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library 2018 (HKLM-x32\...\{7847611E-92E9-4917-B395-71C91D523104}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library 2019 (HKLM-x32\...\{8F69EE2C-DC34-4746-9B47-7511147BD4B0}) (Version: 17.11.3.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2018 (HKLM-x32\...\{FCDED119-A969-4E48-8A32-D21AD6B03253}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2019 (HKLM-x32\...\{3AAA4C1B-51DA-487D-81A3-4234DBB9A8F9}) (Version: 17.11.3.0 - Autodesk)
Autodesk ReCap (HKLM\...\Autodesk ReCap 360) (Version: 5.0.0.40 - Autodesk)
Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.3.1.39 - Autodesk)
Autodesk ReCap Photo (HKLM\...\Autodesk ReCap Photo) (Version: 19.0.0.38 - Autodesk)
Avast Cleanup Premium (HKLM\...\Avast Cleanup) (Version: 21.1.9940.2746 - Avast Software)
Avast Premium Security (HKLM\...\Avast Antivirus) (Version: 21.6.2474 - Avast Software)
balenaEtcher 1.5.113 (HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b) (Version: 1.5.113 - Balena Inc.)
Balíček ovladače systému Windows - Silicon Laboratories (silabenm) Ports (03/19/2014 6.7.0.0) (HKLM\...\B97004A400E30DCF940971EFA7A0C13C6B0A4B66) (Version: 03/19/2014 6.7.0.0 - Silicon Laboratories)
Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden
CPUID HWMonitor 1.43 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.43 - CPUID, Inc.)
CrystalDiskInfo 6.7.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.7.0 - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.6.0.0283 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\Discord) (Version: 1.0.9002 - Discord Inc.)
DocRepair (HKLM-x32\...\DocRepair) (Version: - )
EPSON SX125 Series Printer Uninstall (HKLM\...\EPSON SX125 Series) (Version: - SEIKO EPSON Corporation)
ExultMySQLTrial (HKLM-x32\...\ExultMySQLTrial) (Version: 1.4 - Novixys Software, Inc.)
FARO LS 1.1.700.0 (64bit) (HKLM-x32\...\{FF6E9382-0B85-48DE-888F-76EFD9A87038}) (Version: 7.0.0.23 - FARO Scanner Production)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 92.0.4515.159 - Google LLC)
HD Tune Pro 5.75 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software)
Import souborů SketchUp (HKLM-x32\...\{C403E867-FCF1-432B-BCC1-8FFD40A10A6E}) (Version: 1.2.0 - Autodesk)
InfoRapid Search & Replace (HKLM-x32\...\InfoRapid Search & Replace) (Version: 3.1f - Ingo Straub Softwareentwicklung)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4624 - Intel Corporation)
IVI VISA COM Standard Components (HKLM-x32\...\{D2533218-3B3D-46C6-ABAA-898EB2908589}) (Version: 1.0.0 - IVI Foundation Inc.) Hidden
IVI VISA COM Standard Components (HKLM-x32\...\IviVisaComStandardComponents) (Version: - )
Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Ledger Live 2.26.1 (HKLM\...\c62032b2-0bca-5abc-b458-fd67cfc9e49b) (Version: 2.26.1 - Ledger Live Team)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Light Image Resizer 4.7.7.0 (HKLM-x32\...\{EBE030DD-D404-4D92-85E9-8C3624820808}_is1) (Version: 4.7.7.0 - ObviousIdea)
Malwarebytes version 4.4.4.126 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.4.126 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 92.0.902.78 - Microsoft Corporation)
Microsoft Office Professional 2019 - cs-cz (HKLM\...\Professional2019Retail - cs-cz) (Version: 16.0.14026.20264 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\OneDriveSetup.exe) (Version: 21.109.0530.0001 - Microsoft Corporation)
Microsoft Project - en-us (HKLM\...\ProjectProRetail - en-us) (Version: 16.0.14026.20264 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{852D8FE5-BC66-4061-B1C4-CADF51E5B27D}) (Version: 2.82.0.0 - Microsoft Corporation)
Microsoft Visio - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.14026.20264 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 91.0.1 (x64 cs)) (Version: 91.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 78.5.0 - Mozilla)
National Instruments Software (HKLM-x32\...\NI Uninstaller) (Version: - National Instruments)
NVIDIA GeForce Experience 3.12.0.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.12.0.84 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 390.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 390.77 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 390.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 390.77 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20264 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20264 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PingPlotter 5 (HKLM-x32\...\{84B2BC22-7967-47A5-B7FF-6297F95E1D39}) (Version: 5.4.3.2773 - Pingman Tools, LLC) Hidden
PingPlotter 5 (HKLM-x32\...\PingPlotter 5 5.4.3.2773) (Version: 5.4.3.2773 - Pingman Tools, LLC)
Počítačová aplikace Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 8.0.0.46 - Autodesk)
PremiumSoft Navicat Premium 12.0 (HKLM\...\PremiumSoft Navicat Premium 12_is1) (Version: 12.0.29 - PremiumSoft CyberTech Ltd.)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.2.2750 - Jan Fiala)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.1 - Qualcomm Atheros)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7525 - Realtek Semiconductor Corp.)
Replace Text (HKLM-x32\...\{E9DD578F-85DD-4FA4-B861-7752F75F6324}) (Version: 2.2 - Ecobyte)
Rozvrh 6 (HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\Rozvrh 6) (Version: 6.17 - RNDr. Červený)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.06.00.08(07.09.2016) - Samsung Electronics Co., Ltd.)
Samsung M2070 Series (HKLM-x32\...\Samsung M2070 Series) (Version: 1.27 (21.07.2017) - Samsung Electronics Co., Ltd.)
Samsung OCR Software (HKLM-x32\...\Samsung OCR Software) (Version: 1.01.18 (31.05.2018) - HP Printing Korea Co., Ltd.)
Samsung Printer Diagnostics (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.1.6.02 - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (HKLM-x32\...\Samsung Scan Process Machine) (Version: 1.03.05.18 - Samsung Electronics Co., Ltd.) Hidden
Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 1.2.19.0 - Samsung Electronics Co., Ltd.)
Search and Replace (x64) (HKLM\...\Search and Replace (x64 Shareware)_is1) (Version: 8.1 - Funduc Software Inc.)
SetIP (HKLM-x32\...\SetIP) (Version: 1.05.08.00 - Samsung Electronics Co., Ltd.)
Speciální aplikace Autodesk (HKLM-x32\...\{EDDEE94B-214D-4B07-9727-A3E46F3E379A}) (Version: 1.2.0 - Autodesk)
Speciální aplikace Autodesk 2016-2019 (HKLM-x32\...\{79F5747D-A961-4CCD-88B0-41F004D79AEB}) (Version: 2.5.0 - Autodesk)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
SSDlife Pro (HKLM-x32\...\{274A0362-DB46-4C5F-9D03-B1EEE404ED2B}) (Version: 2.5.76 - BinarySense Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.5 - Synaptics Incorporated)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Telegram Desktop version 2.7.4 (HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.7.4 - Telegram FZ-LLC)
TextCrawler Pro 3.1.1 (HKLM-x32\...\TextCrawler Pro) (Version: 3.1.1 - DigitalVolcano Software Ltd)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{F49D6A65-1AB6-4728-9FDA-DB5BAB631CF6}) (Version: 1.23.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinHTTrack Website Copier 3.49-2 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.49.2 - HTTrack)
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
Xml Viewer (HKLM-x32\...\{F58E04CD-6E76-43C8-AAF1-482225C2910E}) (Version: 3 - MindFusion Limited)
Zoner Callisto 5 FREE (HKLM-x32\...\ZonerCallisto5_CZ_is1) (Version: 5.0.5000.16 - ZONER software)
Zoner Photo Studio X CS (HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\ZPS X) (Version: 19.2009.2.286 - ZONER software)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-07] (Autodesk Inc.)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-03-04] (Microsoft Corporation)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt [2021-04-11] (Facebook Inc) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5310.0_x64__8wekyb3d8bbwe [2021-06-08] (Microsoft Studios) [MS Ad]
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2019-07-10] (Samsung Electronics Co. Ltd.)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3824366190-495201528-3455353946-1001_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-3824366190-495201528-3455353946-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-3824366190-495201528-3455353946-1001_Classes\CLSID\{4AC6DFE1-607B-45B2-B289-D7FBCD44169C}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2019\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-3824366190-495201528-3455353946-1001_Classes\CLSID\{74D0CE91-F931-4FAC-BEA9-EE32E43EAD37}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2019\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-3824366190-495201528-3455353946-1001_Classes\CLSID\{9AAF0EB6-42D8-46C1-A2EF-679511B37A0D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3824366190-495201528-3455353946-1001_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3824366190-495201528-3455353946-1001_Classes\CLSID\{C78B614E-F3EA-11D2-94A1-00E0292A01E3}\InprocServer32 -> C:\Program Files\Altap Salamander\utils\salextx64.dll (ALTAP) [File not signed]
CustomCLSID: HKU\S-1-5-21-3824366190-495201528-3455353946-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2018\cs-CZ\acadficn.dll (Autodesk Development Sarl -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3824366190-495201528-3455353946-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-3824366190-495201528-3455353946-1001_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll () [File not signed]
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-08-16] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2018-06-07] (Autodesk, Inc. -> Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-08-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2018-06-07] (Autodesk, Inc. -> Autodesk)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-08-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1-x32: [SEStart] -> {0CAF1FA2-6F8D-11D5-84C7-0000836958D3} => C:\Program Files (x86)\seRapid\SEStart.dll [2003-07-12] () [File not signed]
ContextMenuHandlers1: [SrExt] -> {a90d5ea2-a1d7-11cf-8dc1-00805fc2353f} => C:\Program Files\SR\SrExt64.dll [2017-06-01] (Funduc Software Inc -> Funduc Software Inc. hxxp://www.funduc.com)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2-x32: [SEStart] -> {0CAF1FA2-6F8D-11D5-84C7-0000836958D3} => C:\Program Files (x86)\seRapid\SEStart.dll [2003-07-12] () [File not signed]
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-08-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-08-18] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4-x32: [SEStart] -> {0CAF1FA2-6F8D-11D5-84C7-0000836958D3} => C:\Program Files (x86)\seRapid\SEStart.dll [2003-07-12] () [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-04-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-01-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-08-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-08-18] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [SrExt] -> {a90d5ea2-a1d7-11cf-8dc1-00805fc2353f} => C:\Program Files\SR\SrExt64.dll [2017-06-01] (Funduc Software Inc -> Funduc Software Inc. hxxp://www.funduc.com)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-3824366190-495201528-3455353946-1001: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] () [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\lenovo y50\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Ledger Manager.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=beimhnaefocolcplfimocfiaiefpkgbf
ShortcutWithArgument: C:\Users\lenovo y50\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Ledger Wallet Bitcoin.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=kkdpmhnladdopljabkgpacgpliggeeaf
ShortcutWithArgument: C:\Users\lenovo y50\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Ledger Wallet Ethereum.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=hmlhkialjkaldndjnlcdfdphcgeadkkm
ShortcutWithArgument: C:\Users\lenovo y50\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Kristýna - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) =============

2017-06-01 14:49 - 2014-11-02 18:45 - 000029184 _____ () [File not signed] C:\Program Files (x86)\PSPad editor\pspshellx64.dll
2008-06-17 18:38 - 2008-06-17 18:38 - 000144896 _____ (National Instruments Corporation) [File not signed] C:\Program Files (x86)\National Instruments\Shared\Security\nidm_client_thinauth.dll
2020-08-17 19:08 - 2018-01-24 00:42 - 000877440 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll
2020-08-17 19:08 - 2018-01-24 00:42 - 000343912 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NvStereo\_nvstapisvr64.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:4FC01C57 [136]
AlternateDataStreams: C:\ProgramData\TEMP:F0DEC06E [134]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-3824366190-495201528-3455353946-1001\Software\Classes\.scr: AutoCADScriptFile =>

==================== Internet Explorer (Whitelisted) ==========

SearchScopes: HKU\S-1-5-21-3824366190-495201528-3455353946-1001 -> {091087FD-CDC1-4F59-8FCB-4D4A5D89393B} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3824366190-495201528-3455353946-1001 -> {1F03A840-5BEF-4413-9892-597FE9C93E5D} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3824366190-495201528-3455353946-1001 -> {25E918EB-C90B-43DF-B0D8-574F25A01A04} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3824366190-495201528-3455353946-1001 -> {33304E3D-0A76-451E-B571-EFB0EB73F618} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-3824366190-495201528-3455353946-1001 -> {59AC8252-9653-4045-BBBF-11CAF3F328D8} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-3824366190-495201528-3455353946-1001 -> {6861D191-73D2-4D98-ADF7-328D3F745575} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3824366190-495201528-3455353946-1001 -> {995C9CAF-FD95-4C4E-B06F-6196A01030DE} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3824366190-495201528-3455353946-1001 -> {A4695064-4274-472E-B9A6-78127035FF11} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-3824366190-495201528-3455353946-1001 -> {B874AA26-D789-49A0-A95A-5236495DD86D} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-05-14] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-04-06] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-04-06] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-14] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-11-21 15:53 - 2020-02-14 16:04 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\IVI Foundation\VISA\WinNT\Bin\;C:\Program Files (x86)\IVI Foundation\VISA\WinNT\Bin;C:\Program Files\IVI Foundation\VISA\Win64\Bin\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-3824366190-495201528-3455353946-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\Control Panel\Desktop\\Wallpaper -> c:\veci na plose\svatba\svatba fotky - viktor\dsc00086.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "RtHDVCpl"
HKLM\...\StartupApproved\Run: => "RtHDVBg_Dolby"
HKLM\...\StartupApproved\Run: => "RtHDVBg_LENOVO_DOLBYDRAGON"
HKLM\...\StartupApproved\Run: => "RtHDVBg_LENOVO_MICPKEY"
HKLM\...\StartupApproved\Run: => "SynTPEnh"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "CDAServer"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "ADSKAppManager"
HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"
HKU\S-1-5-21-3824366190-495201528-3455353946-1000\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\StartupApproved\StartupFolder: => "DeskPins.lnk"
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\StartupApproved\Run: => "EPSON SX125 Series"
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\StartupApproved\Run: => "Boxoft Tools"
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\StartupApproved\Run: => "Autodesk Sync"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{24E3ECB3-BCE8-4F1B-980A-D599E5D702BB}C:\program files\altap salamander\salamand.exe] => (Allow) C:\program files\altap salamander\salamand.exe (ALTAP, spol. s r.o. -> ALTAP)
FirewallRules: [TCP Query User{D9E9C92F-D061-4FF4-ABF2-28FB012ABE35}C:\program files\altap salamander\salamand.exe] => (Allow) C:\program files\altap salamander\salamand.exe (ALTAP, spol. s r.o. -> ALTAP)
FirewallRules: [UDP Query User{828C045F-A5CE-495C-A731-89CCA2D7327E}C:\users\lenovo y50\desktop\miner\ethdcrminer64.exe] => (Allow) C:\users\lenovo y50\desktop\miner\ethdcrminer64.exe => No File
FirewallRules: [TCP Query User{6B2C73A6-A77E-4E18-97DC-1EB4832B922C}C:\users\lenovo y50\desktop\miner\ethdcrminer64.exe] => (Allow) C:\users\lenovo y50\desktop\miner\ethdcrminer64.exe => No File
FirewallRules: [{41741D08-F46D-427C-85A7-1F18B7665862}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{737C3AEA-8CFC-430A-AACA-61CBDCA2EFE7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CE71205E-63F9-4C49-A5E6-3714EBF7F383}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8ECD812E-18FC-426A-AF5A-57D0DD9D24DF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{79D71EBB-14A0-40F8-BB44-E064B05920AD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C1E8B986-76DD-4349-94E9-744D72BC1493}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{53573FF1-DE9D-423D-9246-A4BC24B6CB77}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{AA52A424-8544-4211-B759-68B170C2B6E2}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{17CE20AE-45F6-462A-A219-FC237B6C4CDA}C:\users\lenovo y50\desktop\stronghold crusader\stronghold crusader.exe] => (Allow) C:\users\lenovo y50\desktop\stronghold crusader\stronghold crusader.exe => No File
FirewallRules: [TCP Query User{0FE0672C-67A9-420F-9702-FFDFA93989BC}C:\users\lenovo y50\desktop\stronghold crusader\stronghold crusader.exe] => (Allow) C:\users\lenovo y50\desktop\stronghold crusader\stronghold crusader.exe => No File
FirewallRules: [UDP Query User{7FD20A1F-8728-46DC-9360-5DCFC1F2E9D5}C:\program files (x86)\altap salamander\salamand.exe] => (Allow) C:\program files (x86)\altap salamander\salamand.exe => No File
FirewallRules: [TCP Query User{5E5AB382-1EDA-494E-A553-F46B27C852C0}C:\program files (x86)\altap salamander\salamand.exe] => (Allow) C:\program files (x86)\altap salamander\salamand.exe => No File
FirewallRules: [{9D5E78E9-B093-4C3F-BA1A-E39AA12EE7E9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{56E3EF4D-4367-48CA-9DBB-BE3C0AA382BB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D95C6490-E670-4482-A363-51AF160B28F6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe => No File
FirewallRules: [{311DC6F6-1F0F-458E-A3B9-FC064BF68DB5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe => No File
FirewallRules: [TCP Query User{42F3CAA6-7D73-470D-A881-A840C85F08DC}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{11C7AEFC-4285-4311-A457-EE0289047ED1}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{ABA7FC40-8BB0-4891-BB2F-DD2975AD16E0}] => (Allow) C:\Users\lenovo y50\AppData\Local\Apowersoft\Online Video Converter\Online Video Converter.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{ACF5B076-FE40-4631-8A66-378656FFDD0D}] => (Allow) C:\Users\lenovo y50\AppData\Local\Apowersoft\Online Video Converter\Online Video Converter.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{BBBE9C57-E134-4C29-9A7D-2F2008D7F2DA}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe => No File
FirewallRules: [{890A6187-5440-4002-AB6C-B94DBB6C7979}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe => No File
FirewallRules: [TCP Query User{6FD2326B-7FDB-48BE-83E6-DE048F417422}C:\program files\benbox\3.7.99\bin\laserdaemon.exe] => (Allow) C:\program files\benbox\3.7.99\bin\laserdaemon.exe => No File
FirewallRules: [UDP Query User{293A24BB-7CE5-4352-AD64-241CBC3B7EA4}C:\program files\benbox\3.7.99\bin\laserdaemon.exe] => (Allow) C:\program files\benbox\3.7.99\bin\laserdaemon.exe => No File
FirewallRules: [{86683E34-1918-480E-BF45-2166F1EB244E}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{02FC82C0-293B-4A02-BE2A-F4F524CD1451}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{D8BD20AA-9B71-40B1-8662-30DCFF4612E5}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{627E4181-15D3-4476-96C7-BFF742FA50D7}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{7533975D-9629-4C81-B6A5-43A01F8B71E3}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe (Samsung Electronics Co., Ltd.) [File not signed]
FirewallRules: [{861A7102-F4A8-46A2-A0AA-41393696E8B9}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe (Samsung Electronics Co., Ltd.) [File not signed]
FirewallRules: [{F495A3C4-F2A6-4BA3-AA61-B1A3401F3988}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe (Samsung Electronics Co., Ltd.) [File not signed]
FirewallRules: [{04BE3727-7C73-4019-8570-4CA37AEC9397}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe (Samsung Electronics Co., Ltd.) [File not signed]
FirewallRules: [{B8A01C71-0AC6-4945-84A7-7F97D5717313}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe (Samsung Electronics Co., Ltd.) [File not signed]
FirewallRules: [{70909B39-8CEF-428F-9FDB-9DE550B558F9}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe (ScanProcess) [File not signed]
FirewallRules: [{51A0723C-E1D8-4C1D-A894-F8FC7C9DD399}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe (Scan2PCNotify) [File not signed]
FirewallRules: [{BBEA11FE-4E4C-42DA-A091-AE01AD5D703F}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe => No File
FirewallRules: [{6E45816B-D29B-4FDC-BDB0-66F368058BD1}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe => No File
FirewallRules: [{44A95CD4-7AAE-4F79-8325-B953667A4908}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{753BD8AA-2FFD-4D31-94F7-9AEA47AF329B}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{26C1745E-8BEF-4EB7-BA0F-D0F6D80EEEE6}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{559824FF-091D-41CF-B9A0-4B1534B51471}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{DE83186A-119F-4208-8B03-F0806A776493}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )
FirewallRules: [{575EA4A2-B27A-4C17-8DBF-B10532CA3832}] => (Allow) LPort=50248
FirewallRules: [TCP Query User{EC33E075-BEE4-4E8A-9AC0-C608B1E592C5}C:\counter-strike 1.6 [cswos.com]\hl.exe] => (Allow) C:\counter-strike 1.6 [cswos.com]\hl.exe => No File
FirewallRules: [UDP Query User{528621B9-36B1-4C5F-8CBA-F0F10C02F976}C:\counter-strike 1.6 [cswos.com]\hl.exe] => (Allow) C:\counter-strike 1.6 [cswos.com]\hl.exe => No File
FirewallRules: [{02ED1C72-9781-4955-A1E8-2792211D2723}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4112258B-FFB8-44FA-939C-7209BC7E897E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E3FBE89A-01BE-4D00-B394-769B73719AC3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D5BB7B9B-1864-4C38-AC44-80DD836DA6C6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C4C7CF4A-6FE8-480C-B4CA-7D29714BDB55}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{29F83BBC-FE56-4BCF-8A8B-4BA35B14BF94}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:117.82 GB) (Free:11.45 GB) (10%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (08/23/2021 04:28:16 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2021-09-15T18:02:16Z. Kód chyby: 0x80070002

Error: (08/23/2021 04:27:46 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2021-09-15T18:02:46Z. Kód chyby: 0x80070002

Error: (08/23/2021 04:27:16 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2021-09-15T18:02:16Z. Kód chyby: 0x80070002

Error: (08/23/2021 04:26:46 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2021-09-15T18:02:46Z. Kód chyby: 0x80070002

Error: (08/23/2021 04:26:16 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2021-09-15T18:02:16Z. Kód chyby: 0x80070002

Error: (08/23/2021 04:25:46 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2021-09-15T18:02:46Z. Kód chyby: 0x80070002

Error: (08/23/2021 04:25:16 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2021-09-15T18:02:16Z. Kód chyby: 0x80070002

Error: (08/23/2021 04:24:46 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2021-09-15T18:02:46Z. Kód chyby: 0x80070002


System errors:
=============
Error: (08/21/2021 08:09:47 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Malwarebytes Service se po přijetí pokynu pro vypnutí neukončila správně.

Error: (08/21/2021 08:09:27 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Avast Antivirus se po přijetí pokynu pro vypnutí neukončila správně.

Error: (08/20/2021 07:55:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Malwarebytes Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (08/18/2021 08:21:33 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1ASUH46)
Description: Server {3EB3C877-1F16-487C-9050-104DBCD66683} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/18/2021 08:21:33 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1ASUH46)
Description: Server {3EB3C877-1F16-487C-9050-104DBCD66683} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/18/2021 08:21:33 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1ASUH46)
Description: Server {3EB3C877-1F16-487C-9050-104DBCD66683} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/18/2021 08:21:33 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1ASUH46)
Description: Server {3EB3C877-1F16-487C-9050-104DBCD66683} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/18/2021 08:21:33 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1ASUH46)
Description: Server {3EB3C877-1F16-487C-9050-104DBCD66683} se v daném časovém limitu neregistroval u služby DCOM.


CodeIntegrity:
===============
Date: 2021-08-23 16:24:52
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2021-08-23 16:19:50
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Autodesk\Autodesk Sync\AdSyncNamespace.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-08-23 16:09:20
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\setup\uat_3336.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-08-23 16:04:14
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO 9ECN43WW(V3.03) 08/12/2015
Motherboard: LENOVO Lenovo Y50-70
Processor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Percentage of memory in use: 28%
Total physical RAM: 16296.27 MB
Available physical RAM: 11631.71 MB
Total Virtual: 18728.27 MB
Available Virtual: 13907.53 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:117.82 GB) (Free:11.45 GB) NTFS

\\?\Volume{ae0069c6-5eb7-4d22-825f-989da3ffc9f1}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{2d9286d5-7479-4fb1-909a-d2b4c50cfc92}\ () (Fixed) (Total:0.87 GB) (Free:0.4 GB) NTFS
\\?\Volume{0e7f7cd5-22df-464a-8ce3-0804deb18d0e}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 119.2 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================










Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-08-2021
Ran by lenovo y50 (administrator) on DESKTOP-1ASUH46 (LENOVO 20378) (21-08-2021 20:13:41)
Running from C:\Users\lenovo y50\Desktop
Loaded Profiles: lenovo y50
Platform: Windows 10 Home Version 2004 19041.1083 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Cleanup\TuneupSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Cleanup\TuneupUI.exe <3>
(Discord Inc. -> Discord Inc.) C:\Users\lenovo y50\AppData\Local\Discord\app-1.0.9002\Discord.exe <6>
(Flexera Software LLC -> Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <11>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler64.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2105.19601.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(National Instruments Corporation -> National Instruments Corporation) C:\Windows\SysWOW64\lkads.exe
(National Instruments Corporation -> National Instruments Corporation) C:\Windows\SysWOW64\lktsrv.exe
(National Instruments Corporation -> National Instruments, Inc.) C:\Windows\SysWOW64\lkcitdl.exe
(NITestingCert -> National Instruments Corporation) [File not signed] C:\Windows\SysWOW64\nisvcloc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [123672 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] (Samsung Electronics CO., LTD. -> )
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\Avast Software\Cleanup\TuneupUI.exe [2429664 2021-03-23] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3947704 2015-08-29] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [664872 2020-03-04] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4836032 2017-08-14] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\Run: [Boxoft Tools] => C:\ProgramData\Boxtools\Boxofttoolbox.exe [2590208 2010-11-19] () [File not signed]
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\Run: [EPSON SX125 Series] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGGE.EXE [224768 2009-09-14] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1193352 2014-02-08] (Autodesk, Inc -> Autodesk, Inc.)
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\Run: [Discord] => C:\Users\lenovo y50\AppData\Local\Discord\Update.exe [1512104 2021-05-24] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\Policies\Explorer: []
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\MountPoints2: {e01ab139-4494-11ea-89bb-28e34710e678} - "D:\WifiAutoInstallSetup.exe"
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\MountPoints2: {f8c76e50-dfce-11e9-89b2-28e34710e678} - "D:\WifiAutoInstallSetup.exe"
HKLM\...\Windows x64\Print Processors\ssm4mPC: C:\Windows\System32\spool\prtprocs\x64\ssm4mpc.dll [43520 2017-07-10] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\ssm4m Langmon: C:\WINDOWS\system32\ssm4mlm.dll [22528 2017-07-10] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\92.0.4515.159\Installer\chrmstp.exe [2021-08-20] (Google LLC -> Google LLC)
BootExecute: autocheck autochk * icarus_rvrt.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {3FF1B38B-6AC4-4E08-A1A5-9A453FC9CDC5} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-04-29] (Avast Software s.r.o. -> Avast Software)
Task: {4C468DEB-5790-4C41-B8C9-D94A0871B40D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-01] (Google Inc -> Google Inc.)
Task: {4FEC45B1-9C98-4206-ADB5-AEEB267B1485} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-01] (Google Inc -> Google Inc.)
Task: {7FAAD9D1-921C-49A2-A1FE-65E22FE2DDFF} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4902680 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
Task: {E5DCDEDA-DFE9-4931-B8FB-7C243BE35750} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-26] (Adobe Inc. -> Adobe Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1c5338a1-16ff-41ed-9741-a4798804c049}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{3564587d-8761-4c69-be3d-1664156dc6f5}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{6320084a-1dea-4c69-833c-46d4604e39dc}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{650a28d4-a1d6-4c21-a0a2-38cc38b8de5c}: [DhcpNameServer] 213.226.224.12 8.8.8.8
Tcpip\..\Interfaces\{695c092f-959c-43d9-b8aa-c742d88190ac}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\lenovo y50\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-20]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: 2bz1rpyr.default
FF ProfilePath: C:\Users\lenovo y50\AppData\Roaming\Mozilla\Firefox\Profiles\2bz1rpyr.default [2021-08-18]
FF user.js: detected! => C:\Users\lenovo y50\AppData\Roaming\Mozilla\Firefox\Profiles\2bz1rpyr.default\user.js [2018-02-28]
FF NewTabOverride: Mozilla\Firefox\Profiles\2bz1rpyr.default -> Enabled: {ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: (Seznam doplněk - Esko) - C:\Users\lenovo y50\AppData\Roaming\Mozilla\Firefox\Profiles\2bz1rpyr.default\Extensions\sko-extension@firma.seznam.cz.xpi [2021-01-10]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\lenovo y50\AppData\Roaming\Mozilla\Firefox\Profiles\2bz1rpyr.default\Extensions\sp@avast.com.xpi [2021-01-10]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-04-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-04-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-01-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-01-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-07-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default [2021-08-21]
CHR Notifications: Default -> hxxps://chat.simplemining.net; hxxps://coinstats.app; hxxps://www.malvik.cz; hxxps://www.tradingview.com; hxxps://www.youtube.com
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://seznam.cz/"
CHR Extension: (Překladač Google) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2021-08-15]
CHR Extension: (Prezentace) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-27]
CHR Extension: (Ledger Manager) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\beimhnaefocolcplfimocfiaiefpkgbf [2020-07-24]
CHR Extension: (YouTube) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-01]
CHR Extension: (Webkamera) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfpjcegkjhdnnempidlgmeoaiilpidep [2018-05-17]
CHR Extension: (Proxy SwitchySharp) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm [2020-03-15]
CHR Extension: (Adobe Acrobat) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-03-12]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-11-10]
CHR Extension: (Tabulky) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-25]
CHR Extension: (Ledger Wallet Ethereum) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmlhkialjkaldndjnlcdfdphcgeadkkm [2019-03-20]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-08-18]
CHR Extension: (Ledger Wallet Bitcoin) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkdpmhnladdopljabkgpacgpliggeeaf [2020-07-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2020-04-06]
CHR Extension: (Gmail) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-30]
CHR Profile: C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-08-21]
CHR Profile: C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-08-16]
CHR HomePage: Profile 1 -> hxxps://www.google.com/
CHR StartupUrls: Profile 1 -> "hxxps://www.google.cz/"
CHR Extension: (Překladač Google) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-03-20]
CHR Extension: (Prezentace) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-05-11]
CHR Extension: (Dokumenty) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2019-05-11]
CHR Extension: (Disk Google) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-11]
CHR Extension: (YouTube) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-05-11]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-07-28]
CHR Extension: (Adobe Acrobat) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-03-29]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-11-11]
CHR Extension: (Tabulky) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-05-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-11]
CHR Extension: (Gmail) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-27]
CHR Extension: (Chrome Media Router) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-11]
CHR Profile: C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\System Profile [2021-08-21]
CHR HKU\S-1-5-21-3824366190-495201528-3455353946-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1046904 2020-03-04] (Autodesk, Inc. -> Autodesk Inc.)
S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-26] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8262736 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
S4 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc -> Autodesk, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [627480 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [1616664 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [374552 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-05-22] (Avast Software s.r.o. -> AVAST Software)
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [12414176 2021-03-23] (Avast Software s.r.o. -> AVAST Software)
S4 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11279752 2021-05-25] (Microsoft Corporation -> Microsoft Corporation)
S4 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-08-14] (Disc Soft Ltd -> Disc Soft Ltd)
R2 LkCitadelServer; C:\WINDOWS\SysWOW64\lkcitdl.exe [695136 2008-06-17] (National Instruments Corporation -> National Instruments, Inc.)
R2 lkClassAds; C:\WINDOWS\SysWOW64\lkads.exe [40488 2008-06-17] (National Instruments Corporation -> National Instruments Corporation)
R2 lkTimeSync; C:\WINDOWS\SysWOW64\lktsrv.exe [50736 2008-06-17] (National Instruments Corporation -> National Instruments Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7477704 2021-08-18] (Malwarebytes Inc -> Malwarebytes)
S4 mxssvr; C:\Program Files (x86)\National Instruments\MAX\nimxs.exe [12696 2008-04-02] (National Instruments Corporation -> National Instruments Corporation)
S4 NIDomainService; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [213552 2008-06-17] (National Instruments Corporation -> National Instruments Corporation)
S4 NILM License Manager; C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe [1007616 2008-06-12] (Macrovision Corporation) [File not signed]
S4 niLXIDiscovery; C:\Program Files (x86)\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe [129144 2008-06-20] (National Instruments Corporation -> National Instruments Corporation)
S4 nimDNSResponder; C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [192112 2008-06-18] (National Instruments Corporation -> National Instruments Corporation)
R2 niSvcLoc; C:\WINDOWS\SysWOW64\nisvcloc.exe [8656 2007-11-06] (NITestingCert -> National Instruments Corporation) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\NisSrv.exe [3004048 2019-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MsMpEng.exe [103384 2019-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2017-04-15] (ASUSTeK Computer Inc. -> )
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [218976 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [367640 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250392 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99352 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [17344 2021-08-16] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41352 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [184648 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [559816 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108408 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82904 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851704 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [471920 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215392 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [328568 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [21928 2013-06-04] (BoiseTest -> Windows (R) Win 7 DDK provider)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-09-25] (Disc Soft Ltd -> Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-08-18] (Malwarebytes Inc -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-08-18] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-08-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-08-21] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69016 2021-08-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-08-18] (Malwarebytes Inc -> Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [156880 2021-08-20] (Malwarebytes Inc -> Malwarebytes)
S3 nidimk; C:\WINDOWS\system32\drivers\nidimkl.sys [11872 2008-06-13] (National Instruments Corporation -> National Instruments Corporation)
S3 niorbk; C:\WINDOWS\system32\drivers\niorbkl.sys [11856 2008-06-13] (National Instruments Corporation -> National Instruments Corporation)
S3 nipalfwedl; C:\WINDOWS\System32\drivers\nipalfwedl.sys [12928 2008-06-13] (National Instruments Corporation -> National Instruments Corporation)
R0 NIPALK; C:\WINDOWS\System32\drivers\nipalk.sys [875096 2008-06-13] (National Instruments Corporation -> National Instruments Corporation)
S3 nipalusbedl; C:\WINDOWS\System32\drivers\nipalusbedl.sys [12920 2008-06-13] (National Instruments Corporation -> National Instruments Corporation)
R0 nipbcfk; C:\WINDOWS\System32\drivers\nipbcfk.sys [16472 2007-07-10] (National Instruments Corporation -> National Instruments Corporation)
S3 NiViFWK; C:\WINDOWS\System32\drivers\NiViFWKl.sys [11896 2008-06-20] (National Instruments Corporation -> National Instruments Corporation)
S3 NiViPciK; C:\WINDOWS\System32\drivers\NiViPciKl.sys [11872 2008-06-20] (National Instruments Corporation -> National Instruments Corporation)
R2 NiViPxiK; C:\WINDOWS\System32\drivers\NiViPxiKl.sys [11872 2008-06-20] (National Instruments Corporation -> National Instruments Corporation)
S3 RtlWlanu; C:\WINDOWS\System32\drivers\rtl8188gu.sys [1208768 2018-04-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46688 2019-10-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [350136 2019-10-14] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54200 2019-10-14] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [123672 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] (Samsung Electronics CO., LTD. -> )
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\Avast Software\Cleanup\TuneupUI.exe [2429664 2021-03-23] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3947704 2015-08-29] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [664872 2020-03-04] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4836032 2017-08-14] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\Run: [Boxoft Tools] => C:\ProgramData\Boxtools\Boxofttoolbox.exe [2590208 2010-11-19] () [File not signed]
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\Run: [EPSON SX125 Series] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGGE.EXE [224768 2009-09-14] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1193352 2014-02-08] (Autodesk, Inc -> Autodesk, Inc.)
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\Run: [Discord] => C:\Users\lenovo y50\AppData\Local\Discord\Update.exe [1512104 2021-05-24] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\Policies\Explorer: []
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\MountPoints2: {e01ab139-4494-11ea-89bb-28e34710e678} - "D:\WifiAutoInstallSetup.exe"
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\MountPoints2: {f8c76e50-dfce-11e9-89b2-28e34710e678} - "D:\WifiAutoInstallSetup.exe"
HKLM\...\Windows x64\Print Processors\ssm4mPC: C:\Windows\System32\spool\prtprocs\x64\ssm4mpc.dll [43520 2017-07-10] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\ssm4m Langmon: C:\WINDOWS\system32\ssm4mlm.dll [22528 2017-07-10] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\92.0.4515.159\Installer\chrmstp.exe [2021-08-20] (Google LLC -> Google LLC)
BootExecute: autocheck autochk * icarus_rvrt.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {3FF1B38B-6AC4-4E08-A1A5-9A453FC9CDC5} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-04-29] (Avast Software s.r.o. -> Avast Software)
Task: {4C468DEB-5790-4C41-B8C9-D94A0871B40D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-01] (Google Inc -> Google Inc.)
Task: {4FEC45B1-9C98-4206-ADB5-AEEB267B1485} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-01] (Google Inc -> Google Inc.)
Task: {7FAAD9D1-921C-49A2-A1FE-65E22FE2DDFF} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4902680 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
Task: {E5DCDEDA-DFE9-4931-B8FB-7C243BE35750} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-26] (Adobe Inc. -> Adobe Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1c5338a1-16ff-41ed-9741-a4798804c049}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{3564587d-8761-4c69-be3d-1664156dc6f5}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{6320084a-1dea-4c69-833c-46d4604e39dc}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{650a28d4-a1d6-4c21-a0a2-38cc38b8de5c}: [DhcpNameServer] 213.226.224.12 8.8.8.8
Tcpip\..\Interfaces\{695c092f-959c-43d9-b8aa-c742d88190ac}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\lenovo y50\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-22]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: 2bz1rpyr.default
FF ProfilePath: C:\Users\lenovo y50\AppData\Roaming\Mozilla\Firefox\Profiles\2bz1rpyr.default [2021-08-18]
FF user.js: detected! => C:\Users\lenovo y50\AppData\Roaming\Mozilla\Firefox\Profiles\2bz1rpyr.default\user.js [2018-02-28]
FF NewTabOverride: Mozilla\Firefox\Profiles\2bz1rpyr.default -> Enabled: {ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: (Seznam doplněk - Esko) - C:\Users\lenovo y50\AppData\Roaming\Mozilla\Firefox\Profiles\2bz1rpyr.default\Extensions\sko-extension@firma.seznam.cz.xpi [2021-01-10]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\lenovo y50\AppData\Roaming\Mozilla\Firefox\Profiles\2bz1rpyr.default\Extensions\sp@avast.com.xpi [2021-01-10]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-04-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-04-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-01-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-01-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-07-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default [2021-08-21]
CHR Notifications: Default -> hxxps://chat.simplemining.net; hxxps://coinstats.app; hxxps://www.malvik.cz; hxxps://www.tradingview.com; hxxps://www.youtube.com
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://seznam.cz/"
CHR Extension: (Překladač Google) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2021-08-15]
CHR Extension: (Prezentace) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-27]
CHR Extension: (Ledger Manager) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\beimhnaefocolcplfimocfiaiefpkgbf [2020-07-24]
CHR Extension: (YouTube) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-01]
CHR Extension: (Webkamera) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfpjcegkjhdnnempidlgmeoaiilpidep [2018-05-17]
CHR Extension: (Proxy SwitchySharp) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm [2020-03-15]
CHR Extension: (Adobe Acrobat) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-03-12]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-11-10]
CHR Extension: (Tabulky) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-25]
CHR Extension: (Ledger Wallet Ethereum) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmlhkialjkaldndjnlcdfdphcgeadkkm [2019-03-20]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-08-18]
CHR Extension: (Ledger Wallet Bitcoin) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkdpmhnladdopljabkgpacgpliggeeaf [2020-07-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2020-04-06]
CHR Extension: (Gmail) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-30]
CHR Profile: C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-08-21]
CHR Profile: C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-08-16]
CHR HomePage: Profile 1 -> hxxps://www.google.com/
CHR StartupUrls: Profile 1 -> "hxxps://www.google.cz/"
CHR Extension: (Překladač Google) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-03-20]
CHR Extension: (Prezentace) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-05-11]
CHR Extension: (Dokumenty) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2019-05-11]
CHR Extension: (Disk Google) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-11]
CHR Extension: (YouTube) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-05-11]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-07-28]
CHR Extension: (Adobe Acrobat) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-03-29]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-11-11]
CHR Extension: (Tabulky) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-05-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-11]
CHR Extension: (Gmail) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-27]
CHR Extension: (Chrome Media Router) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-11]
CHR Profile: C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\System Profile [2021-08-21]
CHR HKU\S-1-5-21-3824366190-495201528-3455353946-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1046904 2020-03-04] (Autodesk, Inc. -> Autodesk Inc.)
S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-26] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8262736 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
S4 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc -> Autodesk, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [627480 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [1616664 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [374552 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-05-22] (Avast Software s.r.o. -> AVAST Software)
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [12414176 2021-03-23] (Avast Software s.r.o. -> AVAST Software)
S4 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11279752 2021-05-25] (Microsoft Corporation -> Microsoft Corporation)
S4 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-08-14] (Disc Soft Ltd -> Disc Soft Ltd)
R2 LkCitadelServer; C:\WINDOWS\SysWOW64\lkcitdl.exe [695136 2008-06-17] (National Instruments Corporation -> National Instruments, Inc.)
R2 lkClassAds; C:\WINDOWS\SysWOW64\lkads.exe [40488 2008-06-17] (National Instruments Corporation -> National Instruments Corporation)
R2 lkTimeSync; C:\WINDOWS\SysWOW64\lktsrv.exe [50736 2008-06-17] (National Instruments Corporation -> National Instruments Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7477704 2021-08-18] (Malwarebytes Inc -> Malwarebytes)
S4 mxssvr; C:\Program Files (x86)\National Instruments\MAX\nimxs.exe [12696 2008-04-02] (National Instruments Corporation -> National Instruments Corporation)
S4 NIDomainService; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [213552 2008-06-17] (National Instruments Corporation -> National Instruments Corporation)
S4 NILM License Manager; C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe [1007616 2008-06-12] (Macrovision Corporation) [File not signed]
S4 niLXIDiscovery; C:\Program Files (x86)\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe [129144 2008-06-20] (National Instruments Corporation -> National Instruments Corporation)
S4 nimDNSResponder; C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [192112 2008-06-18] (National Instruments Corporation -> National Instruments Corporation)
R2 niSvcLoc; C:\WINDOWS\SysWOW64\nisvcloc.exe [8656 2007-11-06] (NITestingCert -> National Instruments Corporation) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\NisSrv.exe [3004048 2019-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MsMpEng.exe [103384 2019-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2017-04-15] (ASUSTeK Computer Inc. -> )
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [218976 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [367640 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250392 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99352 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [17344 2021-08-16] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41352 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [184648 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [559816 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108408 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82904 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851704 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [471920 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215392 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [328568 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [21928 2013-06-04] (BoiseTest -> Windows (R) Win 7 DDK provider)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-09-25] (Disc Soft Ltd -> Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-08-18] (Malwarebytes Inc -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-08-18] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-08-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-08-22] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69016 2021-08-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-08-18] (Malwarebytes Inc -> Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [156880 2021-08-20] (Malwarebytes Inc -> Malwarebytes)
S3 nidimk; C:\WINDOWS\system32\drivers\nidimkl.sys [11872 2008-06-13] (National Instruments Corporation -> National Instruments Corporation)
S3 niorbk; C:\WINDOWS\system32\drivers\niorbkl.sys [11856 2008-06-13] (National Instruments Corporation -> National Instruments Corporation)
S3 nipalfwedl; C:\WINDOWS\System32\drivers\nipalfwedl.sys [12928 2008-06-13] (National Instruments Corporation -> National Instruments Corporation)
R0 NIPALK; C:\WINDOWS\System32\drivers\nipalk.sys [875096 2008-06-13] (National Instruments Corporation -> National Instruments Corporation)
S3 nipalusbedl; C:\WINDOWS\System32\drivers\nipalusbedl.sys [12920 2008-06-13] (National Instruments Corporation -> National Instruments Corporation)
R0 nipbcfk; C:\WINDOWS\System32\drivers\nipbcfk.sys [16472 2007-07-10] (National Instruments Corporation -> National Instruments Corporation)
S3 NiViFWK; C:\WINDOWS\System32\drivers\NiViFWKl.sys [11896 2008-06-20] (National Instruments Corporation -> National Instruments Corporation)
S3 NiViPciK; C:\WINDOWS\System32\drivers\NiViPciKl.sys [11872 2008-06-20] (National Instruments Corporation -> National Instruments Corporation)
R2 NiViPxiK; C:\WINDOWS\System32\drivers\NiViPxiKl.sys [11872 2008-06-20] (National Instruments Corporation -> National Instruments Corporation)
S3 RtlWlanu; C:\WINDOWS\System32\drivers\rtl8188gu.sys [1208768 2018-04-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46688 2019-10-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [350136 2019-10-14] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54200 2019-10-14] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-22 00:31 - 2021-08-22 00:31 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-08-22 00:31 - 2021-08-22 00:31 - 000069016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-08-21 20:13 - 2021-08-23 16:17 - 000059020 _____ C:\Users\lenovo y50\Desktop\FRST.txt
2021-08-21 20:13 - 2021-08-21 20:13 - 000000000 ____D C:\Users\lenovo y50\Desktop\FRST-OlderVersion
2021-08-21 11:41 - 2021-08-21 11:41 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-08-21 11:41 - 2021-08-21 11:41 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-08-21 11:41 - 2021-08-21 11:41 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-08-21 11:41 - 2021-08-21 11:41 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb
2021-08-21 11:40 - 2021-08-21 11:40 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-08-21 11:39 - 2021-08-21 11:39 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-08-21 11:39 - 2021-08-21 11:39 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-08-21 11:39 - 2021-08-21 11:39 - 000011347 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-08-21 11:38 - 2021-08-21 11:38 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-08-21 11:38 - 2021-08-21 11:38 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-08-21 11:36 - 2021-08-21 11:36 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-08-21 11:06 - 2021-08-21 11:06 - 000000000 ___HD C:\$WinREAgent
2021-08-18 20:22 - 2021-08-20 19:55 - 000156880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-08-18 20:22 - 2021-08-18 20:22 - 000005355 _____ C:\Users\lenovo y50\Desktop\adww.txt
2021-08-18 20:21 - 2021-08-18 20:21 - 000005634 _____ C:\Users\lenovo y50\Desktop\adw.txt
2021-08-18 20:16 - 2021-08-23 16:12 - 000000000 ____D C:\Users\lenovo y50\AppData\LocalLow\IGDump
2021-08-18 20:14 - 2021-08-18 20:14 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-08-18 20:14 - 2021-08-18 20:14 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-08-18 20:13 - 2021-08-18 20:13 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-08-18 20:13 - 2021-08-18 20:13 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-08-18 20:13 - 2021-08-18 20:13 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-08-18 20:13 - 2021-08-18 20:13 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-08-18 20:12 - 2021-08-18 20:12 - 002120496 _____ (Malwarebytes) C:\Users\lenovo y50\Downloads\MBSetup.exe
2021-08-17 20:00 - 2021-08-21 20:13 - 002300928 _____ (Farbar) C:\Users\lenovo y50\Desktop\FRST64.exe
2021-08-17 20:00 - 2021-08-17 20:00 - 002300416 _____ (Farbar) C:\Users\lenovo y50\Downloads\FRST64.exe
2021-08-17 14:47 - 2021-08-22 00:31 - 005209200 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-08-16 20:17 - 2021-08-22 16:32 - 000000000 ____D C:\Users\lenovo y50\AppData\Local\Discord
2021-08-16 14:17 - 2021-08-16 14:16 - 000339736 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-08-16 14:16 - 2021-08-16 14:16 - 000215392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-08-16 14:14 - 2021-08-16 20:05 - 000003542 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-08-11 08:46 - 2021-08-11 08:46 - 000509114 _____ C:\Users\lenovo y50\Downloads\2217468546.pdf
2021-08-10 16:35 - 2021-08-16 20:38 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-08-10 16:35 - 2021-08-16 20:38 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-08-07 10:01 - 2021-08-07 10:01 - 000017408 _____ C:\Users\lenovo y50\Downloads\www (1).xlsx

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-23 16:16 - 2020-02-03 16:27 - 000000000 ____D C:\FRST
2021-08-23 16:09 - 2021-03-24 16:12 - 000000000 ____D C:\Users\lenovo y50\AppData\Roaming\discord
2021-08-23 16:08 - 2018-04-20 16:54 - 000000000 ____D C:\Users\lenovo y50\AppData\Local\AVAST Software
2021-08-23 16:06 - 2017-06-01 14:36 - 000000000 ____D C:\Program Files (x86)\Google
2021-08-23 16:04 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-08-23 16:03 - 2020-08-17 19:01 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-08-22 00:36 - 2020-08-17 19:09 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-08-22 00:36 - 2019-12-07 16:41 - 000718024 _____ C:\WINDOWS\system32\perfh005.dat
2021-08-22 00:36 - 2019-12-07 16:41 - 000145166 _____ C:\WINDOWS\system32\perfc005.dat
2021-08-22 00:36 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-08-22 00:32 - 2017-09-25 16:07 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-08-22 00:32 - 2016-11-22 01:34 - 000000000 __SHD C:\Users\lenovo y50\IntelGraphicsProfiles
2021-08-22 00:32 - 2016-11-22 01:24 - 000000000 ____D C:\ProgramData\NVIDIA
2021-08-22 00:31 - 2020-08-17 19:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-22 00:31 - 2020-08-17 19:01 - 000008192 ___SH C:\DumpStack.log.tmp
2021-08-22 00:31 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-08-22 00:31 - 2017-06-01 14:37 - 000000000 ____D C:\ProgramData\AVAST Software
2021-08-22 00:30 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-08-22 00:30 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-08-22 00:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-08-22 00:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-08-22 00:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-08-22 00:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-08-22 00:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-08-22 00:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-08-22 00:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-08-22 00:30 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-08-22 00:30 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-08-21 20:08 - 2021-06-21 20:00 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-08-21 20:04 - 2020-06-03 23:57 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-21 20:04 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-08-21 20:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-08-21 11:50 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-08-21 11:06 - 2020-11-22 21:20 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-08-20 20:06 - 2017-06-02 15:06 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-08-20 19:56 - 2017-06-01 14:37 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-08-20 19:55 - 2017-06-02 15:06 - 133215968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-08-18 20:24 - 2017-06-01 14:50 - 000000000 ____D C:\Users\lenovo y50\AppData\Roaming\PSpad
2021-08-18 20:21 - 2021-06-13 09:19 - 000000000 ____D C:\Users\lenovo y50\Desktop\office
2021-08-18 20:14 - 2019-02-11 16:03 - 000000000 ____D C:\ProgramData\Mozilla
2021-08-18 20:14 - 2017-06-03 09:11 - 000000000 ____D C:\Users\lenovo y50\AppData\LocalLow\Mozilla
2021-08-18 20:13 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-08-18 20:13 - 2017-11-12 16:55 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-08-17 20:01 - 2017-06-03 09:11 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-08-17 20:01 - 2017-06-03 09:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-08-17 14:20 - 2021-06-29 20:30 - 000003572 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-17 14:20 - 2021-06-29 20:30 - 000003348 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-08-17 14:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-08-16 20:38 - 2020-08-17 19:20 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-08-16 20:36 - 2021-06-13 09:12 - 000000000 ____D C:\WINDOWS\AutoKMS
2021-08-16 20:36 - 2021-03-24 16:11 - 000000000 ____D C:\Users\lenovo y50\AppData\Local\SquirrelTemp
2021-08-16 20:36 - 2020-08-02 09:32 - 000000000 ____D C:\Users\lenovo y50\AppData\Roaming\Telegram Desktop
2021-08-16 20:36 - 2017-06-01 15:23 - 000000000 ____D C:\Users\lenovo y50\AppData\Local\CrashDumps
2021-08-16 20:17 - 2021-03-24 16:12 - 000002288 _____ C:\Users\lenovo y50\Desktop\Discord.lnk
2021-08-16 20:17 - 2021-03-24 16:12 - 000000000 ____D C:\Users\lenovo y50\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2021-08-16 20:13 - 2017-12-27 14:03 - 000000000 ____D C:\Users\lenovo y50\AppData\Local\ElevatedDiagnostics
2021-08-16 20:02 - 2017-06-02 14:22 - 000000000 ____D C:\Program Files\WinRAR
2021-08-16 14:16 - 2020-10-17 01:30 - 000184648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-08-16 14:16 - 2020-04-16 11:12 - 000559816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-08-16 14:16 - 2019-01-14 16:44 - 000367640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-08-16 14:16 - 2019-01-07 08:05 - 000250392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-08-16 14:16 - 2019-01-07 08:05 - 000099352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-08-16 14:16 - 2018-10-28 19:23 - 000041352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-08-16 14:16 - 2018-06-24 11:25 - 000017344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2021-08-16 14:16 - 2017-11-19 20:14 - 000218976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-08-16 14:16 - 2017-06-01 14:41 - 000851704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-08-16 14:16 - 2017-06-01 14:41 - 000471920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-08-16 14:16 - 2017-06-01 14:41 - 000328568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-08-16 14:16 - 2017-06-01 14:41 - 000108408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-08-16 14:16 - 2017-06-01 14:41 - 000082904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-08-16 14:14 - 2017-08-20 13:48 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-08-16 14:14 - 2017-06-02 14:22 - 000000000 ____D C:\Users\lenovo y50\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-08-16 14:14 - 2017-06-02 14:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-08-07 10:02 - 2018-01-29 19:29 - 000000000 ____D C:\Users\lenovo y50\AppData\Local\Packages

==================== Files in the root of some directories ========

2019-01-27 17:51 - 2019-07-31 19:46 - 000000132 _____ () C:\Users\lenovo y50\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2019-04-23 19:06 - 2019-04-23 19:06 - 000000132 _____ () C:\Users\lenovo y50\AppData\Roaming\Filtr IIIExport Adobe CS6 – předvolby
2017-06-03 12:38 - 2017-06-03 12:38 - 000000600 _____ () C:\Users\lenovo y50\AppData\Roaming\winscp.rnd
2017-06-03 10:53 - 2021-01-10 10:59 - 000001480 _____ () C:\Users\lenovo y50\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2018-10-01 20:19 - 2018-10-01 20:19 - 000000000 _____ () C:\Users\lenovo y50\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118152
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Nefunkční klávesnice

#10 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
CustomCLSID: HKU\S-1-5-21-3824366190-495201528-3455353946-1001_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-3824366190-495201528-3455353946-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-3824366190-495201528-3455353946-1001_Classes\CLSID\{4AC6DFE1-607B-45B2-B289-D7FBCD44169C}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2019\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-3824366190-495201528-3455353946-1001_Classes\CLSID\{74D0CE91-F931-4FAC-BEA9-EE32E43EAD37}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2019\acad.exe => No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\ProgramData\TEMP:4FC01C57 [136]
AlternateDataStreams: C:\ProgramData\TEMP:F0DEC06E [134]
FirewallRules: [UDP Query User{828C045F-A5CE-495C-A731-89CCA2D7327E}C:\users\lenovo y50\desktop\miner\ethdcrminer64.exe] => (Allow) C:\users\lenovo y50\desktop\miner\ethdcrminer64.exe => No File
FirewallRules: [TCP Query User{6B2C73A6-A77E-4E18-97DC-1EB4832B922C}C:\users\lenovo y50\desktop\miner\ethdcrminer64.exe] => (Allow) C:\users\lenovo y50\desktop\miner\ethdcrminer64.exe => No File
FirewallRules: [UDP Query User{17CE20AE-45F6-462A-A219-FC237B6C4CDA}C:\users\lenovo y50\desktop\stronghold crusader\stronghold crusader.exe] => (Allow) C:\users\lenovo y50\desktop\stronghold crusader\stronghold crusader.exe => No File
FirewallRules: [TCP Query User{0FE0672C-67A9-420F-9702-FFDFA93989BC}C:\users\lenovo y50\desktop\stronghold crusader\stronghold crusader.exe] => (Allow) C:\users\lenovo y50\desktop\stronghold crusader\stronghold crusader.exe => No File
FirewallRules: [UDP Query User{7FD20A1F-8728-46DC-9360-5DCFC1F2E9D5}C:\program files (x86)\altap salamander\salamand.exe] => (Allow) C:\program files (x86)\altap salamander\salamand.exe => No File
FirewallRules: [TCP Query User{5E5AB382-1EDA-494E-A553-F46B27C852C0}C:\program files (x86)\altap salamander\salamand.exe] => (Allow) C:\program files (x86)\altap salamander\salamand.exe => No File
FirewallRules: [{D95C6490-E670-4482-A363-51AF160B28F6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe => No File
FirewallRules: [{311DC6F6-1F0F-458E-A3B9-FC064BF68DB5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe => No File
FirewallRules: [{BBBE9C57-E134-4C29-9A7D-2F2008D7F2DA}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe => No File
FirewallRules: [{890A6187-5440-4002-AB6C-B94DBB6C7979}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe => No File
FirewallRules: [TCP Query User{6FD2326B-7FDB-48BE-83E6-DE048F417422}C:\program files\benbox\3.7.99\bin\laserdaemon.exe] => (Allow) C:\program files\benbox\3.7.99\bin\laserdaemon.exe => No File
FirewallRules: [UDP Query User{293A24BB-7CE5-4352-AD64-241CBC3B7EA4}C:\program files\benbox\3.7.99\bin\laserdaemon.exe] => (Allow) C:\program files\benbox\3.7.99\bin\laserdaemon.exe => No File
FirewallRules: [{BBEA11FE-4E4C-42DA-A091-AE01AD5D703F}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe => No File
FirewallRules: [{6E45816B-D29B-4FDC-BDB0-66F368058BD1}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe => No File
FirewallRules: [TCP Query User{EC33E075-BEE4-4E8A-9AC0-C608B1E592C5}C:\counter-strike 1.6 [cswos.com]\hl.exe] => (Allow) C:\counter-strike 1.6 [cswos.com]\hl.exe => No File
FirewallRules: [UDP Query User{528621B9-36B1-4C5F-8CBA-F0F10C02F976}C:\counter-strike 1.6 [cswos.com]\hl.exe] => (Allow) C:\counter-strike 1.6 [cswos.com]\hl.exe => No File
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\Policies\Explorer: []
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\MountPoints2: {e01ab139-4494-11ea-89bb-28e34710e678} - "D:\WifiAutoInstallSetup.exe"
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\MountPoints2: {f8c76e50-dfce-11e9-89b2-28e34710e678} - "D:\WifiAutoInstallSetup.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {4C468DEB-5790-4C41-B8C9-D94A0871B40D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-01] (Google Inc -> Google Inc.)
Task: {4FEC45B1-9C98-4206-ADB5-AEEB267B1485} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-01] (Google Inc -> Google Inc.)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Stene
Návštěvník
Návštěvník
Příspěvky: 236
Registrován: 03 pro 2013 19:42

Re: Nefunkční klávesnice

#11 Příspěvek od Stene »

Fix result of Farbar Recovery Scan Tool (x64) Version: 28-08-2021
Ran by lenovo y50 (28-08-2021 17:10:34) Run:2
Running from C:\Users\lenovo y50\Desktop
Loaded Profiles: defaultuser0 & lenovo y50
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
CustomCLSID: HKU\S-1-5-21-3824366190-495201528-3455353946-1001_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-3824366190-495201528-3455353946-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-3824366190-495201528-3455353946-1001_Classes\CLSID\{4AC6DFE1-607B-45B2-B289-D7FBCD44169C}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2019\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-3824366190-495201528-3455353946-1001_Classes\CLSID\{74D0CE91-F931-4FAC-BEA9-EE32E43EAD37}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2019\acad.exe => No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\ProgramData\TEMP:4FC01C57 [136]
AlternateDataStreams: C:\ProgramData\TEMP:F0DEC06E [134]
FirewallRules: [UDP Query User{828C045F-A5CE-495C-A731-89CCA2D7327E}C:\users\lenovo y50\desktop\miner\ethdcrminer64.exe] => (Allow) C:\users\lenovo y50\desktop\miner\ethdcrminer64.exe => No File
FirewallRules: [TCP Query User{6B2C73A6-A77E-4E18-97DC-1EB4832B922C}C:\users\lenovo y50\desktop\miner\ethdcrminer64.exe] => (Allow) C:\users\lenovo y50\desktop\miner\ethdcrminer64.exe => No File
FirewallRules: [UDP Query User{17CE20AE-45F6-462A-A219-FC237B6C4CDA}C:\users\lenovo y50\desktop\stronghold crusader\stronghold crusader.exe] => (Allow) C:\users\lenovo y50\desktop\stronghold crusader\stronghold crusader.exe => No File
FirewallRules: [TCP Query User{0FE0672C-67A9-420F-9702-FFDFA93989BC}C:\users\lenovo y50\desktop\stronghold crusader\stronghold crusader.exe] => (Allow) C:\users\lenovo y50\desktop\stronghold crusader\stronghold crusader.exe => No File
FirewallRules: [UDP Query User{7FD20A1F-8728-46DC-9360-5DCFC1F2E9D5}C:\program files (x86)\altap salamander\salamand.exe] => (Allow) C:\program files (x86)\altap salamander\salamand.exe => No File
FirewallRules: [TCP Query User{5E5AB382-1EDA-494E-A553-F46B27C852C0}C:\program files (x86)\altap salamander\salamand.exe] => (Allow) C:\program files (x86)\altap salamander\salamand.exe => No File
FirewallRules: [{D95C6490-E670-4482-A363-51AF160B28F6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe => No File
FirewallRules: [{311DC6F6-1F0F-458E-A3B9-FC064BF68DB5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe => No File
FirewallRules: [{BBBE9C57-E134-4C29-9A7D-2F2008D7F2DA}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe => No File
FirewallRules: [{890A6187-5440-4002-AB6C-B94DBB6C7979}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe => No File
FirewallRules: [TCP Query User{6FD2326B-7FDB-48BE-83E6-DE048F417422}C:\program files\benbox\3.7.99\bin\laserdaemon.exe] => (Allow) C:\program files\benbox\3.7.99\bin\laserdaemon.exe => No File
FirewallRules: [UDP Query User{293A24BB-7CE5-4352-AD64-241CBC3B7EA4}C:\program files\benbox\3.7.99\bin\laserdaemon.exe] => (Allow) C:\program files\benbox\3.7.99\bin\laserdaemon.exe => No File
FirewallRules: [{BBEA11FE-4E4C-42DA-A091-AE01AD5D703F}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe => No File
FirewallRules: [{6E45816B-D29B-4FDC-BDB0-66F368058BD1}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe => No File
FirewallRules: [TCP Query User{EC33E075-BEE4-4E8A-9AC0-C608B1E592C5}C:\counter-strike 1.6 [cswos.com]\hl.exe] => (Allow) C:\counter-strike 1.6 [cswos.com]\hl.exe => No File
FirewallRules: [UDP Query User{528621B9-36B1-4C5F-8CBA-F0F10C02F976}C:\counter-strike 1.6 [cswos.com]\hl.exe] => (Allow) C:\counter-strike 1.6 [cswos.com]\hl.exe => No File
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\Policies\Explorer: []
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\MountPoints2: {e01ab139-4494-11ea-89bb-28e34710e678} - "D:\WifiAutoInstallSetup.exe"
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\MountPoints2: {f8c76e50-dfce-11e9-89b2-28e34710e678} - "D:\WifiAutoInstallSetup.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {4C468DEB-5790-4C41-B8C9-D94A0871B40D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-01] (Google Inc -> Google Inc.)
Task: {4FEC45B1-9C98-4206-ADB5-AEEB267B1485} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-01] (Google Inc -> Google Inc.)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat

EmptyTemp:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-3824366190-495201528-3455353946-1001_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6} => removed successfully
HKU\S-1-5-21-3824366190-495201528-3455353946-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98} => removed successfully
HKU\S-1-5-21-3824366190-495201528-3455353946-1001_Classes\CLSID\{4AC6DFE1-607B-45B2-B289-D7FBCD44169C} => removed successfully
HKU\S-1-5-21-3824366190-495201528-3455353946-1001_Classes\CLSID\{74D0CE91-F931-4FAC-BEA9-EE32E43EAD37} => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
C:\ProgramData\TEMP => ":4FC01C57" ADS removed successfully
C:\ProgramData\TEMP => ":F0DEC06E" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{828C045F-A5CE-495C-A731-89CCA2D7327E}C:\users\lenovo y50\desktop\miner\ethdcrminer64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6B2C73A6-A77E-4E18-97DC-1EB4832B922C}C:\users\lenovo y50\desktop\miner\ethdcrminer64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{17CE20AE-45F6-462A-A219-FC237B6C4CDA}C:\users\lenovo y50\desktop\stronghold crusader\stronghold crusader.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0FE0672C-67A9-420F-9702-FFDFA93989BC}C:\users\lenovo y50\desktop\stronghold crusader\stronghold crusader.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7FD20A1F-8728-46DC-9360-5DCFC1F2E9D5}C:\program files (x86)\altap salamander\salamand.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5E5AB382-1EDA-494E-A553-F46B27C852C0}C:\program files (x86)\altap salamander\salamand.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D95C6490-E670-4482-A363-51AF160B28F6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{311DC6F6-1F0F-458E-A3B9-FC064BF68DB5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BBBE9C57-E134-4C29-9A7D-2F2008D7F2DA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{890A6187-5440-4002-AB6C-B94DBB6C7979}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6FD2326B-7FDB-48BE-83E6-DE048F417422}C:\program files\benbox\3.7.99\bin\laserdaemon.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{293A24BB-7CE5-4352-AD64-241CBC3B7EA4}C:\program files\benbox\3.7.99\bin\laserdaemon.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BBEA11FE-4E4C-42DA-A091-AE01AD5D703F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6E45816B-D29B-4FDC-BDB0-66F368058BD1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{EC33E075-BEE4-4E8A-9AC0-C608B1E592C5}C:\counter-strike 1.6 [cswos.com]\hl.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{528621B9-36B1-4C5F-8CBA-F0F10C02F976}C:\counter-strike 1.6 [cswos.com]\hl.exe" => removed successfully
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
"HKU\S-1-5-21-3824366190-495201528-3455353946-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\" => removed successfully
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e01ab139-4494-11ea-89bb-28e34710e678} => removed successfully
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f8c76e50-dfce-11e9-89b2-28e34710e678} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4C468DEB-5790-4C41-B8C9-D94A0871B40D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C468DEB-5790-4C41-B8C9-D94A0871B40D}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4FEC45B1-9C98-4206-ADB5-AEEB267B1485}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4FEC45B1-9C98-4206-ADB5-AEEB267B1485}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 11296768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13954339 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 56592134 B
Edge => 732894 B
Chrome => 1373920564 B
Firefox => 27235248 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 278420 B
NetworkService => 278420 B
defaultuser0 => 278420 B
lenovo y50 => 27937977 B

RecycleBin => 1554108651 B
EmptyTemp: => 2.9 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 17:12:32 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118152
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Nefunkční klávesnice

#12 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Stene
Návštěvník
Návštěvník
Příspěvky: 236
Registrován: 03 pro 2013 19:42

Re: Nefunkční klávesnice

#13 Příspěvek od Stene »

Bohužel... psaní do těchto textových polí stále nefunkční... :-(

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118152
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Nefunkční klávesnice

#14 Příspěvek od Rudy »

OK. Pro jistotu bych vyzkoušel jinou klávesku, ale jinak zkuste návrat do tov. nastavení se zachováním vašich souborů. Jelikož to znamená nové instalování všech programů, které jste instaloval vy sám, zkusil bych nejprve tu klávesku. Pokud máte NB, připojte externí.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Stene
Návštěvník
Návštěvník
Příspěvky: 236
Registrován: 03 pro 2013 19:42

Re: Nefunkční klávesnice

#15 Příspěvek od Stene »

Klávesnice také nefunkční... Ale dohledal jsem na netu řešení, stačí spustit (win + r) soubor C:\Windows\system32\ctfmon.exe
Bohužel toto spuštění je potřeba provést při každém restartu pc... Lze nějak nastavit, aby se to nemuselo dělat po každém startu pc?

Odpovědět