Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-08-2021
Ran by lenovo y50 (23-08-2021 16:24:35)
Running from C:\Users\lenovo y50\Desktop
Windows 10 Home Version 2004 19041.1165 (X64) (2020-08-17 17:21:11)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3824366190-495201528-3455353946-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3824366190-495201528-3455353946-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3824366190-495201528-3455353946-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-3824366190-495201528-3455353946-501 - Limited - Disabled)
lenovo y50 (S-1-5-21-3824366190-495201528-3455353946-1001 - Administrator - Enabled) => C:\Users\lenovo y50
WDAGUtilityAccount (S-1-5-21-3824366190-495201528-3455353946-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.005.20060 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 31.0.0.96 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.0.327 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CS6 (HKLM-x32\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe InDesign CC 2017 (HKLM-x32\...\IDSN_12_0_0) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Altap Salamander 3.08 (x64) (HKLM\...\Altap Salamander 3.08 (x64)) (Version: 3.08 - ALTAP)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{795ee3a0-97fa-489a-9543-7564ccc43be4}) (Version: 18.12.0 - Intel Corporation)
AutoCAD 2018 – Čeština (Czech) (HKLM\...\{28B89EEF-1001-0405-2102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
Autodesk 360 (HKLM\...\{556966D9-F7F6-421B-9707-D07901604DDF}) (Version: 5.0.27.1100 - Autodesk)
Autodesk Advanced Material Library Image Library 2018 (HKLM-x32\...\{177AD7F6-9C77-4E50-BA53-B7259C5F282D}) (Version: 16.11.1.0 - Autodesk)
Autodesk App Manager (HKLM-x32\...\{C8125548-F2D5-4059-823F-1F3C5BBD9F19}) (Version: 1.2.0 - Autodesk)
Autodesk App Manager 2016-2019 (HKLM-x32\...\{C1BF29A7-2D9E-4E8D-A3C1-02F6B20B8AB7}) (Version: 2.5.0 - Autodesk)
Autodesk AutoCAD 2018 – Čeština (Czech) (HKLM\...\AutoCAD 2018 – Čeština (Czech)) (Version: 22.0.49.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.3.0 (HKLM-x32\...\{448BC38C-2654-48CD-BB43-F59A37854A3E}) (Version: 1.3.0.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2015 Add-in 64 bit (HKLM\...\{9D589081-AFC2-4932-9071-AC585AC1EA83}) (Version: 3.32.3004 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service Language Pack (HKLM-x32\...\{A37CDB58-AAE8-0001-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library 2018 (HKLM-x32\...\{7847611E-92E9-4917-B395-71C91D523104}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library 2019 (HKLM-x32\...\{8F69EE2C-DC34-4746-9B47-7511147BD4B0}) (Version: 17.11.3.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2018 (HKLM-x32\...\{FCDED119-A969-4E48-8A32-D21AD6B03253}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2019 (HKLM-x32\...\{3AAA4C1B-51DA-487D-81A3-4234DBB9A8F9}) (Version: 17.11.3.0 - Autodesk)
Autodesk ReCap (HKLM\...\Autodesk ReCap 360) (Version: 5.0.0.40 - Autodesk)
Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.3.1.39 - Autodesk)
Autodesk ReCap Photo (HKLM\...\Autodesk ReCap Photo) (Version: 19.0.0.38 - Autodesk)
Avast Cleanup Premium (HKLM\...\Avast Cleanup) (Version: 21.1.9940.2746 - Avast Software)
Avast Premium Security (HKLM\...\Avast Antivirus) (Version: 21.6.2474 - Avast Software)
balenaEtcher 1.5.113 (HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b) (Version: 1.5.113 - Balena Inc.)
Balíček ovladače systému Windows - Silicon Laboratories (silabenm) Ports (03/19/2014 6.7.0.0) (HKLM\...\B97004A400E30DCF940971EFA7A0C13C6B0A4B66) (Version: 03/19/2014 6.7.0.0 - Silicon Laboratories)
Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden
CPUID HWMonitor 1.43 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.43 - CPUID, Inc.)
CrystalDiskInfo 6.7.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.7.0 - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.6.0.0283 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\Discord) (Version: 1.0.9002 - Discord Inc.)
DocRepair (HKLM-x32\...\DocRepair) (Version: - )
EPSON SX125 Series Printer Uninstall (HKLM\...\EPSON SX125 Series) (Version: - SEIKO EPSON Corporation)
ExultMySQLTrial (HKLM-x32\...\ExultMySQLTrial) (Version: 1.4 - Novixys Software, Inc.)
FARO LS 1.1.700.0 (64bit) (HKLM-x32\...\{FF6E9382-0B85-48DE-888F-76EFD9A87038}) (Version: 7.0.0.23 - FARO Scanner Production)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 92.0.4515.159 - Google LLC)
HD Tune Pro 5.75 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software)
Import souborů SketchUp (HKLM-x32\...\{C403E867-FCF1-432B-BCC1-8FFD40A10A6E}) (Version: 1.2.0 - Autodesk)
InfoRapid Search & Replace (HKLM-x32\...\InfoRapid Search & Replace) (Version: 3.1f - Ingo Straub Softwareentwicklung)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4624 - Intel Corporation)
IVI VISA COM Standard Components (HKLM-x32\...\{D2533218-3B3D-46C6-ABAA-898EB2908589}) (Version: 1.0.0 - IVI Foundation Inc.) Hidden
IVI VISA COM Standard Components (HKLM-x32\...\IviVisaComStandardComponents) (Version: - )
Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Ledger Live 2.26.1 (HKLM\...\c62032b2-0bca-5abc-b458-fd67cfc9e49b) (Version: 2.26.1 - Ledger Live Team)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Light Image Resizer 4.7.7.0 (HKLM-x32\...\{EBE030DD-D404-4D92-85E9-8C3624820808}_is1) (Version: 4.7.7.0 - ObviousIdea)
Malwarebytes version 4.4.4.126 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.4.126 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 92.0.902.78 - Microsoft Corporation)
Microsoft Office Professional 2019 - cs-cz (HKLM\...\Professional2019Retail - cs-cz) (Version: 16.0.14026.20264 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\OneDriveSetup.exe) (Version: 21.109.0530.0001 - Microsoft Corporation)
Microsoft Project - en-us (HKLM\...\ProjectProRetail - en-us) (Version: 16.0.14026.20264 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{852D8FE5-BC66-4061-B1C4-CADF51E5B27D}) (Version: 2.82.0.0 - Microsoft Corporation)
Microsoft Visio - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.14026.20264 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 91.0.1 (x64 cs)) (Version: 91.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 78.5.0 - Mozilla)
National Instruments Software (HKLM-x32\...\NI Uninstaller) (Version: - National Instruments)
NVIDIA GeForce Experience 3.12.0.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.12.0.84 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 390.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 390.77 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 390.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 390.77 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20264 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20264 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PingPlotter 5 (HKLM-x32\...\{84B2BC22-7967-47A5-B7FF-6297F95E1D39}) (Version: 5.4.3.2773 - Pingman Tools, LLC) Hidden
PingPlotter 5 (HKLM-x32\...\PingPlotter 5 5.4.3.2773) (Version: 5.4.3.2773 - Pingman Tools, LLC)
Počítačová aplikace Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 8.0.0.46 - Autodesk)
PremiumSoft Navicat Premium 12.0 (HKLM\...\PremiumSoft Navicat Premium 12_is1) (Version: 12.0.29 - PremiumSoft CyberTech Ltd.)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.2.2750 - Jan Fiala)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.1 - Qualcomm Atheros)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7525 - Realtek Semiconductor Corp.)
Replace Text (HKLM-x32\...\{E9DD578F-85DD-4FA4-B861-7752F75F6324}) (Version: 2.2 - Ecobyte)
Rozvrh 6 (HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\Rozvrh 6) (Version: 6.17 - RNDr. Červený)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.06.00.08(07.09.2016) - Samsung Electronics Co., Ltd.)
Samsung M2070 Series (HKLM-x32\...\Samsung M2070 Series) (Version: 1.27 (21.07.2017) - Samsung Electronics Co., Ltd.)
Samsung OCR Software (HKLM-x32\...\Samsung OCR Software) (Version: 1.01.18 (31.05.2018) - HP Printing Korea Co., Ltd.)
Samsung Printer Diagnostics (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.1.6.02 - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (HKLM-x32\...\Samsung Scan Process Machine) (Version: 1.03.05.18 - Samsung Electronics Co., Ltd.) Hidden
Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 1.2.19.0 - Samsung Electronics Co., Ltd.)
Search and Replace (x64) (HKLM\...\Search and Replace (x64 Shareware)_is1) (Version: 8.1 - Funduc Software Inc.)
SetIP (HKLM-x32\...\SetIP) (Version: 1.05.08.00 - Samsung Electronics Co., Ltd.)
Speciální aplikace Autodesk (HKLM-x32\...\{EDDEE94B-214D-4B07-9727-A3E46F3E379A}) (Version: 1.2.0 - Autodesk)
Speciální aplikace Autodesk 2016-2019 (HKLM-x32\...\{79F5747D-A961-4CCD-88B0-41F004D79AEB}) (Version: 2.5.0 - Autodesk)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
SSDlife Pro (HKLM-x32\...\{274A0362-DB46-4C5F-9D03-B1EEE404ED2B}) (Version: 2.5.76 - BinarySense Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.5 - Synaptics Incorporated)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Telegram Desktop version 2.7.4 (HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.7.4 - Telegram FZ-LLC)
TextCrawler Pro 3.1.1 (HKLM-x32\...\TextCrawler Pro) (Version: 3.1.1 - DigitalVolcano Software Ltd)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{F49D6A65-1AB6-4728-9FDA-DB5BAB631CF6}) (Version: 1.23.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinHTTrack Website Copier 3.49-2 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.49.2 - HTTrack)
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
Xml Viewer (HKLM-x32\...\{F58E04CD-6E76-43C8-AAF1-482225C2910E}) (Version: 3 - MindFusion Limited)
Zoner Callisto 5 FREE (HKLM-x32\...\ZonerCallisto5_CZ_is1) (Version: 5.0.5000.16 - ZONER software)
Zoner Photo Studio X CS (HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\ZPS X) (Version: 19.2009.2.286 - ZONER software)
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-07] (Autodesk Inc.)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-03-04] (Microsoft Corporation)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt [2021-04-11] (Facebook Inc) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5310.0_x64__8wekyb3d8bbwe [2021-06-08] (Microsoft Studios) [MS Ad]
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2019-07-10] (Samsung Electronics Co. Ltd.)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3824366190-495201528-3455353946-1001_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-3824366190-495201528-3455353946-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-3824366190-495201528-3455353946-1001_Classes\CLSID\{4AC6DFE1-607B-45B2-B289-D7FBCD44169C}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2019\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-3824366190-495201528-3455353946-1001_Classes\CLSID\{74D0CE91-F931-4FAC-BEA9-EE32E43EAD37}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2019\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-3824366190-495201528-3455353946-1001_Classes\CLSID\{9AAF0EB6-42D8-46C1-A2EF-679511B37A0D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3824366190-495201528-3455353946-1001_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3824366190-495201528-3455353946-1001_Classes\CLSID\{C78B614E-F3EA-11D2-94A1-00E0292A01E3}\InprocServer32 -> C:\Program Files\Altap Salamander\utils\salextx64.dll (ALTAP) [File not signed]
CustomCLSID: HKU\S-1-5-21-3824366190-495201528-3455353946-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2018\cs-CZ\acadficn.dll (Autodesk Development Sarl -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3824366190-495201528-3455353946-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-3824366190-495201528-3455353946-1001_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll () [File not signed]
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-08-16] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2018-06-07] (Autodesk, Inc. -> Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-08-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2018-06-07] (Autodesk, Inc. -> Autodesk)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-08-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1-x32: [SEStart] -> {0CAF1FA2-6F8D-11D5-84C7-0000836958D3} => C:\Program Files (x86)\seRapid\SEStart.dll [2003-07-12] () [File not signed]
ContextMenuHandlers1: [SrExt] -> {a90d5ea2-a1d7-11cf-8dc1-00805fc2353f} => C:\Program Files\SR\SrExt64.dll [2017-06-01] (Funduc Software Inc -> Funduc Software Inc. hxxp://
www.funduc.com)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2-x32: [SEStart] -> {0CAF1FA2-6F8D-11D5-84C7-0000836958D3} => C:\Program Files (x86)\seRapid\SEStart.dll [2003-07-12] () [File not signed]
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-08-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-08-18] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4-x32: [SEStart] -> {0CAF1FA2-6F8D-11D5-84C7-0000836958D3} => C:\Program Files (x86)\seRapid\SEStart.dll [2003-07-12] () [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-04-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-01-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-08-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-08-18] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [SrExt] -> {a90d5ea2-a1d7-11cf-8dc1-00805fc2353f} => C:\Program Files\SR\SrExt64.dll [2017-06-01] (Funduc Software Inc -> Funduc Software Inc. hxxp://
www.funduc.com)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-3824366190-495201528-3455353946-1001: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] () [File not signed]
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\lenovo y50\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Ledger Manager.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=beimhnaefocolcplfimocfiaiefpkgbf
ShortcutWithArgument: C:\Users\lenovo y50\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Ledger Wallet Bitcoin.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=kkdpmhnladdopljabkgpacgpliggeeaf
ShortcutWithArgument: C:\Users\lenovo y50\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Ledger Wallet Ethereum.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=hmlhkialjkaldndjnlcdfdphcgeadkkm
ShortcutWithArgument: C:\Users\lenovo y50\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Kristýna - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
==================== Loaded Modules (Whitelisted) =============
2017-06-01 14:49 - 2014-11-02 18:45 - 000029184 _____ () [File not signed] C:\Program Files (x86)\PSPad editor\pspshellx64.dll
2008-06-17 18:38 - 2008-06-17 18:38 - 000144896 _____ (National Instruments Corporation) [File not signed] C:\Program Files (x86)\National Instruments\Shared\Security\nidm_client_thinauth.dll
2020-08-17 19:08 - 2018-01-24 00:42 - 000877440 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll
2020-08-17 19:08 - 2018-01-24 00:42 - 000343912 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NvStereo\_nvstapisvr64.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:4FC01C57 [136]
AlternateDataStreams: C:\ProgramData\TEMP:F0DEC06E [134]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\Software\Classes\.scr: AutoCADScriptFile =>
==================== Internet Explorer (Whitelisted) ==========
SearchScopes: HKU\S-1-5-21-3824366190-495201528-3455353946-1001 -> {091087FD-CDC1-4F59-8FCB-4D4A5D89393B} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3824366190-495201528-3455353946-1001 -> {1F03A840-5BEF-4413-9892-597FE9C93E5D} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3824366190-495201528-3455353946-1001 -> {25E918EB-C90B-43DF-B0D8-574F25A01A04} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3824366190-495201528-3455353946-1001 -> {33304E3D-0A76-451E-B571-EFB0EB73F618} URL = hxxp://
www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-3824366190-495201528-3455353946-1001 -> {59AC8252-9653-4045-BBBF-11CAF3F328D8} URL = hxxp://
www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-3824366190-495201528-3455353946-1001 -> {6861D191-73D2-4D98-ADF7-328D3F745575} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3824366190-495201528-3455353946-1001 -> {995C9CAF-FD95-4C4E-B06F-6196A01030DE} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3824366190-495201528-3455353946-1001 -> {A4695064-4274-472E-B9A6-78127035FF11} URL = hxxp://
www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-3824366190-495201528-3455353946-1001 -> {B874AA26-D789-49A0-A95A-5236495DD86D} URL = hxxp://
www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-05-14] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-04-06] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-04-06] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-14] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-11-21 15:53 - 2020-02-14 16:04 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\IVI Foundation\VISA\WinNT\Bin\;C:\Program Files (x86)\IVI Foundation\VISA\WinNT\Bin;C:\Program Files\IVI Foundation\VISA\Win64\Bin\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-3824366190-495201528-3455353946-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\Control Panel\Desktop\\Wallpaper -> c:\veci na plose\svatba\svatba fotky - viktor\dsc00086.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "RtHDVCpl"
HKLM\...\StartupApproved\Run: => "RtHDVBg_Dolby"
HKLM\...\StartupApproved\Run: => "RtHDVBg_LENOVO_DOLBYDRAGON"
HKLM\...\StartupApproved\Run: => "RtHDVBg_LENOVO_MICPKEY"
HKLM\...\StartupApproved\Run: => "SynTPEnh"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "CDAServer"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "ADSKAppManager"
HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"
HKU\S-1-5-21-3824366190-495201528-3455353946-1000\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\StartupApproved\StartupFolder: => "DeskPins.lnk"
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\StartupApproved\Run: => "EPSON SX125 Series"
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\StartupApproved\Run: => "Boxoft Tools"
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\StartupApproved\Run: => "Autodesk Sync"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{24E3ECB3-BCE8-4F1B-980A-D599E5D702BB}C:\program files\altap salamander\salamand.exe] => (Allow) C:\program files\altap salamander\salamand.exe (ALTAP, spol. s r.o. -> ALTAP)
FirewallRules: [TCP Query User{D9E9C92F-D061-4FF4-ABF2-28FB012ABE35}C:\program files\altap salamander\salamand.exe] => (Allow) C:\program files\altap salamander\salamand.exe (ALTAP, spol. s r.o. -> ALTAP)
FirewallRules: [UDP Query User{828C045F-A5CE-495C-A731-89CCA2D7327E}C:\users\lenovo y50\desktop\miner\ethdcrminer64.exe] => (Allow) C:\users\lenovo y50\desktop\miner\ethdcrminer64.exe => No File
FirewallRules: [TCP Query User{6B2C73A6-A77E-4E18-97DC-1EB4832B922C}C:\users\lenovo y50\desktop\miner\ethdcrminer64.exe] => (Allow) C:\users\lenovo y50\desktop\miner\ethdcrminer64.exe => No File
FirewallRules: [{41741D08-F46D-427C-85A7-1F18B7665862}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{737C3AEA-8CFC-430A-AACA-61CBDCA2EFE7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CE71205E-63F9-4C49-A5E6-3714EBF7F383}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8ECD812E-18FC-426A-AF5A-57D0DD9D24DF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{79D71EBB-14A0-40F8-BB44-E064B05920AD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C1E8B986-76DD-4349-94E9-744D72BC1493}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{53573FF1-DE9D-423D-9246-A4BC24B6CB77}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{AA52A424-8544-4211-B759-68B170C2B6E2}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{17CE20AE-45F6-462A-A219-FC237B6C4CDA}C:\users\lenovo y50\desktop\stronghold crusader\stronghold crusader.exe] => (Allow) C:\users\lenovo y50\desktop\stronghold crusader\stronghold crusader.exe => No File
FirewallRules: [TCP Query User{0FE0672C-67A9-420F-9702-FFDFA93989BC}C:\users\lenovo y50\desktop\stronghold crusader\stronghold crusader.exe] => (Allow) C:\users\lenovo y50\desktop\stronghold crusader\stronghold crusader.exe => No File
FirewallRules: [UDP Query User{7FD20A1F-8728-46DC-9360-5DCFC1F2E9D5}C:\program files (x86)\altap salamander\salamand.exe] => (Allow) C:\program files (x86)\altap salamander\salamand.exe => No File
FirewallRules: [TCP Query User{5E5AB382-1EDA-494E-A553-F46B27C852C0}C:\program files (x86)\altap salamander\salamand.exe] => (Allow) C:\program files (x86)\altap salamander\salamand.exe => No File
FirewallRules: [{9D5E78E9-B093-4C3F-BA1A-E39AA12EE7E9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{56E3EF4D-4367-48CA-9DBB-BE3C0AA382BB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D95C6490-E670-4482-A363-51AF160B28F6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe => No File
FirewallRules: [{311DC6F6-1F0F-458E-A3B9-FC064BF68DB5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe => No File
FirewallRules: [TCP Query User{42F3CAA6-7D73-470D-A881-A840C85F08DC}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{11C7AEFC-4285-4311-A457-EE0289047ED1}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{ABA7FC40-8BB0-4891-BB2F-DD2975AD16E0}] => (Allow) C:\Users\lenovo y50\AppData\Local\Apowersoft\Online Video Converter\Online Video Converter.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{ACF5B076-FE40-4631-8A66-378656FFDD0D}] => (Allow) C:\Users\lenovo y50\AppData\Local\Apowersoft\Online Video Converter\Online Video Converter.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{BBBE9C57-E134-4C29-9A7D-2F2008D7F2DA}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe => No File
FirewallRules: [{890A6187-5440-4002-AB6C-B94DBB6C7979}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe => No File
FirewallRules: [TCP Query User{6FD2326B-7FDB-48BE-83E6-DE048F417422}C:\program files\benbox\3.7.99\bin\laserdaemon.exe] => (Allow) C:\program files\benbox\3.7.99\bin\laserdaemon.exe => No File
FirewallRules: [UDP Query User{293A24BB-7CE5-4352-AD64-241CBC3B7EA4}C:\program files\benbox\3.7.99\bin\laserdaemon.exe] => (Allow) C:\program files\benbox\3.7.99\bin\laserdaemon.exe => No File
FirewallRules: [{86683E34-1918-480E-BF45-2166F1EB244E}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{02FC82C0-293B-4A02-BE2A-F4F524CD1451}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{D8BD20AA-9B71-40B1-8662-30DCFF4612E5}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{627E4181-15D3-4476-96C7-BFF742FA50D7}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{7533975D-9629-4C81-B6A5-43A01F8B71E3}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe (Samsung Electronics Co., Ltd.) [File not signed]
FirewallRules: [{861A7102-F4A8-46A2-A0AA-41393696E8B9}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe (Samsung Electronics Co., Ltd.) [File not signed]
FirewallRules: [{F495A3C4-F2A6-4BA3-AA61-B1A3401F3988}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe (Samsung Electronics Co., Ltd.) [File not signed]
FirewallRules: [{04BE3727-7C73-4019-8570-4CA37AEC9397}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe (Samsung Electronics Co., Ltd.) [File not signed]
FirewallRules: [{B8A01C71-0AC6-4945-84A7-7F97D5717313}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe (Samsung Electronics Co., Ltd.) [File not signed]
FirewallRules: [{70909B39-8CEF-428F-9FDB-9DE550B558F9}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe (ScanProcess) [File not signed]
FirewallRules: [{51A0723C-E1D8-4C1D-A894-F8FC7C9DD399}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe (Scan2PCNotify) [File not signed]
FirewallRules: [{BBEA11FE-4E4C-42DA-A091-AE01AD5D703F}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe => No File
FirewallRules: [{6E45816B-D29B-4FDC-BDB0-66F368058BD1}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe => No File
FirewallRules: [{44A95CD4-7AAE-4F79-8325-B953667A4908}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{753BD8AA-2FFD-4D31-94F7-9AEA47AF329B}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{26C1745E-8BEF-4EB7-BA0F-D0F6D80EEEE6}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{559824FF-091D-41CF-B9A0-4B1534B51471}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{DE83186A-119F-4208-8B03-F0806A776493}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )
FirewallRules: [{575EA4A2-B27A-4C17-8DBF-B10532CA3832}] => (Allow) LPort=50248
FirewallRules: [TCP Query User{EC33E075-BEE4-4E8A-9AC0-C608B1E592C5}C:\counter-strike 1.6 [cswos.com]\hl.exe] => (Allow) C:\counter-strike 1.6 [cswos.com]\hl.exe => No File
FirewallRules: [UDP Query User{528621B9-36B1-4C5F-8CBA-F0F10C02F976}C:\counter-strike 1.6 [cswos.com]\hl.exe] => (Allow) C:\counter-strike 1.6 [cswos.com]\hl.exe => No File
FirewallRules: [{02ED1C72-9781-4955-A1E8-2792211D2723}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4112258B-FFB8-44FA-939C-7209BC7E897E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E3FBE89A-01BE-4D00-B394-769B73719AC3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D5BB7B9B-1864-4C38-AC44-80DD836DA6C6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C4C7CF4A-6FE8-480C-B4CA-7D29714BDB55}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{29F83BBC-FE56-4BCF-8A8B-4BA35B14BF94}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:117.82 GB) (Free:11.45 GB) (10%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (08/23/2021 04:28:16 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2021-09-15T18:02:16Z. Kód chyby: 0x80070002
Error: (08/23/2021 04:27:46 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2021-09-15T18:02:46Z. Kód chyby: 0x80070002
Error: (08/23/2021 04:27:16 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2021-09-15T18:02:16Z. Kód chyby: 0x80070002
Error: (08/23/2021 04:26:46 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2021-09-15T18:02:46Z. Kód chyby: 0x80070002
Error: (08/23/2021 04:26:16 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2021-09-15T18:02:16Z. Kód chyby: 0x80070002
Error: (08/23/2021 04:25:46 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2021-09-15T18:02:46Z. Kód chyby: 0x80070002
Error: (08/23/2021 04:25:16 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2021-09-15T18:02:16Z. Kód chyby: 0x80070002
Error: (08/23/2021 04:24:46 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2021-09-15T18:02:46Z. Kód chyby: 0x80070002
System errors:
=============
Error: (08/21/2021 08:09:47 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Malwarebytes Service se po přijetí pokynu pro vypnutí neukončila správně.
Error: (08/21/2021 08:09:27 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Avast Antivirus se po přijetí pokynu pro vypnutí neukončila správně.
Error: (08/20/2021 07:55:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Malwarebytes Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.
Error: (08/18/2021 08:21:33 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1ASUH46)
Description: Server {3EB3C877-1F16-487C-9050-104DBCD66683} se v daném časovém limitu neregistroval u služby DCOM.
Error: (08/18/2021 08:21:33 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1ASUH46)
Description: Server {3EB3C877-1F16-487C-9050-104DBCD66683} se v daném časovém limitu neregistroval u služby DCOM.
Error: (08/18/2021 08:21:33 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1ASUH46)
Description: Server {3EB3C877-1F16-487C-9050-104DBCD66683} se v daném časovém limitu neregistroval u služby DCOM.
Error: (08/18/2021 08:21:33 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1ASUH46)
Description: Server {3EB3C877-1F16-487C-9050-104DBCD66683} se v daném časovém limitu neregistroval u služby DCOM.
Error: (08/18/2021 08:21:33 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1ASUH46)
Description: Server {3EB3C877-1F16-487C-9050-104DBCD66683} se v daném časovém limitu neregistroval u služby DCOM.
CodeIntegrity:
===============
Date: 2021-08-23 16:24:52
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2021-08-23 16:19:50
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Autodesk\Autodesk Sync\AdSyncNamespace.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2021-08-23 16:09:20
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\setup\uat_3336.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2021-08-23 16:04:14
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO 9ECN43WW(V3.03) 08/12/2015
Motherboard: LENOVO Lenovo Y50-70
Processor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Percentage of memory in use: 28%
Total physical RAM: 16296.27 MB
Available physical RAM: 11631.71 MB
Total Virtual: 18728.27 MB
Available Virtual: 13907.53 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:117.82 GB) (Free:11.45 GB) NTFS
\\?\Volume{ae0069c6-5eb7-4d22-825f-989da3ffc9f1}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{2d9286d5-7479-4fb1-909a-d2b4c50cfc92}\ () (Fixed) (Total:0.87 GB) (Free:0.4 GB) NTFS
\\?\Volume{0e7f7cd5-22df-464a-8ce3-0804deb18d0e}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 119.2 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-08-2021
Ran by lenovo y50 (administrator) on DESKTOP-1ASUH46 (LENOVO 20378) (21-08-2021 20:13:41)
Running from C:\Users\lenovo y50\Desktop
Loaded Profiles: lenovo y50
Platform: Windows 10 Home Version 2004 19041.1083 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Cleanup\TuneupSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Cleanup\TuneupUI.exe <3>
(Discord Inc. -> Discord Inc.) C:\Users\lenovo y50\AppData\Local\Discord\app-1.0.9002\Discord.exe <6>
(Flexera Software LLC -> Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <11>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler64.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2105.19601.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(National Instruments Corporation -> National Instruments Corporation) C:\Windows\SysWOW64\lkads.exe
(National Instruments Corporation -> National Instruments Corporation) C:\Windows\SysWOW64\lktsrv.exe
(National Instruments Corporation -> National Instruments, Inc.) C:\Windows\SysWOW64\lkcitdl.exe
(NITestingCert -> National Instruments Corporation) [File not signed] C:\Windows\SysWOW64\nisvcloc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [123672 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] (Samsung Electronics CO., LTD. -> )
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\Avast Software\Cleanup\TuneupUI.exe [2429664 2021-03-23] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3947704 2015-08-29] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [664872 2020-03-04] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4836032 2017-08-14] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\Run: [Boxoft Tools] => C:\ProgramData\Boxtools\Boxofttoolbox.exe [2590208 2010-11-19] () [File not signed]
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\Run: [EPSON SX125 Series] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGGE.EXE [224768 2009-09-14] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1193352 2014-02-08] (Autodesk, Inc -> Autodesk, Inc.)
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\Run: [Discord] => C:\Users\lenovo y50\AppData\Local\Discord\Update.exe [1512104 2021-05-24] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\Policies\Explorer: []
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\MountPoints2: {e01ab139-4494-11ea-89bb-28e34710e678} - "D:\WifiAutoInstallSetup.exe"
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\MountPoints2: {f8c76e50-dfce-11e9-89b2-28e34710e678} - "D:\WifiAutoInstallSetup.exe"
HKLM\...\Windows x64\Print Processors\ssm4mPC: C:\Windows\System32\spool\prtprocs\x64\ssm4mpc.dll [43520 2017-07-10] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\ssm4m Langmon: C:\WINDOWS\system32\ssm4mlm.dll [22528 2017-07-10] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\92.0.4515.159\Installer\chrmstp.exe [2021-08-20] (Google LLC -> Google LLC)
BootExecute: autocheck autochk * icarus_rvrt.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {3FF1B38B-6AC4-4E08-A1A5-9A453FC9CDC5} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-04-29] (Avast Software s.r.o. -> Avast Software)
Task: {4C468DEB-5790-4C41-B8C9-D94A0871B40D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-01] (Google Inc -> Google Inc.)
Task: {4FEC45B1-9C98-4206-ADB5-AEEB267B1485} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-01] (Google Inc -> Google Inc.)
Task: {7FAAD9D1-921C-49A2-A1FE-65E22FE2DDFF} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4902680 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
Task: {E5DCDEDA-DFE9-4931-B8FB-7C243BE35750} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-26] (Adobe Inc. -> Adobe Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1c5338a1-16ff-41ed-9741-a4798804c049}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{3564587d-8761-4c69-be3d-1664156dc6f5}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{6320084a-1dea-4c69-833c-46d4604e39dc}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{650a28d4-a1d6-4c21-a0a2-38cc38b8de5c}: [DhcpNameServer] 213.226.224.12 8.8.8.8
Tcpip\..\Interfaces\{695c092f-959c-43d9-b8aa-c742d88190ac}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\lenovo y50\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-20]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: 2bz1rpyr.default
FF ProfilePath: C:\Users\lenovo y50\AppData\Roaming\Mozilla\Firefox\Profiles\2bz1rpyr.default [2021-08-18]
FF user.js: detected! => C:\Users\lenovo y50\AppData\Roaming\Mozilla\Firefox\Profiles\2bz1rpyr.default\user.js [2018-02-28]
FF NewTabOverride: Mozilla\Firefox\Profiles\2bz1rpyr.default -> Enabled: {ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: (Seznam doplněk - Esko) - C:\Users\lenovo y50\AppData\Roaming\Mozilla\Firefox\Profiles\2bz1rpyr.default\Extensions\
sko-extension@firma.seznam.cz.xpi [2021-01-10]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\lenovo y50\AppData\Roaming\Mozilla\Firefox\Profiles\2bz1rpyr.default\Extensions\
sp@avast.com.xpi [2021-01-10]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-04-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-04-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-01-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-01-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-07-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default [2021-08-21]
CHR Notifications: Default -> hxxps://chat.simplemining.net; hxxps://coinstats.app; hxxps://
www.malvik.cz; hxxps://
www.tradingview.com; hxxps://
www.youtube.com
CHR HomePage: Default -> hxxps://
www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://seznam.cz/"
CHR Extension: (Překladač Google) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2021-08-15]
CHR Extension: (Prezentace) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-27]
CHR Extension: (Ledger Manager) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\beimhnaefocolcplfimocfiaiefpkgbf [2020-07-24]
CHR Extension: (YouTube) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-01]
CHR Extension: (Webkamera) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfpjcegkjhdnnempidlgmeoaiilpidep [2018-05-17]
CHR Extension: (Proxy SwitchySharp) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm [2020-03-15]
CHR Extension: (Adobe Acrobat) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-03-12]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-11-10]
CHR Extension: (Tabulky) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-25]
CHR Extension: (Ledger Wallet Ethereum) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmlhkialjkaldndjnlcdfdphcgeadkkm [2019-03-20]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-08-18]
CHR Extension: (Ledger Wallet Bitcoin) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkdpmhnladdopljabkgpacgpliggeeaf [2020-07-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2020-04-06]
CHR Extension: (Gmail) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-30]
CHR Profile: C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-08-21]
CHR Profile: C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-08-16]
CHR HomePage: Profile 1 -> hxxps://
www.google.com/
CHR StartupUrls: Profile 1 -> "hxxps://
www.google.cz/"
CHR Extension: (Překladač Google) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-03-20]
CHR Extension: (Prezentace) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-05-11]
CHR Extension: (Dokumenty) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2019-05-11]
CHR Extension: (Disk Google) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-11]
CHR Extension: (YouTube) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-05-11]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-07-28]
CHR Extension: (Adobe Acrobat) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-03-29]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-11-11]
CHR Extension: (Tabulky) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-05-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-11]
CHR Extension: (Gmail) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-27]
CHR Extension: (Chrome Media Router) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-11]
CHR Profile: C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\System Profile [2021-08-21]
CHR HKU\S-1-5-21-3824366190-495201528-3455353946-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1046904 2020-03-04] (Autodesk, Inc. -> Autodesk Inc.)
S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-26] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8262736 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
S4 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc -> Autodesk, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [627480 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [1616664 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [374552 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-05-22] (Avast Software s.r.o. -> AVAST Software)
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [12414176 2021-03-23] (Avast Software s.r.o. -> AVAST Software)
S4 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11279752 2021-05-25] (Microsoft Corporation -> Microsoft Corporation)
S4 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-08-14] (Disc Soft Ltd -> Disc Soft Ltd)
R2 LkCitadelServer; C:\WINDOWS\SysWOW64\lkcitdl.exe [695136 2008-06-17] (National Instruments Corporation -> National Instruments, Inc.)
R2 lkClassAds; C:\WINDOWS\SysWOW64\lkads.exe [40488 2008-06-17] (National Instruments Corporation -> National Instruments Corporation)
R2 lkTimeSync; C:\WINDOWS\SysWOW64\lktsrv.exe [50736 2008-06-17] (National Instruments Corporation -> National Instruments Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7477704 2021-08-18] (Malwarebytes Inc -> Malwarebytes)
S4 mxssvr; C:\Program Files (x86)\National Instruments\MAX\nimxs.exe [12696 2008-04-02] (National Instruments Corporation -> National Instruments Corporation)
S4 NIDomainService; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [213552 2008-06-17] (National Instruments Corporation -> National Instruments Corporation)
S4 NILM License Manager; C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe [1007616 2008-06-12] (Macrovision Corporation) [File not signed]
S4 niLXIDiscovery; C:\Program Files (x86)\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe [129144 2008-06-20] (National Instruments Corporation -> National Instruments Corporation)
S4 nimDNSResponder; C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [192112 2008-06-18] (National Instruments Corporation -> National Instruments Corporation)
R2 niSvcLoc; C:\WINDOWS\SysWOW64\nisvcloc.exe [8656 2007-11-06] (NITestingCert -> National Instruments Corporation) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\NisSrv.exe [3004048 2019-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MsMpEng.exe [103384 2019-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2017-04-15] (ASUSTeK Computer Inc. -> )
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [218976 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [367640 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250392 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99352 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [17344 2021-08-16] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41352 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [184648 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [559816 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108408 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82904 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851704 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [471920 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215392 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [328568 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [21928 2013-06-04] (BoiseTest -> Windows (R) Win 7 DDK provider)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-09-25] (Disc Soft Ltd -> Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-08-18] (Malwarebytes Inc -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-08-18] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-08-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-08-21] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69016 2021-08-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-08-18] (Malwarebytes Inc -> Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [156880 2021-08-20] (Malwarebytes Inc -> Malwarebytes)
S3 nidimk; C:\WINDOWS\system32\drivers\nidimkl.sys [11872 2008-06-13] (National Instruments Corporation -> National Instruments Corporation)
S3 niorbk; C:\WINDOWS\system32\drivers\niorbkl.sys [11856 2008-06-13] (National Instruments Corporation -> National Instruments Corporation)
S3 nipalfwedl; C:\WINDOWS\System32\drivers\nipalfwedl.sys [12928 2008-06-13] (National Instruments Corporation -> National Instruments Corporation)
R0 NIPALK; C:\WINDOWS\System32\drivers\nipalk.sys [875096 2008-06-13] (National Instruments Corporation -> National Instruments Corporation)
S3 nipalusbedl; C:\WINDOWS\System32\drivers\nipalusbedl.sys [12920 2008-06-13] (National Instruments Corporation -> National Instruments Corporation)
R0 nipbcfk; C:\WINDOWS\System32\drivers\nipbcfk.sys [16472 2007-07-10] (National Instruments Corporation -> National Instruments Corporation)
S3 NiViFWK; C:\WINDOWS\System32\drivers\NiViFWKl.sys [11896 2008-06-20] (National Instruments Corporation -> National Instruments Corporation)
S3 NiViPciK; C:\WINDOWS\System32\drivers\NiViPciKl.sys [11872 2008-06-20] (National Instruments Corporation -> National Instruments Corporation)
R2 NiViPxiK; C:\WINDOWS\System32\drivers\NiViPxiKl.sys [11872 2008-06-20] (National Instruments Corporation -> National Instruments Corporation)
S3 RtlWlanu; C:\WINDOWS\System32\drivers\rtl8188gu.sys [1208768 2018-04-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46688 2019-10-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [350136 2019-10-14] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54200 2019-10-14] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [123672 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] (Samsung Electronics CO., LTD. -> )
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\Avast Software\Cleanup\TuneupUI.exe [2429664 2021-03-23] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3947704 2015-08-29] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [664872 2020-03-04] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4836032 2017-08-14] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\Run: [Boxoft Tools] => C:\ProgramData\Boxtools\Boxofttoolbox.exe [2590208 2010-11-19] () [File not signed]
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\Run: [EPSON SX125 Series] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGGE.EXE [224768 2009-09-14] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1193352 2014-02-08] (Autodesk, Inc -> Autodesk, Inc.)
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\Run: [Discord] => C:\Users\lenovo y50\AppData\Local\Discord\Update.exe [1512104 2021-05-24] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\Policies\Explorer: []
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\MountPoints2: {e01ab139-4494-11ea-89bb-28e34710e678} - "D:\WifiAutoInstallSetup.exe"
HKU\S-1-5-21-3824366190-495201528-3455353946-1001\...\MountPoints2: {f8c76e50-dfce-11e9-89b2-28e34710e678} - "D:\WifiAutoInstallSetup.exe"
HKLM\...\Windows x64\Print Processors\ssm4mPC: C:\Windows\System32\spool\prtprocs\x64\ssm4mpc.dll [43520 2017-07-10] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\ssm4m Langmon: C:\WINDOWS\system32\ssm4mlm.dll [22528 2017-07-10] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\92.0.4515.159\Installer\chrmstp.exe [2021-08-20] (Google LLC -> Google LLC)
BootExecute: autocheck autochk * icarus_rvrt.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {3FF1B38B-6AC4-4E08-A1A5-9A453FC9CDC5} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-04-29] (Avast Software s.r.o. -> Avast Software)
Task: {4C468DEB-5790-4C41-B8C9-D94A0871B40D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-01] (Google Inc -> Google Inc.)
Task: {4FEC45B1-9C98-4206-ADB5-AEEB267B1485} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-01] (Google Inc -> Google Inc.)
Task: {7FAAD9D1-921C-49A2-A1FE-65E22FE2DDFF} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4902680 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
Task: {E5DCDEDA-DFE9-4931-B8FB-7C243BE35750} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-26] (Adobe Inc. -> Adobe Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1c5338a1-16ff-41ed-9741-a4798804c049}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{3564587d-8761-4c69-be3d-1664156dc6f5}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{6320084a-1dea-4c69-833c-46d4604e39dc}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{650a28d4-a1d6-4c21-a0a2-38cc38b8de5c}: [DhcpNameServer] 213.226.224.12 8.8.8.8
Tcpip\..\Interfaces\{695c092f-959c-43d9-b8aa-c742d88190ac}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\lenovo y50\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-22]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: 2bz1rpyr.default
FF ProfilePath: C:\Users\lenovo y50\AppData\Roaming\Mozilla\Firefox\Profiles\2bz1rpyr.default [2021-08-18]
FF user.js: detected! => C:\Users\lenovo y50\AppData\Roaming\Mozilla\Firefox\Profiles\2bz1rpyr.default\user.js [2018-02-28]
FF NewTabOverride: Mozilla\Firefox\Profiles\2bz1rpyr.default -> Enabled: {ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: (Seznam doplněk - Esko) - C:\Users\lenovo y50\AppData\Roaming\Mozilla\Firefox\Profiles\2bz1rpyr.default\Extensions\
sko-extension@firma.seznam.cz.xpi [2021-01-10]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\lenovo y50\AppData\Roaming\Mozilla\Firefox\Profiles\2bz1rpyr.default\Extensions\
sp@avast.com.xpi [2021-01-10]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-04-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-04-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-01-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-01-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-07-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default [2021-08-21]
CHR Notifications: Default -> hxxps://chat.simplemining.net; hxxps://coinstats.app; hxxps://
www.malvik.cz; hxxps://
www.tradingview.com; hxxps://
www.youtube.com
CHR HomePage: Default -> hxxps://
www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://seznam.cz/"
CHR Extension: (Překladač Google) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2021-08-15]
CHR Extension: (Prezentace) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-27]
CHR Extension: (Ledger Manager) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\beimhnaefocolcplfimocfiaiefpkgbf [2020-07-24]
CHR Extension: (YouTube) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-01]
CHR Extension: (Webkamera) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfpjcegkjhdnnempidlgmeoaiilpidep [2018-05-17]
CHR Extension: (Proxy SwitchySharp) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm [2020-03-15]
CHR Extension: (Adobe Acrobat) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-03-12]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-11-10]
CHR Extension: (Tabulky) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-25]
CHR Extension: (Ledger Wallet Ethereum) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmlhkialjkaldndjnlcdfdphcgeadkkm [2019-03-20]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-08-18]
CHR Extension: (Ledger Wallet Bitcoin) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkdpmhnladdopljabkgpacgpliggeeaf [2020-07-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2020-04-06]
CHR Extension: (Gmail) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-30]
CHR Profile: C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-08-21]
CHR Profile: C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-08-16]
CHR HomePage: Profile 1 -> hxxps://
www.google.com/
CHR StartupUrls: Profile 1 -> "hxxps://
www.google.cz/"
CHR Extension: (Překladač Google) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-03-20]
CHR Extension: (Prezentace) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-05-11]
CHR Extension: (Dokumenty) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2019-05-11]
CHR Extension: (Disk Google) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-11]
CHR Extension: (YouTube) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-05-11]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-07-28]
CHR Extension: (Adobe Acrobat) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-03-29]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-11-11]
CHR Extension: (Tabulky) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-05-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-11]
CHR Extension: (Gmail) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-27]
CHR Extension: (Chrome Media Router) - C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-11]
CHR Profile: C:\Users\lenovo y50\AppData\Local\Google\Chrome\User Data\System Profile [2021-08-21]
CHR HKU\S-1-5-21-3824366190-495201528-3455353946-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1046904 2020-03-04] (Autodesk, Inc. -> Autodesk Inc.)
S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-26] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8262736 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
S4 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc -> Autodesk, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [627480 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [1616664 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [374552 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-05-22] (Avast Software s.r.o. -> AVAST Software)
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [12414176 2021-03-23] (Avast Software s.r.o. -> AVAST Software)
S4 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11279752 2021-05-25] (Microsoft Corporation -> Microsoft Corporation)
S4 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-08-14] (Disc Soft Ltd -> Disc Soft Ltd)
R2 LkCitadelServer; C:\WINDOWS\SysWOW64\lkcitdl.exe [695136 2008-06-17] (National Instruments Corporation -> National Instruments, Inc.)
R2 lkClassAds; C:\WINDOWS\SysWOW64\lkads.exe [40488 2008-06-17] (National Instruments Corporation -> National Instruments Corporation)
R2 lkTimeSync; C:\WINDOWS\SysWOW64\lktsrv.exe [50736 2008-06-17] (National Instruments Corporation -> National Instruments Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7477704 2021-08-18] (Malwarebytes Inc -> Malwarebytes)
S4 mxssvr; C:\Program Files (x86)\National Instruments\MAX\nimxs.exe [12696 2008-04-02] (National Instruments Corporation -> National Instruments Corporation)
S4 NIDomainService; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [213552 2008-06-17] (National Instruments Corporation -> National Instruments Corporation)
S4 NILM License Manager; C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe [1007616 2008-06-12] (Macrovision Corporation) [File not signed]
S4 niLXIDiscovery; C:\Program Files (x86)\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe [129144 2008-06-20] (National Instruments Corporation -> National Instruments Corporation)
S4 nimDNSResponder; C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [192112 2008-06-18] (National Instruments Corporation -> National Instruments Corporation)
R2 niSvcLoc; C:\WINDOWS\SysWOW64\nisvcloc.exe [8656 2007-11-06] (NITestingCert -> National Instruments Corporation) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\NisSrv.exe [3004048 2019-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MsMpEng.exe [103384 2019-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2017-04-15] (ASUSTeK Computer Inc. -> )
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [218976 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [367640 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250392 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99352 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [17344 2021-08-16] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41352 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [184648 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [559816 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108408 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82904 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851704 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [471920 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215392 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [328568 2021-08-16] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [21928 2013-06-04] (BoiseTest -> Windows (R) Win 7 DDK provider)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-09-25] (Disc Soft Ltd -> Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-08-18] (Malwarebytes Inc -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-08-18] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-08-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-08-22] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69016 2021-08-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-08-18] (Malwarebytes Inc -> Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [156880 2021-08-20] (Malwarebytes Inc -> Malwarebytes)
S3 nidimk; C:\WINDOWS\system32\drivers\nidimkl.sys [11872 2008-06-13] (National Instruments Corporation -> National Instruments Corporation)
S3 niorbk; C:\WINDOWS\system32\drivers\niorbkl.sys [11856 2008-06-13] (National Instruments Corporation -> National Instruments Corporation)
S3 nipalfwedl; C:\WINDOWS\System32\drivers\nipalfwedl.sys [12928 2008-06-13] (National Instruments Corporation -> National Instruments Corporation)
R0 NIPALK; C:\WINDOWS\System32\drivers\nipalk.sys [875096 2008-06-13] (National Instruments Corporation -> National Instruments Corporation)
S3 nipalusbedl; C:\WINDOWS\System32\drivers\nipalusbedl.sys [12920 2008-06-13] (National Instruments Corporation -> National Instruments Corporation)
R0 nipbcfk; C:\WINDOWS\System32\drivers\nipbcfk.sys [16472 2007-07-10] (National Instruments Corporation -> National Instruments Corporation)
S3 NiViFWK; C:\WINDOWS\System32\drivers\NiViFWKl.sys [11896 2008-06-20] (National Instruments Corporation -> National Instruments Corporation)
S3 NiViPciK; C:\WINDOWS\System32\drivers\NiViPciKl.sys [11872 2008-06-20] (National Instruments Corporation -> National Instruments Corporation)
R2 NiViPxiK; C:\WINDOWS\System32\drivers\NiViPxiKl.sys [11872 2008-06-20] (National Instruments Corporation -> National Instruments Corporation)
S3 RtlWlanu; C:\WINDOWS\System32\drivers\rtl8188gu.sys [1208768 2018-04-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46688 2019-10-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [350136 2019-10-14] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54200 2019-10-14] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-08-22 00:31 - 2021-08-22 00:31 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-08-22 00:31 - 2021-08-22 00:31 - 000069016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-08-21 20:13 - 2021-08-23 16:17 - 000059020 _____ C:\Users\lenovo y50\Desktop\FRST.txt
2021-08-21 20:13 - 2021-08-21 20:13 - 000000000 ____D C:\Users\lenovo y50\Desktop\FRST-OlderVersion
2021-08-21 11:41 - 2021-08-21 11:41 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-08-21 11:41 - 2021-08-21 11:41 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-08-21 11:41 - 2021-08-21 11:41 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-08-21 11:41 - 2021-08-21 11:41 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb
2021-08-21 11:40 - 2021-08-21 11:40 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-08-21 11:39 - 2021-08-21 11:39 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-08-21 11:39 - 2021-08-21 11:39 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-08-21 11:39 - 2021-08-21 11:39 - 000011347 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-08-21 11:38 - 2021-08-21 11:38 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-08-21 11:38 - 2021-08-21 11:38 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-08-21 11:36 - 2021-08-21 11:36 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-08-21 11:06 - 2021-08-21 11:06 - 000000000 ___HD C:\$WinREAgent
2021-08-18 20:22 - 2021-08-20 19:55 - 000156880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-08-18 20:22 - 2021-08-18 20:22 - 000005355 _____ C:\Users\lenovo y50\Desktop\adww.txt
2021-08-18 20:21 - 2021-08-18 20:21 - 000005634 _____ C:\Users\lenovo y50\Desktop\adw.txt
2021-08-18 20:16 - 2021-08-23 16:12 - 000000000 ____D C:\Users\lenovo y50\AppData\LocalLow\IGDump
2021-08-18 20:14 - 2021-08-18 20:14 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-08-18 20:14 - 2021-08-18 20:14 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-08-18 20:13 - 2021-08-18 20:13 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-08-18 20:13 - 2021-08-18 20:13 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-08-18 20:13 - 2021-08-18 20:13 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-08-18 20:13 - 2021-08-18 20:13 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-08-18 20:12 - 2021-08-18 20:12 - 002120496 _____ (Malwarebytes) C:\Users\lenovo y50\Downloads\MBSetup.exe
2021-08-17 20:00 - 2021-08-21 20:13 - 002300928 _____ (Farbar) C:\Users\lenovo y50\Desktop\FRST64.exe
2021-08-17 20:00 - 2021-08-17 20:00 - 002300416 _____ (Farbar) C:\Users\lenovo y50\Downloads\FRST64.exe
2021-08-17 14:47 - 2021-08-22 00:31 - 005209200 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-08-16 20:17 - 2021-08-22 16:32 - 000000000 ____D C:\Users\lenovo y50\AppData\Local\Discord
2021-08-16 14:17 - 2021-08-16 14:16 - 000339736 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-08-16 14:16 - 2021-08-16 14:16 - 000215392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-08-16 14:14 - 2021-08-16 20:05 - 000003542 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-08-11 08:46 - 2021-08-11 08:46 - 000509114 _____ C:\Users\lenovo y50\Downloads\2217468546.pdf
2021-08-10 16:35 - 2021-08-16 20:38 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-08-10 16:35 - 2021-08-16 20:38 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-08-07 10:01 - 2021-08-07 10:01 - 000017408 _____ C:\Users\lenovo y50\Downloads\www (1).xlsx
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-08-23 16:16 - 2020-02-03 16:27 - 000000000 ____D C:\FRST
2021-08-23 16:09 - 2021-03-24 16:12 - 000000000 ____D C:\Users\lenovo y50\AppData\Roaming\discord
2021-08-23 16:08 - 2018-04-20 16:54 - 000000000 ____D C:\Users\lenovo y50\AppData\Local\AVAST Software
2021-08-23 16:06 - 2017-06-01 14:36 - 000000000 ____D C:\Program Files (x86)\Google
2021-08-23 16:04 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-08-23 16:03 - 2020-08-17 19:01 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-08-22 00:36 - 2020-08-17 19:09 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-08-22 00:36 - 2019-12-07 16:41 - 000718024 _____ C:\WINDOWS\system32\perfh005.dat
2021-08-22 00:36 - 2019-12-07 16:41 - 000145166 _____ C:\WINDOWS\system32\perfc005.dat
2021-08-22 00:36 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-08-22 00:32 - 2017-09-25 16:07 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-08-22 00:32 - 2016-11-22 01:34 - 000000000 __SHD C:\Users\lenovo y50\IntelGraphicsProfiles
2021-08-22 00:32 - 2016-11-22 01:24 - 000000000 ____D C:\ProgramData\NVIDIA
2021-08-22 00:31 - 2020-08-17 19:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-22 00:31 - 2020-08-17 19:01 - 000008192 ___SH C:\DumpStack.log.tmp
2021-08-22 00:31 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-08-22 00:31 - 2017-06-01 14:37 - 000000000 ____D C:\ProgramData\AVAST Software
2021-08-22 00:30 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-08-22 00:30 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-08-22 00:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-08-22 00:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-08-22 00:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-08-22 00:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-08-22 00:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-08-22 00:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-08-22 00:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-08-22 00:30 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-08-22 00:30 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-08-21 20:08 - 2021-06-21 20:00 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-08-21 20:04 - 2020-06-03 23:57 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-21 20:04 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-08-21 20:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-08-21 11:50 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-08-21 11:06 - 2020-11-22 21:20 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-08-20 20:06 - 2017-06-02 15:06 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-08-20 19:56 - 2017-06-01 14:37 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-08-20 19:55 - 2017-06-02 15:06 - 133215968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-08-18 20:24 - 2017-06-01 14:50 - 000000000 ____D C:\Users\lenovo y50\AppData\Roaming\PSpad
2021-08-18 20:21 - 2021-06-13 09:19 - 000000000 ____D C:\Users\lenovo y50\Desktop\office
2021-08-18 20:14 - 2019-02-11 16:03 - 000000000 ____D C:\ProgramData\Mozilla
2021-08-18 20:14 - 2017-06-03 09:11 - 000000000 ____D C:\Users\lenovo y50\AppData\LocalLow\Mozilla
2021-08-18 20:13 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-08-18 20:13 - 2017-11-12 16:55 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-08-17 20:01 - 2017-06-03 09:11 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-08-17 20:01 - 2017-06-03 09:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-08-17 14:20 - 2021-06-29 20:30 - 000003572 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-17 14:20 - 2021-06-29 20:30 - 000003348 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-08-17 14:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-08-16 20:38 - 2020-08-17 19:20 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-08-16 20:36 - 2021-06-13 09:12 - 000000000 ____D C:\WINDOWS\AutoKMS
2021-08-16 20:36 - 2021-03-24 16:11 - 000000000 ____D C:\Users\lenovo y50\AppData\Local\SquirrelTemp
2021-08-16 20:36 - 2020-08-02 09:32 - 000000000 ____D C:\Users\lenovo y50\AppData\Roaming\Telegram Desktop
2021-08-16 20:36 - 2017-06-01 15:23 - 000000000 ____D C:\Users\lenovo y50\AppData\Local\CrashDumps
2021-08-16 20:17 - 2021-03-24 16:12 - 000002288 _____ C:\Users\lenovo y50\Desktop\Discord.lnk
2021-08-16 20:17 - 2021-03-24 16:12 - 000000000 ____D C:\Users\lenovo y50\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2021-08-16 20:13 - 2017-12-27 14:03 - 000000000 ____D C:\Users\lenovo y50\AppData\Local\ElevatedDiagnostics
2021-08-16 20:02 - 2017-06-02 14:22 - 000000000 ____D C:\Program Files\WinRAR
2021-08-16 14:16 - 2020-10-17 01:30 - 000184648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-08-16 14:16 - 2020-04-16 11:12 - 000559816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-08-16 14:16 - 2019-01-14 16:44 - 000367640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-08-16 14:16 - 2019-01-07 08:05 - 000250392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-08-16 14:16 - 2019-01-07 08:05 - 000099352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-08-16 14:16 - 2018-10-28 19:23 - 000041352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-08-16 14:16 - 2018-06-24 11:25 - 000017344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2021-08-16 14:16 - 2017-11-19 20:14 - 000218976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-08-16 14:16 - 2017-06-01 14:41 - 000851704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-08-16 14:16 - 2017-06-01 14:41 - 000471920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-08-16 14:16 - 2017-06-01 14:41 - 000328568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-08-16 14:16 - 2017-06-01 14:41 - 000108408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-08-16 14:16 - 2017-06-01 14:41 - 000082904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-08-16 14:14 - 2017-08-20 13:48 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-08-16 14:14 - 2017-06-02 14:22 - 000000000 ____D C:\Users\lenovo y50\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-08-16 14:14 - 2017-06-02 14:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-08-07 10:02 - 2018-01-29 19:29 - 000000000 ____D C:\Users\lenovo y50\AppData\Local\Packages
==================== Files in the root of some directories ========
2019-01-27 17:51 - 2019-07-31 19:46 - 000000132 _____ () C:\Users\lenovo y50\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2019-04-23 19:06 - 2019-04-23 19:06 - 000000132 _____ () C:\Users\lenovo y50\AppData\Roaming\Filtr IIIExport Adobe CS6 – předvolby
2017-06-03 12:38 - 2017-06-03 12:38 - 000000600 _____ () C:\Users\lenovo y50\AppData\Roaming\winscp.rnd
2017-06-03 10:53 - 2021-01-10 10:59 - 000001480 _____ () C:\Users\lenovo y50\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2018-10-01 20:19 - 2018-10-01 20:19 - 000000000 _____ () C:\Users\lenovo y50\AppData\Local\oobelibMkey.log
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================