Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Blikání aktivní/neaktivní okno

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
MercedesJenz
Návštěvník
Návštěvník
Příspěvky: 18
Registrován: 05 lis 2016 20:03

Blikání aktivní/neaktivní okno

#1 Příspěvek od MercedesJenz »

Dobrý den,
již delší dobu mě trápí samovolné přepínání okna z aktivního na neaktivní cca každých 10 vteřin, což znemožňuje jakoukoliv práci. Přeinstaloval jsem operační systém a znovu si nainstaloval své programy - nepomohlo. Poté jsem podle rad zde na viry.cz projížděl PC pomocí ADW cleaneru, bez účinku. Ještě jsem našel návod zde http://forum.viry.cz/viewtopic.php?f=13&t=136470 ale to vždy pomůže pouze na pár hodin. Přikládám log RSIT podle návodu.
Mockrát děkuji za jakoukoliv pomoc!!


Logfile of random's system information tool 1.14 (written by random/random)
Run by Jan at 2016-11-05 20:24:26
Microsoft Windows 8.1
System drive C: has 157 GB (17%) free of 905 GB
Total RAM: 8048 MB (64% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:24:29, on 5. 11. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Users\Jan\AppData\Local\Akamai\netsession_win.exe
C:\Users\Jan\AppData\Local\Akamai\netsession_win.exe
C:\Users\Jan\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe
C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe
C:\Program Files\trend micro\Jan_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE12DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [ADSK DLMSession] C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Autodesk Desktop App] "C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Jan\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [f.lux] "C:\Users\Jan\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_1F14D2380DB1DE09582B9D790BD95BA5] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-21-3840663496-1805175044-893499811-1008\..\Run: [GoogleChromeAutoLaunch_1F14D2380DB1DE09582B9D790BD95BA5] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3840663496-1805175044-893499811-1008\..\Run: [Akamai NetSession Interface] "C:\Users\Jan\AppData\Local\Akamai\netsession_win.exe" (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3840663496-1805175044-893499811-1008\..\Run: [f.lux] "C:\Users\Jan\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3840663496-1805175044-893499811-1008\..\Run: [StartWMDriverWiz] C:\WINDOWS\system32\rundll32.exe C:\PROGRA~2\COMMON~1\Logitech\WmDrivers\wmwizard.dll,WMWizardMain (User 'UpdatusUser')
O4 - Startup: Poslat do aplikace OneNote.lnk = C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: Autodesk Desktop App Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\WINDOWS\system32\HPSIsvc.exe (file missing)
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: Autodesk Simulation Moldflow MITSI 2016 Job Manager (mitsijm2016) - Autodesk, Inc. - C:\Program Files\Autodesk\Inventor 2016\Moldflow\bin\mitsijm.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 13958 bytes

======Enumerating Processes======

C:\WINDOWS\system32\wininit.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"C:\WINDOWS\system32\nvvsvc.exe"
C:\WINDOWS\system32\dwm.exe
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\system32\HPSIsvc.exe
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe"
"C:\Program Files\Autodesk\Inventor 2016\Moldflow\bin\mitsijm.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-20619c75-aae8-49cc-a9db-36e50a724284 -SystemEventPortName:HostProcess-1bc61067-f4c0-41d8-ad7a-185143182ff1 -IoCancelEventPortName:HostProcess-c271b620-2245-4a14-a230-b0a1ece3397d -NonStateChangingEventPortName:HostProcess-db3c68fd-c65c-4324-812e-9fed39db55e9 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:0164df8d-d7c2-4716-bfe7-933aac0c2f4a -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\WINDOWS\system32\taskhostex.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\Explorer.EXE
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\Windows\System32\skydrive.exe -Embedding
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 "--database=C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=54.0.2840.71 --handshake-handle=0x10c
"C:\Windows\RTFTrack.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe" /m
"C:\Program Files (x86)\Bluetooth Suite\BtTray.exe"
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\Users\Jan\AppData\Local\Akamai\netsession_win.exe"
C:\Users\Jan\AppData\Local\Akamai\netsession_win.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,*SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials="*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/Override YouTube Flash emed/YouTubeFlashRewrite/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/*SubresourceFilter/Disabled/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_35/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/" --primordial-pipe-token=07CED06D3CC6255B2FB2ABF5F0581BD7 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=07CED06D3CC6255B2FB2ABF5F0581BD7 --channel="1908.2.297698675\209515753" --mojo-platform-channel-handle=3212 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,*SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials="*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/Override YouTube Flash emed/YouTubeFlashRewrite/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/*SubresourceFilter/Disabled/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_35/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/" --primordial-pipe-token=A5C15E5FFC21A4A544DE5878EF93A46D --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=A5C15E5FFC21A4A544DE5878EF93A46D --channel="1908.3.1643548381\556832154" --mojo-platform-channel-handle=3212 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,*SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials="*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/Override YouTube Flash emed/YouTubeFlashRewrite/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/*SubresourceFilter/Disabled/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_35/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/" --primordial-pipe-token=7189F79F54EBE3AEF5CBDE3F29D554CC --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=7189F79F54EBE3AEF5CBDE3F29D554CC --channel="1908.4.1223003955\160536670" --mojo-platform-channel-handle=3348 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,*SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials="*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/Override YouTube Flash emed/YouTubeFlashRewrite/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/*SubresourceFilter/Disabled/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_35/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/" --primordial-pipe-token=794500FB029CE6F860F28863E0825A83 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=794500FB029CE6F860F28863E0825A83 --channel="1908.5.2037083786\558207919" --mojo-platform-channel-handle=3744 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,*SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials="*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/Override YouTube Flash emed/YouTubeFlashRewrite/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/*SubresourceFilter/Disabled/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_35/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/" --primordial-pipe-token=DC15F6A296CA8E08FE9E4B83BE7BABCE --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=DC15F6A296CA8E08FE9E4B83BE7BABCE --channel="1908.6.1789261015\963339990" --mojo-platform-channel-handle=3848 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,*SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials="*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/Override YouTube Flash emed/YouTubeFlashRewrite/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/*SubresourceFilter/Disabled/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_35/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/" --primordial-pipe-token=792F65D22CDEA28658B5FF1DB9F97B1B --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=792F65D22CDEA28658B5FF1DB9F97B1B --channel="1908.8.526203305\630796384" --mojo-platform-channel-handle=4016 /prefetch:1
"C:\Users\Jan\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
"C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe"
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
"C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
"C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe" --approot=SOFTWARE\Autodesk --appAgent=/AUTODESKDESKTOPAPP/6.2.0.174/cs-CZ/0001 --lang=cs-CZ --cache-path="C:\Users\Jan\AppData\Local\Autodesk\Autodesk Desktop App\BrowserCache" --peerPid=6912
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE" -Embedding
"C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe" --type=gpu-process --channel="7656.0.2145379544\1824721688" --no-sandbox --lang=cs-CZ --log-severity=disable --peerpid=6912 --disable-image-transport-surface --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,1,5,14,27 --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2932 --lang=cs-CZ --log-severity=disable --peerpid=6912 /prefetch:822062411
C:\WINDOWS\system32\dashost.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,*SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials="*AppBannerTriggering/site-engagement-eager/*AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/*Override YouTube Flash emed/YouTubeFlashRewrite/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/*SubresourceFilter/Disabled/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_35/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/" --primordial-pipe-token=7F1647A25D089DCA848F671D4917997F --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=7F1647A25D089DCA848F671D4917997F --channel="1908.479.925144406\1575579001" --mojo-platform-channel-handle=7960 /prefetch:1
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
C:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\WINDOWS\splwow64.exe 8192
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,*SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials="*AppBannerTriggering/site-engagement-eager/*AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/*Override YouTube Flash emed/YouTubeFlashRewrite/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/*SubresourceFilter/Disabled/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_35/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/" --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=5,14,15,16,19,33,34,50,59,65 --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2932 --gpu-driver-date=12-12-2012 --gpu-secondary-vendor-ids=0x10de --gpu-secondary-device-ids=0x0fd9 --gpu-active-vendor-id=0x8086 --gpu-active-device-id=0x0166 --mojo-application-channel-token=2F84E88A5CA205CFEB9AD3A14F5A1A92 --mojo-platform-channel-handle=18632 --ignored=" --type=renderer " /prefetch:2
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe135_ Global\UsGthrCtrlFltPipeMssGthrPipe135 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 572 576 584 65536 580
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-3840663496-1805175044-893499811-1002136_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-3840663496-1805175044-893499811-1002136 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Users\Jan\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3840663496-1805175044-893499811-1002 - %localappdata%\Microsoft\OneDrive\OneDrive.exe /autoupdate
C:\WINDOWS\system32\tasks\MirageAgent - C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\WINDOWS\system32\tasks\OneDrive Standalone Update Task - C:\Users\Jan\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
C:\WINDOWS\system32\tasks\Synaptics TouchPad Enhancements - \Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\WINDOWS\system32\tasks\Microsoft\Windows\WS\License Validation - rundll32.exe WSClient.dll,WSpTLR licensing
C:\WINDOWS\system32\tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask - rundll32.exe WSClient.dll,RefreshBannedAppsList
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - %SystemRoot%\System32\AutoWorkplace.exe join
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION /FIRSTTIME
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCleanup
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - %ProgramFiles%\Windows Defender\MpCmdRun.exe Scan -ScheduleJob
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdVerification
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\Lpksetup - C:\WINDOWS\System32\lpksetup.exe -v
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\Mcbuilder - C:\WINDOWS\System32\mcbuilder.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent /increment
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe %windir%\system32\invagent.dll,RunUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\Office Automatic Updates - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /update SCHEDULEDTASK displaylevel=False
C:\WINDOWS\system32\tasks\Microsoft\Office\Office ClickToRun Service Monitor - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /WatchService
C:\WINDOWS\system32\tasks\Microsoft\Office\Office Subscription Maintenance - C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 - C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe scan upload mininterval:2880
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 - C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe scan upload

=========Google Chrome=========

C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapbdbdomjkkjkaonfhkkikfgjllcleb 1 Překladač Google 2.0.6
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentace Google 0.9
Extension aciahcmjmecflokailenpkdchphgkefd 1 Entanglement Web App 3.4.9
Extension adapibeileacgechmgngdfekbjleadnj
Extension aelbknmfcacjffmgnoaaonhgoghlmlkp
Extension afbpdhiclgghnffhkinjikglgmolhpee 1 Torrent Search 1.2.0.7
Extension agoenciogemlojlhccbcpcfflicgnaak 1 BIODIGITAL HUMAN 3.1.3
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension akjbfncbadcmnkopckegnmjgihagponf 1 HD for YouTube™ 2.0
Extension aknpkdffaafgjchaibgeefbgmgeghloj
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension beapnbfmjmjhhfpaoajfhjbbfnnlfpnc 0
Extension beobeededemalmllhkmnkinmfembdimh 1 TV 1.0.12
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension bfbmjmiodbnnpllbbbfblcplfjjepjdn 1 Zhasnout světla 3.3.0.6
Extension bgjpfhpjcgdppjbgnpnjllokbmcdllig 1 Seznam Lištička - Email 1.3.14
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension bppbpeijolfcampacpljolaegibfhjph 1 TV 2.6
Extension cgbncpmdcgnaoplhdfakiogmpejpogmj
Extension cihohekcekjgjdkeljpkbaaecgfoimbj 1 Mac OS X Simple Theme 1.0.1
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension ejnkaeblpdcamcioiiabclakabcbjmbl 1 Box 1.2.2
Extension ejocekekgcaldnmjngfdbmbeebcekelc 0 SPOTS - A better way to start 0.5.2
Extension ekbaidcchahkpedbhdenlmleimihkcim
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabulky Google 1.1
Extension fheoggkfdfchfphceeifdbepaooicaho 0 McAfee® WebAdvisor 4.0.0.1
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension gighmmpiobklfepjocnamgkkbiglidom 1 AdBlock 3.4.0
Extension hekhdfjankbhklfkjmnmnefcacndeoll 1 2048 1.2
Extension hepianaooikobedamdjojdfjldpoelbm
Extension hghjhjccnjnjmklfmgohipnifagbaaee 1 Přepínání Mapy.cz a Google Maps™ 2.5
Extension hjhdnhiofjddcapmffbllcpaodjmdphn 1 Invert Page Colors 0.9.3
Extension hmiebhdnnejnaijgmkhomnheecmonjli 1 Weather Now 0.0.5
Extension hncgklnmcokagjlmdkjneiabailabkop 1 ZenCast 0.1.5
Extension ifikafigdaiookblpafdpjfkffiocafj 1 Knotes 1.4.7
Extension jclipofobaadknkadkpgggmjkebddjam 1 PDF to Word Converter App 2.1
Extension jddfpnmfhodaljeelokfceepbeapgbdn 1 Online PDF Tools 2.0.0.1
Extension jfppgkomfopklagggkjiaddgndkgopgl 0
Extension joodangkbfjnajiiifokapkpmhfnpleo 1 Kalkulačka 2.1.11
Extension kdmmkfaghgcicheaimnpffeeekheafkb 1 Autodesk Homestyler 3.0.0
Extension kgcpghlamffckiijcagnbjmagpbfhiai
Extension kjehaadplpgckpgeoddpnijogjaldela 1 Převod měn 1.4
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension lneaknkopdijkpnocmklfnjbeapigfbh 1 Mapy Google 5.4.1
Extension mcafejemebbngbglfoinpoaannbihjna 1 Planner 5D - Interior Design 1.5.1.0
Extension meefjekipolcgabfgaclcpdkbghhmoah 1 HUMAN 3.0 3.2.1
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension mihcahmgecmbnbcchbopgniflfhgnkff 1 Kontrola e-mailu Google 4.4.0
Extension mjcnijlhddpbdemagnpefmlkjdagkogk 1 Pocket 0.810
Extension mnaaclhkigagfmmmejenjpgjmemgkipa 1 Math Science Engineering Calculators 1.4
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension niloccemoadcdkdjlinkgdfekeahmflj 1 Save to Pocket 2.1.11
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.0
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.0
Extension nphgeidmkmbmehnihdconhbclfgcdodn
Extension pchjhmiapbbphflbgejhigbmfmmgbngn
Extension pfpeapihoiogbcmdmnibeplnikfnhoge 1 Outlook.com 1.0.2
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5416.905.0.6
Homepage: http://www.seznam.cz/
default_search_provider.search_url:
C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho]
"Path"=


======Registry dump======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={8A3CB235-B68F-4A58-813E-43523810EB77}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8A3CB235-B68F-4A58-813E-43523810EB77}]
"URL"=http://www.bing.com/search?q={searchTer ... &pc=MALNJS


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={8A3CB235-B68F-4A58-813E-43523810EB77}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{8A3CB235-B68F-4A58-813E-43523810EB77}]
"URL"=http://www.bing.com/search?q={searchTer ... &pc=MALNJS

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-10-27 214224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-11 64640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-27 2850608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-10-27 151248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-10-27 1931048]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtsFT"=RTFTrack.exe []
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-08-10 13191824]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2012-08-06 1215632]
"SynLenovoGestureMgr"=C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [2012-08-16 665400]
"BtTray"=C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [2012-08-11 764032]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2012-08-11 127616]
"OnekeyStudio"=C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [2012-08-10 4196432]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2016-09-24 17111056]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2016-09-24 193008]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-08-16 2916152]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2012-12-19 172168]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2012-12-19 400008]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2012-12-19 441992]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"=C:\Users\Jan\AppData\Local\Akamai\netsession_win.exe [2015-09-10 4691384]
"f.lux"=C:\Users\Jan\AppData\Local\FluxSoftware\Flux\flux.exe [2013-10-23 1017224]
"GoogleChromeAutoLaunch_1F14D2380DB1DE09582B9D790BD95BA5"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2016-10-20 1083496]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-10-17 27021952]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"YouCam Mirage"=C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27 136488]
"YouCam Tray"=C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [2012-07-27 167024]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2012-04-19 217088]
"RemoteControl10"=C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [2012-03-29 91432]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"ADSK DLMSession"=C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [2015-01-28 1627032]
"ControlCenter4"=C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [2014-06-16 139776]
"BrStsMon00"=C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2014-05-22 4513792]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-16 1156824]
"Autodesk Desktop App"=C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [2016-07-01 721856]

C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Poslat do aplikace OneNote.lnk - C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\windows\system32\nvinitx.dll,C:\WINDOWS\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath"="C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-11-05 20:01:59 ----D---- C:\rsit
2016-11-05 20:01:59 ----D---- C:\Program Files\trend micro
2016-10-30 20:49:04 ----D---- C:\Program Files (x86)\Hewlett-Packard
2016-10-30 20:44:56 ----A---- C:\WINDOWS\system32\HP1100SM.EXE
2016-10-30 20:44:55 ----A---- C:\WINDOWS\system32\HP1100LM.DLL
2016-10-30 20:44:51 ----A---- C:\WINDOWS\system32\HPSIsvc.exe
2016-10-30 20:42:11 ----D---- C:\Program Files\HP
2016-10-30 20:42:11 ----A---- C:\WINDOWS\system32\mvhlewsi.dll
2016-10-30 20:41:33 ----A---- C:\WINDOWS\system32\drivers\mvusbews.sys
2016-10-30 20:41:28 ----A---- C:\WINDOWS\system32\mvusbews.dll
2016-10-30 20:41:23 ----A---- C:\WINDOWS\system32\HP1100SMs.dll
2016-10-30 20:39:38 ----D---- C:\LJP1100_P1560_P1600_Full_Solution
2016-10-30 16:14:33 ----RD---- C:\Program Files (x86)\Skype
2016-10-30 16:14:18 ----D---- C:\ProgramData\Skype
2016-10-29 09:02:42 ----D---- C:\AdwCleaner
2016-10-28 15:42:17 ----D---- C:\_OTM
2016-10-21 15:38:22 ----D---- C:\Users\Jan\AppData\Roaming\vlc
2016-10-21 15:09:32 ----D---- C:\Program Files\VideoLAN
2016-10-21 07:46:45 ----A---- C:\WINDOWS\SYSWOW64\LWCtPl.dll
2016-10-21 07:46:37 ----A---- C:\WINDOWS\SYSWOW64\drivers\LUsbSys.sys
2016-10-21 07:46:37 ----A---- C:\WINDOWS\SYSWOW64\drivers\LHidHi.sys
2016-10-21 07:46:37 ----A---- C:\WINDOWS\SYSWOW64\drivers\ihidfilt.sys
2016-10-21 07:46:36 ----A---- C:\WINDOWS\SYSWOW64\drivers\LHidLo.sys
2016-10-21 07:46:35 ----A---- C:\WINDOWS\SYSWOW64\WMWizard.dll
2016-10-21 07:46:35 ----A---- C:\WINDOWS\SYSWOW64\W9xDAPI.dll
2016-10-21 07:46:34 ----A---- C:\WINDOWS\SYSWOW64\W9XdInst.dll
2016-10-21 07:46:33 ----A---- C:\WINDOWS\SYSWOW64\WmJoyFrc.dll
2016-10-21 07:46:33 ----A---- C:\WINDOWS\SYSWOW64\LFLoad.sys
2016-10-21 07:45:48 ----D---- C:\Program Files (x86)\Logitech
2016-10-19 10:56:40 ----D---- C:\Program Files (x86)\Desktop Lighter
2016-10-14 09:50:24 ----D---- C:\Users\Jan\AppData\Roaming\mioObjects
2016-10-12 06:12:48 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2016-10-12 06:12:48 ----A---- C:\WINDOWS\system32\appraiser.dll
2016-10-12 06:12:48 ----A---- C:\WINDOWS\system32\aeinv.dll
2016-10-12 06:12:48 ----A---- C:\WINDOWS\system32\acmigration.dll
2016-10-12 06:12:47 ----A---- C:\WINDOWS\system32\invagent.dll
2016-10-12 06:12:47 ----A---- C:\WINDOWS\system32\generaltel.dll
2016-10-12 06:12:47 ----A---- C:\WINDOWS\system32\devinv.dll
2016-10-12 06:12:47 ----A---- C:\WINDOWS\system32\aepic.dll
2016-10-12 06:12:46 ----A---- C:\WINDOWS\system32\centel.dll
2016-10-12 06:12:39 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-10-12 06:12:31 ----A---- C:\WINDOWS\system32\wmp.dll
2016-10-12 06:12:28 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2016-10-12 06:12:25 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-10-12 06:12:23 ----A---- C:\WINDOWS\SYSWOW64\esent.dll
2016-10-12 06:12:23 ----A---- C:\WINDOWS\system32\esent.dll
2016-10-12 06:12:22 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-10-12 06:12:22 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-10-12 06:12:19 ----A---- C:\WINDOWS\system32\d3d11.dll
2016-10-12 06:12:18 ----A---- C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-10-12 06:12:17 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-10-12 06:12:17 ----A---- C:\WINDOWS\system32\DWrite.dll
2016-10-12 06:12:16 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-10-12 06:12:16 ----A---- C:\WINDOWS\SYSWOW64\d3d11.dll
2016-10-12 06:12:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Streaming.dll
2016-10-12 06:12:11 ----A---- C:\WINDOWS\system32\MSVidCtl.dll
2016-10-12 06:12:10 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-10-12 06:12:10 ----A---- C:\WINDOWS\system32\wininet.dll
2016-10-12 06:12:10 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-10-12 06:12:10 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-10-12 06:12:10 ----A---- C:\WINDOWS\system32\FntCache.dll
2016-10-12 06:12:09 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-10-12 06:12:09 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-10-12 06:12:09 ----A---- C:\WINDOWS\SYSWOW64\ntshrui.dll
2016-10-12 06:12:09 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2016-10-12 06:12:09 ----A---- C:\WINDOWS\system32\win32k.sys
2016-10-12 06:12:09 ----A---- C:\WINDOWS\system32\ntshrui.dll
2016-10-12 06:12:09 ----A---- C:\WINDOWS\system32\drivers\mrxdav.sys
2016-10-12 06:12:09 ----A---- C:\WINDOWS\system32\drivers\dfsc.sys
2016-10-12 06:12:08 ----A---- C:\WINDOWS\system32\wbengine.exe
2016-10-12 06:12:08 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-10-12 06:12:08 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2016-10-12 06:12:08 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2016-10-12 06:12:07 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2016-10-12 06:12:07 ----A---- C:\WINDOWS\system32\winload.exe
2016-10-12 06:12:06 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-10-12 06:12:06 ----A---- C:\WINDOWS\system32\drivers\parport.sys
2016-10-12 06:12:05 ----A---- C:\WINDOWS\SYSWOW64\wmploc.DLL
2016-10-12 06:12:05 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2016-10-12 06:12:05 ----A---- C:\WINDOWS\system32\wmploc.DLL
2016-10-12 06:12:05 ----A---- C:\WINDOWS\system32\vbscript.dll
2016-10-12 06:12:04 ----A---- C:\WINDOWS\SYSWOW64\rastapi.dll
2016-10-12 06:12:04 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2016-10-12 06:12:04 ----A---- C:\WINDOWS\system32\PlayToDevice.dll
2016-10-12 06:12:04 ----A---- C:\WINDOWS\system32\inetcomm.dll
2016-10-12 06:12:03 ----A---- C:\WINDOWS\SYSWOW64\PlayToDevice.dll
2016-10-12 06:12:03 ----A---- C:\WINDOWS\SYSWOW64\MSVidCtl.dll
2016-10-12 06:12:03 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2016-10-12 06:12:03 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2016-10-12 06:12:03 ----A---- C:\WINDOWS\system32\winresume.exe
2016-10-12 06:12:03 ----A---- C:\WINDOWS\system32\drivers\tm.sys
2016-10-12 06:12:02 ----A---- C:\WINDOWS\system32\rastapi.dll
2016-10-12 06:12:02 ----A---- C:\WINDOWS\system32\msfeeds.dll
2016-10-12 06:12:02 ----A---- C:\WINDOWS\system32\drivers\vwififlt.sys
2016-10-12 06:12:01 ----A---- C:\WINDOWS\SYSWOW64\adsmsext.dll
2016-10-12 06:12:01 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2016-10-12 06:12:01 ----A---- C:\WINDOWS\system32\drivers\vwifimp.sys
2016-10-12 06:12:01 ----A---- C:\WINDOWS\system32\drivers\serial.sys
2016-10-12 06:12:01 ----A---- C:\WINDOWS\system32\adsmsext.dll
2016-10-12 06:11:54 ----A---- C:\WINDOWS\system32\offreg.dll
2016-10-12 06:11:53 ----A---- C:\WINDOWS\system32\drivers\vwifibus.sys
2016-10-12 06:11:52 ----A---- C:\WINDOWS\SYSWOW64\offreg.dll
2016-10-12 06:11:51 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2016-10-12 06:11:51 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2016-10-12 06:11:51 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2016-10-12 06:11:51 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2016-10-12 06:11:51 ----A---- C:\WINDOWS\system32\drivers\serenum.sys
2016-10-12 06:11:51 ----A---- C:\WINDOWS\system32\certcli.dll
2016-10-12 06:11:50 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2016-10-12 06:11:50 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2016-10-12 06:11:50 ----A---- C:\WINDOWS\system32\jscript.dll
2016-10-12 06:11:50 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2016-10-12 06:11:28 ----A---- C:\WINDOWS\system32\shell32.dll
2016-10-12 06:11:25 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2016-10-12 06:11:24 ----A---- C:\WINDOWS\system32\twinui.dll
2016-10-12 06:11:23 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-10-12 06:11:23 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2016-10-12 06:11:23 ----A---- C:\WINDOWS\system32\authui.dll
2016-10-12 06:11:22 ----A---- C:\WINDOWS\SYSWOW64\RestoreOptIn.exe
2016-10-12 06:11:22 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2016-10-12 06:11:22 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2016-10-12 06:11:22 ----A---- C:\WINDOWS\system32\RestoreOptIn.exe
2016-10-12 06:11:22 ----A---- C:\WINDOWS\system32\actxprxy.dll
2016-10-12 06:11:22 ----A---- C:\WINDOWS\explorer.exe
2016-10-11 13:20:56 ----D---- C:\Program Files (x86)\Euro Truck Simulator 2
2016-10-10 12:45:00 ----D---- C:\Users\Jan\AppData\Roaming\uTorrent
2016-10-09 12:22:37 ----D---- C:\Users\Jan\AppData\Roaming\ControlCenter4
2016-10-09 10:30:40 ----RD---- C:\Users\Jan\AppData\Roaming\Brother
2016-10-09 10:12:16 ----D---- C:\Brother
2016-10-09 10:11:59 ----D---- C:\ProgramData\ControlCenter4
2016-10-09 10:11:59 ----D---- C:\Program Files (x86)\Browny02
2016-10-09 10:11:51 ----D---- C:\Program Files (x86)\ControlCenter4
2016-10-09 10:11:51 ----A---- C:\WINDOWS\system32\NSSRH64.dll
2016-10-09 10:11:51 ----A---- C:\WINDOWS\system32\BrWiaNCp.dll
2016-10-09 10:11:51 ----A---- C:\WINDOWS\system32\BrSNMP64.dll
2016-10-09 10:11:51 ----A---- C:\WINDOWS\system32\Brnsplg.dll
2016-10-09 10:11:51 ----A---- C:\WINDOWS\system32\BrNetSti.dll
2016-10-09 10:11:39 ----A---- C:\WINDOWS\SYSWOW64\BRTCPCON.DLL
2016-10-09 10:11:39 ----A---- C:\WINDOWS\SYSWOW64\BROSNMP.DLL
2016-10-09 10:11:39 ----A---- C:\WINDOWS\SYSWOW64\BRLMW03A.INI
2016-10-09 10:11:39 ----A---- C:\WINDOWS\SYSWOW64\BRLMW03A.DLL
2016-10-09 10:11:39 ----A---- C:\WINDOWS\SYSWOW64\BRLM03A.DLL
2016-10-09 10:11:39 ----A---- C:\WINDOWS\system32\BrWi213b.dll
2016-10-09 10:11:39 ----A---- C:\WINDOWS\system32\BrJDec.dll
2016-10-09 10:11:38 ----A---- C:\WINDOWS\system32\BRCOM13A.DLL
2016-10-09 10:11:37 ----A---- C:\WINDOWS\system32\BRADM13A.DAT
2016-10-09 10:11:31 ----N---- C:\WINDOWS\SYSWOW64\NSSearch.dll
2016-10-09 10:11:31 ----N---- C:\WINDOWS\SYSWOW64\BrDctF2S.dll
2016-10-09 10:11:31 ----N---- C:\WINDOWS\SYSWOW64\BrDctF2L.dll
2016-10-09 10:11:31 ----N---- C:\WINDOWS\SYSWOW64\BrDctF2.dll
2016-10-09 10:11:31 ----D---- C:\Program Files (x86)\Brother
2016-10-09 09:49:52 ----D---- C:\ProgramData\Brother
2016-10-07 22:32:01 ----D---- C:\ProgramData\FLEXnet

======List of files/folders modified in the last 1 month======

2016-11-05 20:24:23 ----D---- C:\WINDOWS\Temp
2016-11-05 20:24:19 ----D---- C:\Users\Jan\AppData\Roaming\Skype
2016-11-05 20:02:12 ----D---- C:\WINDOWS\Prefetch
2016-11-05 20:01:59 ----RD---- C:\Program Files
2016-11-05 20:00:00 ----D---- C:\WINDOWS\system32\sru
2016-11-05 19:14:39 ----D---- C:\WINDOWS\system32\NDF
2016-11-05 18:36:25 ----RD---- C:\WINDOWS\System32
2016-11-05 18:36:25 ----D---- C:\WINDOWS\Inf
2016-11-05 18:36:25 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-05 14:03:25 ----D---- C:\WINDOWS\Microsoft.NET
2016-11-02 15:57:09 ----D---- C:\WINDOWS\AppReadiness
2016-11-02 07:13:44 ----D---- C:\WINDOWS\system32\config
2016-10-30 20:51:00 ----D---- C:\WINDOWS\system32\catroot
2016-10-30 20:49:04 ----RD---- C:\Program Files (x86)
2016-10-30 20:48:17 ----D---- C:\WINDOWS\system32\drivers
2016-10-30 20:46:53 ----HD---- C:\Program Files\WindowsApps
2016-10-30 20:45:07 ----D---- C:\WINDOWS\system32\DriverStore
2016-10-30 20:42:52 ----SHD---- C:\WINDOWS\Installer
2016-10-30 20:42:50 ----D---- C:\Windows
2016-10-30 20:41:35 ----D---- C:\Program Files (x86)\Common Files
2016-10-30 16:14:18 ----HD---- C:\ProgramData
2016-10-30 12:12:17 ----SHD---- C:\System Volume Information
2016-10-29 09:07:27 ----D---- C:\Program Files (x86)\Amazon
2016-10-29 08:02:58 ----D---- C:\WINDOWS\CbsTemp
2016-10-29 08:02:56 ----D---- C:\WINDOWS\WinSxS
2016-10-29 08:02:56 ----D---- C:\WINDOWS\SysWOW64
2016-10-28 02:22:26 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2016-10-27 15:22:16 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2016-10-27 15:19:43 ----D---- C:\Program Files (x86)\Microsoft Office
2016-10-24 22:54:15 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-10-24 16:14:11 ----D---- C:\WINDOWS\rescache
2016-10-24 15:22:18 ----RSD---- C:\WINDOWS\assembly
2016-10-23 21:27:38 ----D---- C:\Users\Jan\AppData\Roaming\NVIDIA
2016-10-23 21:23:27 ----D---- C:\ProgramData\Package Cache
2016-10-23 11:27:00 ----D---- C:\WINDOWS\Tasks
2016-10-21 07:46:37 ----D---- C:\WINDOWS\SYSWOW64\drivers
2016-10-21 07:45:30 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-10-18 18:39:21 ----D---- C:\Users\Jan\AppData\Roaming\Autodesk
2016-10-18 18:38:03 ----D---- C:\Program Files (x86)\Autodesk
2016-10-15 16:14:18 ----SD---- C:\WINDOWS\system32\CompatTel
2016-10-15 16:14:18 ----D---- C:\WINDOWS\system32\appraiser
2016-10-15 16:14:13 ----D---- C:\WINDOWS\SYSWOW64\en-US
2016-10-15 16:14:13 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-10-15 16:14:13 ----D---- C:\Program Files\Internet Explorer
2016-10-15 16:14:13 ----D---- C:\Program Files (x86)\Internet Explorer
2016-10-15 16:14:12 ----D---- C:\WINDOWS\system32\en-US
2016-10-15 16:14:12 ----D---- C:\WINDOWS\system32\cs-CZ
2016-10-15 16:14:12 ----D---- C:\WINDOWS\system32\Boot
2016-10-15 16:14:11 ----D---- C:\WINDOWS\apppatch
2016-10-15 16:14:08 ----RD---- C:\WINDOWS\ToastData
2016-10-12 12:31:14 ----D---- C:\WINDOWS\system32\MRT
2016-10-12 12:23:16 ----AC---- C:\WINDOWS\system32\MRT.exe
2016-10-12 06:10:03 ----D---- C:\WINDOWS\system32\catroot2
2016-10-11 13:59:52 ----D---- C:\WINDOWS\system32\wbem
2016-10-09 10:12:43 ----D---- C:\WINDOWS\twain_32
2016-10-09 09:58:12 ----D---- C:\ProgramData\Autodesk
2016-10-09 08:03:22 ----D---- C:\Program Files (x86)\McAfee

File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-07-09 645952]
R0 LHDmgr;LHDmgr; C:\WINDOWS\System32\DRIVERS\LhdX64.sys [2016-09-24 39008]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2013-12-26 32544]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2016-08-13 71680]
R3 ACPIVPC;@oem66.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2016-09-24 35600]
R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athw8x.sys [2013-06-18 3680256]
R3 BTATH_HCRP;@oem47.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2012-08-11 178840]
R3 BTATH_RCP;@oem50.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2012-08-11 135832]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2012-08-11 567808]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2014-11-21 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-11-21 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Zařízení Bluetooth (síť PAN); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2016-09-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-11-21 81920]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2012-12-13 5353888]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-08-10 4102928]
R3 IntcDAud;@oem35.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 iwdbus;@oem63.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2012-11-29 25568]
R3 MEIx64;@oem60.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2013-08-08 99288]
R3 mfesapsn;McAfee Process Start Notification Service; \??\C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [2016-06-06 46240]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2013-12-26 11311392]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2016-09-24 167424]
R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-18 591360]
R3 rtsuvc;@oem6.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2012-08-27 8227216]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2012-08-16 43832]
R3 StillCam;@sti.inf,%StillCam.SvcDesc%;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\system32\DRIVERS\serscan.sys [2014-11-21 11776]
R3 SynTP;@oem38.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2012-08-16 447800]
R3 usb3Hub;@oem64.inf,%usb3Hub.SVCDESC%;USB-IF USB 3.0 Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [2012-11-29 47072]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2016-08-13 38912]
R3 wdkmd;@oem53.inf,%WiDi.SVCDESC%;Intel WiDi KMD; C:\WINDOWS\System32\drivers\WDKMD.sys [2012-11-29 42392]
S3 AthBTPort;@oem45.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2012-08-11 88728]
S3 BTATH_A2DP;@oem44.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2012-08-11 344216]
S3 btath_avdt;@oem44.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2012-08-11 114840]
S3 BTATH_LWFLT;@oem52.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2012-08-11 76952]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2016-09-24 1201664]
S3 intaud_WaveExtensible;@oem58.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-07-20 50240]
S3 mvusbews;@oem1.inf,%mvusbews.SvcDesc%;USB EWS Device; C:\WINDOWS\System32\Drivers\mvusbews.sys [2012-09-26 20480]
S3 RSUSBVSTOR;@oem52.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUVStor.sys [2012-06-13 315536]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2014-11-21 44544]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdAppMgrSvc;Autodesk Desktop App Service; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [2016-07-01 1295376]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-09-16 82128]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-08-11 211584]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [2015-02-05 31160]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2016-10-19 3293384]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll"=%SystemRoot%\system32\diagtrack.dll
R2 HPSIService;HP SI Service; C:\WINDOWS\system32\HPSIsvc.exe [2012-09-27 126880]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-11 733696]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-08-08 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-08-08 390616]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [2016-10-03 166152]
R2 mitsijm2016;Autodesk Simulation Moldflow MITSI 2016 Job Manager; C:\Program Files\Autodesk\Inventor 2016\Moldflow\bin\mitsijm.exe [2014-09-30 968480]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2013-02-14 884512]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-14 1260320]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-24 153752]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-09-20 324224]
S3 BrYNSvc;BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [2013-09-25 282112]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; %SystemRoot%\System32\svchost.exe -k LocalServiceAndNoImpersonation;"ServiceDll"=%SystemRoot%\System32\BthHFSrv.dll
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2012-12-19 277640]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [2016-10-02 1369856]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-24 153752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-11 822232]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2016-10-19 209112]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

-----------------EOF-----------------
Nahoru
MercedesJenz
Návštěvník
Návštěvník
Příspěvky: 18
Registrován: 05 lis 2016 20:03

Re: Blikání aktivní/neaktivní okno

#2 Příspěvek od MercedesJenz »

Přikládám ještě log FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-11-2016
Ran by Jan (administrator) on JENZPC (05-11-2016 20:33:29)
Running from C:\Users\Jan\Desktop
Loaded Profiles: Jan & UpdatusUser (Available Profiles: Jan & UpdatusUser)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Inventor 2016\Moldflow\bin\mitsijm.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Lenovo) C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Akamai Technologies, Inc.) C:\Users\Jan\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Jan\AppData\Local\Akamai\netsession_win.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Flux Software LLC) C:\Users\Jan\AppData\Local\FluxSoftware\Flux\flux.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Autodesk, Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe


==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6334096 2012-08-27] (Realtek semiconductor)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191824 2012-08-10] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1215632 2012-08-06] (Realtek Semiconductor)
HKLM\...\Run: [SynLenovoGestureMgr] => C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [665400 2012-08-16] (Synaptics)
HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [764032 2012-08-11] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-08-11] (Qualcomm Atheros Commnucations)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-08-10] (Lenovo)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17111056 2016-09-24] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [193008 2016-09-24] (Lenovo(beijing) Limited)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-16] (Synaptics Incorporated)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-19] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [ADSK DLMSession] => C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [1627032 2015-01-28] (Autodesk, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1156824 2016-09-16] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [721856 2016-07-01] (Autodesk, Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3840663496-1805175044-893499811-1002\...\Run: [Akamai NetSession Interface] => C:\Users\Jan\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3840663496-1805175044-893499811-1002\...\Run: [f.lux] => C:\Users\Jan\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-3840663496-1805175044-893499811-1002\...\Run: [GoogleChromeAutoLaunch_1F14D2380DB1DE09582B9D790BD95BA5] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1083496 2016-10-20] (Google Inc.)
HKU\S-1-5-21-3840663496-1805175044-893499811-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27021952 2016-10-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3840663496-1805175044-893499811-1002\...\Policies\Explorer: []
HKU\S-1-5-21-3840663496-1805175044-893499811-1002\...\MountPoints2: {0323ae70-9e8a-11e6-be8f-20689df4d60f} - "F:\SISetup.exe"
HKU\S-1-5-21-3840663496-1805175044-893499811-1008\...\Run: [GoogleChromeAutoLaunch_1F14D2380DB1DE09582B9D790BD95BA5] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1083496 2016-10-20] (Google Inc.)
HKU\S-1-5-21-3840663496-1805175044-893499811-1008\...\Run: [Akamai NetSession Interface] => C:\Users\Jan\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3840663496-1805175044-893499811-1008\...\Run: [f.lux] => C:\Users\Jan\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-3840663496-1805175044-893499811-1008\...\Run: [StartWMDriverWiz] => C:\Program Files (x86)\Common Files\Logitech\WmDrivers\WMWizard.dll [356352 2004-05-19] (Logitech Inc.)
HKU\S-1-5-21-3840663496-1805175044-893499811-1008\...\Policies\Explorer: []
HKU\S-1-5-21-3840663496-1805175044-893499811-1008\...\MountPoints2: {8c78736a-265b-11e2-be69-806e6f6e6963} - "E:\start.exe"
AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [184048 2013-12-26] (NVIDIA Corporation)
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [184048 2013-12-26] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [156256 2013-12-26] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
Startup: C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2016-11-02]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{6AEDA8A9-CF26-42A6-BB93-D523ED958513}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-3840663496-1805175044-893499811-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE12&ocid=UE12DHP
HKU\S-1-5-21-3840663496-1805175044-893499811-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
HKU\S-1-5-21-3840663496-1805175044-893499811-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-3840663496-1805175044-893499811-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
HKU\S-1-5-21-3840663496-1805175044-893499811-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?pc=UE12&ocid=UE12DHP
HKU\S-1-5-21-3840663496-1805175044-893499811-1008\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE12&ocid=UE12DHP
HKU\S-1-5-21-3840663496-1805175044-893499811-1008\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
HKU\S-1-5-21-3840663496-1805175044-893499811-1008\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-3840663496-1805175044-893499811-1008\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
HKU\S-1-5-21-3840663496-1805175044-893499811-1008\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?pc=UE12&ocid=UE12DHP
SearchScopes: HKU\S-1-5-21-3840663496-1805175044-893499811-1002 -> DefaultScope {8A3CB235-B68F-4A58-813E-43523810EB77} URL =
SearchScopes: HKU\S-1-5-21-3840663496-1805175044-893499811-1002 -> {8A3CB235-B68F-4A58-813E-43523810EB77} URL =
SearchScopes: HKU\S-1-5-21-3840663496-1805175044-893499811-1008 -> DefaultScope {8A3CB235-B68F-4A58-813E-43523810EB77} URL =
SearchScopes: HKU\S-1-5-21-3840663496-1805175044-893499811-1008 -> {8A3CB235-B68F-4A58-813E-43523810EB77} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-10-27] (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-11] (Qualcomm Atheros Commnucations)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-27] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-10-27] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-10-27] (Microsoft Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-10-03] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-10-03] (McAfee, Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-27] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-27] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-27] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-27] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-10-03] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-10-03] (McAfee, Inc.)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2016-10-09]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: (SmartPrintButton) - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26] [not signed]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-10-27] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-10-27] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-24] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-24] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default [2016-11-05]
CHR Extension: (Překladač Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2016-09-24]
CHR Extension: (Prezentace Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-24]
CHR Extension: (Entanglement Web App) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2016-09-24]
CHR Extension: () - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aelbknmfcacjffmgnoaaonhgoghlmlkp [2016-11-02]
CHR Extension: (Torrent Search) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\afbpdhiclgghnffhkinjikglgmolhpee [2016-09-24]
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2016-09-24]
CHR Extension: (HD for YouTube™) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\akjbfncbadcmnkopckegnmjgihagponf [2016-09-24]
CHR Extension: (Dokumenty Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-24]
CHR Extension: (Disk Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-24]
CHR Extension: (TV) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2016-09-24]
CHR Extension: (Zhasnout světla) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2016-11-04]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2016-09-24]
CHR Extension: (YouTube) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-24]
CHR Extension: (TV) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bppbpeijolfcampacpljolaegibfhjph [2016-09-24]
CHR Extension: (Mac OS X Simple Theme) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cihohekcekjgjdkeljpkbaaecgfoimbj [2016-10-30]
CHR Extension: (Box) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl [2016-09-24]
CHR Extension: (SPOTS - A better way to start) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejocekekgcaldnmjngfdbmbeebcekelc [2016-10-29]
CHR Extension: (Tabulky Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-24]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2016-09-26]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-24]
CHR Extension: (AdBlock) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-10-21]
CHR Extension: (2048) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hekhdfjankbhklfkjmnmnefcacndeoll [2016-09-24]
CHR Extension: (Přepínání Mapy.cz a Google Maps™) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghjhjccnjnjmklfmgohipnifagbaaee [2016-09-24]
CHR Extension: (Invert Page Colors) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjhdnhiofjddcapmffbllcpaodjmdphn [2016-09-24]
CHR Extension: (Weather Now) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmiebhdnnejnaijgmkhomnheecmonjli [2016-09-24]
CHR Extension: (ZenCast) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hncgklnmcokagjlmdkjneiabailabkop [2016-09-24]
CHR Extension: (Knotes) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifikafigdaiookblpafdpjfkffiocafj [2016-10-29]
CHR Extension: (PDF to Word Converter App) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jclipofobaadknkadkpgggmjkebddjam [2016-09-24]
CHR Extension: (Online PDF Tools) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jddfpnmfhodaljeelokfceepbeapgbdn [2016-09-24]
CHR Extension: (Kalkulačka) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\joodangkbfjnajiiifokapkpmhfnpleo [2016-09-24]
CHR Extension: (Autodesk Homestyler) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdmmkfaghgcicheaimnpffeeekheafkb [2016-09-24]
CHR Extension: (Převod měn) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjehaadplpgckpgeoddpnijogjaldela [2016-09-24]
CHR Extension: (Mapy Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2016-09-24]
CHR Extension: (Planner 5D - Interior Design) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcafejemebbngbglfoinpoaannbihjna [2016-09-24]
CHR Extension: (HUMAN 3.0) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\meefjekipolcgabfgaclcpdkbghhmoah [2016-09-24]
CHR Extension: (Kontrola e-mailu Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2016-09-24]
CHR Extension: (Pocket) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2016-09-24]
CHR Extension: (Math Science Engineering Calculators) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnaaclhkigagfmmmejenjpgjmemgkipa [2016-09-24]
CHR Extension: (Save to Pocket) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2016-11-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-24]
CHR Extension: (Outlook.com) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge [2016-09-24]
CHR Extension: (Gmail) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-24]
CHR Extension: (Chrome Media Router) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-28]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1295376 2016-07-01] (Autodesk Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-11] (Qualcomm Atheros Commnucations) [File not signed]
S2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31160 2015-02-05] (Autodesk, Inc.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3293384 2016-10-19] (Microsoft Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [166152 2016-10-03] (McAfee, Inc.)
R2 mitsijm2016; C:\Program Files\Autodesk\Inventor 2016\Moldflow\bin\mitsijm.exe [968480 2014-09-30] (Autodesk, Inc.)
S3 vmicguestinterface; C:\WINDOWS\System32\ICSvc.dll [541184 2016-09-24] (Microsoft Corporation)
S3 vmicheartbeat; C:\WINDOWS\System32\ICSvc.dll [541184 2016-09-24] (Microsoft Corporation)
S3 vmickvpexchange; C:\WINDOWS\System32\ICSvc.dll [541184 2016-09-24] (Microsoft Corporation)
S3 vmicshutdown; C:\WINDOWS\System32\ICSvc.dll [541184 2016-09-24] (Microsoft Corporation)
S3 vmictimesync; C:\WINDOWS\System32\ICSvc.dll [541184 2016-09-24] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2016-09-24] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2016-09-24] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-11] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BTATH_LWFLT; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-11] (Qualcomm Atheros)
S0 ebdrv; C:\WINDOWS\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [20480 2012-09-26] (Marvell Semiconductor, Inc.)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [8227216 2012-08-27] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-16] (Synaptics Incorporated)
R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [47072 2012-11-29] (Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44560 2016-09-24] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [270168 2016-09-24] (Microsoft Corporation)
R2 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [114520 2016-09-24] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
R3 XHCIPort; C:\WINDOWS\System32\drivers\XHCIPort.sys [188896 2012-11-29] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-05 20:33 - 2016-11-05 20:34 - 00032290 _____ C:\Users\Jan\Desktop\FRST.txt
2016-11-05 20:32 - 2016-11-05 20:33 - 00000000 ____D C:\FRST
2016-11-05 20:32 - 2016-11-05 20:32 - 02409984 _____ (Farbar) C:\Users\Jan\Desktop\FRST64.exe
2016-11-05 20:23 - 2016-11-05 20:23 - 00000493 _____ C:\Users\Jan\Desktop\text na viry.cz.txt
2016-11-05 20:01 - 2016-11-05 20:24 - 00000000 ____D C:\Program Files\trend micro
2016-11-05 20:01 - 2016-11-05 20:02 - 00000000 ____D C:\rsit
2016-11-05 20:00 - 2016-11-05 20:00 - 01323520 _____ C:\Users\Jan\Desktop\RSITx64.exe
2016-11-05 14:04 - 2016-11-05 14:04 - 00001048 _____ C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\racer.lnk
2016-10-30 20:49 - 2016-10-30 20:49 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2016-10-30 20:48 - 2016-10-30 20:48 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_mvusbews_01009.Wdf
2016-10-30 20:48 - 2016-10-30 20:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2016-10-30 20:44 - 2012-09-27 01:27 - 00126880 _____ (HP) C:\WINDOWS\system32\HPSIsvc.exe
2016-10-30 20:44 - 2012-08-31 15:03 - 01696256 _____ C:\WINDOWS\system32\HP1100SM.EXE
2016-10-30 20:44 - 2012-08-31 15:03 - 00288768 _____ C:\WINDOWS\system32\HP1100LM.DLL
2016-10-30 20:42 - 2016-10-30 20:42 - 00000000 ____D C:\Program Files\HP
2016-10-30 20:42 - 2012-08-31 08:10 - 00350720 _____ C:\WINDOWS\system32\mvhlewsi.dll
2016-10-30 20:41 - 2012-09-26 06:45 - 00082944 _____ C:\WINDOWS\system32\mvusbews.dll
2016-10-30 20:41 - 2012-09-26 06:45 - 00050688 _____ C:\WINDOWS\system32\HP1100SMs.dll
2016-10-30 20:41 - 2012-09-26 06:45 - 00020480 _____ (Marvell Semiconductor, Inc.) C:\WINDOWS\system32\Drivers\mvusbews.sys
2016-10-30 20:39 - 2016-10-30 20:41 - 00000000 ____D C:\LJP1100_P1560_P1600_Full_Solution
2016-10-30 20:37 - 2016-10-30 20:38 - 150179344 _____ C:\Users\Jan\Downloads\hp_LJP1100_P1560_P1600_Full_Solution-v20120831-50157036_SMO.exe
2016-10-30 20:35 - 2016-10-30 20:35 - 04039392 _____ (Oleg N. Scherbakov) C:\Users\Jan\Downloads\HPSupportSolutionsFramework-12.5.26.37.exe
2016-10-30 16:15 - 2016-10-30 16:15 - 00000000 ____D C:\Users\Jan\Tracing
2016-10-30 16:14 - 2016-10-30 16:15 - 00000000 ____D C:\ProgramData\Skype
2016-10-30 16:14 - 2016-10-30 16:14 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-10-30 16:14 - 2016-10-30 16:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-10-30 16:13 - 2016-10-30 16:13 - 43760768 _____ (Skype Technologies S.A.) C:\Users\Jan\Downloads\SkypeSetupFull.exe
2016-10-29 09:02 - 2016-10-29 09:08 - 00000000 ____D C:\AdwCleaner
2016-10-29 09:02 - 2016-10-29 09:02 - 03910208 _____ C:\Users\Jan\Downloads\AdwCleaner.exe
2016-10-28 15:42 - 2016-10-28 15:42 - 00000000 ____D C:\_OTM
2016-10-28 15:41 - 2016-10-28 15:41 - 00522240 _____ (OldTimer Tools) C:\Users\Jan\Desktop\OTM.exe
2016-10-24 12:58 - 2016-10-24 13:15 - 00000000 ____D C:\Users\Jan\Desktop\Fotky Nikon všechny
2016-10-23 19:34 - 2016-10-23 19:34 - 00213827 _____ C:\Users\Jan\Desktop\Brigáda.pdf
2016-10-23 14:14 - 2016-10-23 14:16 - 94517116 _____ C:\Users\Jan\Downloads\racer090rc10 (1).7z
2016-10-23 11:16 - 2016-10-23 11:16 - 00200158 _____ C:\Users\Jan\Desktop\msvcp120.zip
2016-10-21 15:38 - 2016-11-04 21:40 - 00000000 ____D C:\Users\Jan\AppData\Roaming\vlc
2016-10-21 15:10 - 2016-10-21 15:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-10-21 15:09 - 2016-10-21 15:09 - 00000000 ____D C:\Program Files\VideoLAN
2016-10-21 15:06 - 2016-10-21 15:06 - 31717016 _____ C:\Users\Jan\Downloads\vlc-2.2.4-win64.exe
2016-10-21 07:46 - 2004-05-19 16:40 - 00040655 _____ C:\WINDOWS\SysWOW64\LXLCore.VxD
2016-10-21 07:46 - 2004-05-19 16:40 - 00033216 _____ (Logitech, Inc.) C:\WINDOWS\SysWOW64\LFLoad.sys
2016-10-21 07:46 - 2004-05-19 16:40 - 00019620 _____ C:\WINDOWS\SysWOW64\LJoyFrc.vxd
2016-10-21 07:46 - 2004-05-19 16:40 - 00017536 _____ (Logitech Inc.) C:\WINDOWS\SysWOW64\Drivers\LHidHi.sys
2016-10-21 07:46 - 2004-05-19 16:40 - 00014144 _____ (Logitech, Inc.) C:\WINDOWS\SysWOW64\Drivers\LHidLo.sys
2016-10-21 07:46 - 2004-05-19 16:40 - 00011428 _____ C:\WINDOWS\SysWOW64\LUsbVxd.vxd
2016-10-21 07:46 - 2004-05-19 16:39 - 00034784 _____ C:\WINDOWS\SysWOW64\Ljoy.VxD
2016-10-21 07:46 - 2004-05-19 16:39 - 00022659 _____ C:\WINDOWS\SysWOW64\Lserial.VxD
2016-10-21 07:46 - 2004-05-19 16:39 - 00016680 _____ C:\WINDOWS\SysWOW64\LDigital.VxD
2016-10-21 07:46 - 2004-05-19 16:39 - 00010432 _____ (Logitech, Inc.) C:\WINDOWS\SysWOW64\Drivers\LUsbSys.sys
2016-10-21 07:46 - 2004-05-19 16:39 - 00009196 _____ C:\WINDOWS\SysWOW64\LJoyV.VxD
2016-10-21 07:46 - 2004-05-19 16:39 - 00006243 _____ C:\WINDOWS\SysWOW64\LAnalog.VxD
2016-10-21 07:46 - 2004-05-19 16:38 - 00086016 _____ (Logitech Inc.) C:\WINDOWS\SysWOW64\W9xDAPI.dll
2016-10-21 07:46 - 2004-05-19 16:38 - 00061440 _____ (Logitech Inc.) C:\WINDOWS\SysWOW64\W9XdInst.dll
2016-10-21 07:46 - 2004-05-19 16:37 - 00356352 _____ (Logitech Inc.) C:\WINDOWS\SysWOW64\WMWizard.dll
2016-10-21 07:46 - 2004-05-19 16:36 - 02576384 _____ (Logitech Inc.) C:\WINDOWS\SysWOW64\LWCtPl.dll
2016-10-21 07:46 - 2004-05-13 22:40 - 00167936 _____ (Logitech, Inc.) C:\WINDOWS\SysWOW64\WmJoyFrc.dll
2016-10-21 07:46 - 2000-11-28 10:35 - 00027388 _____ (Immersion Corporation) C:\WINDOWS\SysWOW64\Drivers\ihidfilt.sys
2016-10-21 07:45 - 2016-10-21 07:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2016-10-21 07:45 - 2016-10-21 07:45 - 00000000 ____D C:\Program Files (x86)\Logitech
2016-10-19 11:24 - 2016-10-19 11:24 - 00428050 _____ C:\Users\Jan\Downloads\iBrightnessTray_EN.zip
2016-10-19 10:56 - 2016-10-19 11:27 - 00000000 ____D C:\Program Files (x86)\Desktop Lighter
2016-10-19 10:55 - 2016-10-19 10:55 - 00829875 _____ (DiMXSoft ) C:\Users\Jan\Downloads\DLighterSetup.exe
2016-10-17 06:01 - 2016-10-17 06:01 - 00001178 _____ C:\Users\Jan\Desktop\3. ročník.lnk
2016-10-15 16:05 - 2016-10-22 10:04 - 00000000 ____D C:\Users\Jan\Documents\TDM 900
2016-10-15 15:44 - 2016-10-15 15:44 - 00000916 _____ C:\Users\Jan\Desktop\Dokumenty.lnk
2016-10-15 15:44 - 2016-10-15 15:44 - 00000436 _____ C:\Users\Jan\Desktop\Tento počítač.lnk
2016-10-14 09:50 - 2016-10-14 09:50 - 00000000 ____D C:\Users\Jan\AppData\Roaming\mioObjects
2016-10-14 09:50 - 2016-10-14 09:50 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mioplanet
2016-10-14 09:50 - 2016-10-14 09:50 - 00000000 ____D C:\Users\Jan\AppData\Local\Mioplanet
2016-10-12 14:48 - 2016-10-12 14:48 - 00000000 ____D C:\Users\Jan\AppData\Local\Autodesk,_Inc
2016-10-12 06:12 - 2016-10-01 01:22 - 07444312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-10-12 06:12 - 2016-09-30 08:55 - 25765376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-10-12 06:12 - 2016-09-30 07:25 - 02895360 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-10-12 06:12 - 2016-09-30 07:25 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-10-12 06:12 - 2016-09-30 07:09 - 06048256 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-10-12 06:12 - 2016-09-30 06:47 - 20306944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-10-12 06:12 - 2016-09-30 06:42 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-10-12 06:12 - 2016-09-30 06:41 - 01033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-10-12 06:12 - 2016-09-30 06:38 - 02286592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-10-12 06:12 - 2016-09-30 06:32 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-10-12 06:12 - 2016-09-30 06:31 - 02131456 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-10-12 06:12 - 2016-09-30 06:21 - 15257088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-10-12 06:12 - 2016-09-30 06:17 - 02920960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-10-12 06:12 - 2016-09-30 06:12 - 04608512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-10-12 06:12 - 2016-09-30 06:11 - 00880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-10-12 06:12 - 2016-09-30 06:05 - 01544192 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-10-12 06:12 - 2016-09-30 06:05 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-10-12 06:12 - 2016-09-30 06:03 - 13653504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-10-12 06:12 - 2016-09-30 05:46 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-10-12 06:12 - 2016-09-30 05:43 - 01312768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-10-12 06:12 - 2016-09-17 19:16 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsmsext.dll
2016-10-12 06:12 - 2016-09-17 18:21 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsmsext.dll
2016-10-12 06:12 - 2016-09-17 18:02 - 01446400 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-10-12 06:12 - 2016-09-14 02:53 - 01663184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-10-12 06:12 - 2016-09-14 02:53 - 01523208 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-10-12 06:12 - 2016-09-14 02:53 - 01490112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-10-12 06:12 - 2016-09-14 02:53 - 01358952 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-10-12 06:12 - 2016-09-13 00:48 - 00085680 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-10-12 06:12 - 2016-09-09 15:17 - 04170752 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-10-12 06:12 - 2016-09-09 14:38 - 01629184 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-10-12 06:12 - 2016-09-09 14:38 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-10-12 06:12 - 2016-09-09 14:38 - 00586752 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-10-12 06:12 - 2016-09-09 14:38 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-10-12 06:12 - 2016-09-09 14:38 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-10-12 06:12 - 2016-09-09 14:38 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2016-10-12 06:12 - 2016-09-09 14:38 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-10-12 06:12 - 2016-09-09 14:38 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-10-12 06:12 - 2016-09-08 21:41 - 00121176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2016-10-12 06:12 - 2016-09-08 15:00 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-10-12 06:12 - 2016-09-08 15:00 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-10-12 06:12 - 2016-09-07 23:07 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2016-10-12 06:12 - 2016-09-07 22:59 - 01754112 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-10-12 06:12 - 2016-09-07 22:59 - 01377792 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2016-10-12 06:12 - 2016-09-07 22:57 - 01560064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2016-10-12 06:12 - 2016-09-07 22:56 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-10-12 06:12 - 2016-08-31 18:22 - 03754496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2016-10-12 06:12 - 2016-08-31 17:33 - 02410496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2016-10-12 06:12 - 2016-08-25 21:50 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-10-12 06:12 - 2016-08-25 20:40 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-10-12 06:12 - 2016-08-13 01:05 - 09323008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2016-10-12 06:12 - 2016-08-13 01:02 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2016-10-12 06:12 - 2016-08-13 01:01 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2016-10-12 06:12 - 2016-08-12 23:35 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2016-10-12 06:12 - 2016-08-12 23:19 - 09323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2016-10-12 06:12 - 2016-08-12 22:47 - 15431168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-10-12 06:12 - 2016-08-12 22:17 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2016-10-12 06:12 - 2016-08-12 21:52 - 13317120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-10-12 06:12 - 2016-08-12 02:58 - 02315496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-10-12 06:12 - 2016-08-12 02:58 - 01946176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-10-12 06:12 - 2016-08-11 19:33 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\parport.sys
2016-10-12 06:12 - 2016-08-11 19:33 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-10-12 06:12 - 2016-08-11 18:17 - 01574912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2016-10-12 06:12 - 2016-08-11 14:39 - 00445765 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-10-12 06:12 - 2016-08-11 06:46 - 00420184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2016-10-12 06:12 - 2016-08-03 16:42 - 01317888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-10-12 06:12 - 2016-08-03 16:36 - 01102848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2016-10-12 06:12 - 2016-08-03 16:36 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-10-12 06:12 - 2016-08-03 16:33 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2016-10-12 06:12 - 2016-07-30 18:12 - 02896384 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-10-12 06:12 - 2016-07-30 17:36 - 02537472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-10-12 06:12 - 2016-07-23 19:18 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-10-12 06:12 - 2016-07-23 19:12 - 00954880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-10-12 06:11 - 2016-09-30 07:12 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-10-12 06:11 - 2016-09-30 06:33 - 00724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-10-12 06:11 - 2016-09-30 06:33 - 00378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-10-12 06:11 - 2016-09-30 06:32 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-10-12 06:11 - 2016-09-30 06:06 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-10-12 06:11 - 2016-09-30 06:05 - 02055680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-10-12 06:11 - 2016-09-30 05:54 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-10-12 06:11 - 2016-09-30 05:42 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-10-12 06:11 - 2016-09-17 18:53 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-10-12 06:11 - 2016-09-17 18:03 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-10-12 06:11 - 2016-09-12 23:03 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2016-10-12 06:11 - 2016-09-12 22:01 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2016-10-12 06:11 - 2016-08-27 20:44 - 22360288 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-10-12 06:11 - 2016-08-27 20:44 - 02755504 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-10-12 06:11 - 2016-08-27 20:44 - 00133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\RestoreOptIn.exe
2016-10-12 06:11 - 2016-08-27 19:26 - 19789232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-10-12 06:11 - 2016-08-27 19:26 - 02411048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-10-12 06:11 - 2016-08-27 19:26 - 00113656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RestoreOptIn.exe
2016-10-12 06:11 - 2016-08-27 17:33 - 02881536 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-10-12 06:11 - 2016-08-27 17:11 - 01049600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-10-12 06:11 - 2016-08-27 17:09 - 14466560 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-10-12 06:11 - 2016-08-27 16:55 - 12879360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-10-12 06:11 - 2016-08-20 23:24 - 02778624 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-10-12 06:11 - 2016-08-20 23:12 - 02463744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-10-12 06:11 - 2016-08-13 01:03 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifibus.sys
2016-10-12 06:11 - 2016-08-11 19:33 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serenum.sys
2016-10-12 06:11 - 2016-07-26 14:40 - 00162850 _____ C:\WINDOWS\SysWOW64\C_932.NLS
2016-10-12 06:11 - 2016-07-26 14:40 - 00162850 _____ C:\WINDOWS\system32\C_932.NLS
2016-10-11 13:23 - 2016-10-11 13:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2
2016-10-11 13:20 - 2016-10-11 13:27 - 00000000 ____D C:\Program Files (x86)\Euro Truck Simulator 2
2016-10-10 14:28 - 2016-10-11 13:28 - 00000000 ____D C:\Users\Jan\Downloads\ETS 2 GOLD (1.14.2) + DLC East + Mods By MATY
2016-10-10 12:48 - 2016-10-10 13:08 - 10281056 _____ C:\Users\Jan\Downloads\Euro Truck Simulator 2 GOLD (Full Game - Version 1.14.2) + DLC East + MOD by MATY.rar
2016-10-10 12:47 - 2016-10-10 12:47 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2016-10-10 12:45 - 2016-10-11 13:46 - 00000000 ____D C:\Users\Jan\AppData\Roaming\uTorrent
2016-10-10 11:49 - 2016-10-10 11:49 - 00597304 _____ C:\Users\Jan\Downloads\flux-setup.exe
2016-10-10 11:49 - 2016-10-10 11:49 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2016-10-10 11:49 - 2016-10-10 11:49 - 00000000 ____D C:\Users\Jan\AppData\Local\FluxSoftware
2016-10-10 09:02 - 2016-10-10 09:02 - 00000165 ____H C:\Users\Jan\Desktop\~$5FM CV4 tabulka.xlsx
2016-10-09 12:22 - 2016-10-09 12:23 - 00000000 ____D C:\Users\Jan\AppData\Roaming\ControlCenter4
2016-10-09 10:30 - 2016-10-09 10:30 - 00000000 ___RD C:\Users\Jan\AppData\Roaming\Brother
2016-10-09 10:30 - 2016-10-09 10:30 - 00000000 ____D C:\Users\Jan\AppData\LocalLow\Brother
2016-10-09 10:16 - 2016-10-09 10:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2016-10-09 10:12 - 2016-10-09 10:12 - 00000000 ____D C:\Brother
2016-10-09 10:11 - 2016-10-09 10:12 - 00000000 ____D C:\Program Files (x86)\Browny02
2016-10-09 10:11 - 2016-10-09 10:12 - 00000000 ____D C:\Program Files (x86)\Brother
2016-10-09 10:11 - 2016-10-09 10:11 - 00000000 ____D C:\ProgramData\ControlCenter4
2016-10-09 10:11 - 2016-10-09 10:11 - 00000000 ____D C:\Program Files (x86)\ControlCenter4
2016-10-09 10:11 - 2014-11-26 08:10 - 00180224 _____ (Brother Industries, Ltd.) C:\WINDOWS\SysWOW64\BROSNMP.DLL
2016-10-09 10:11 - 2014-11-26 08:10 - 00077824 _____ (Brother Industries, Ltd.) C:\WINDOWS\SysWOW64\BRLMW03A.DLL
2016-10-09 10:11 - 2014-11-26 08:10 - 00045056 _____ C:\WINDOWS\SysWOW64\BRTCPCON.DLL
2016-10-09 10:11 - 2014-11-26 08:10 - 00025299 _____ (Brother Industries, Ltd) C:\WINDOWS\SysWOW64\BRLM03A.DLL
2016-10-09 10:11 - 2014-11-26 08:10 - 00000114 _____ C:\WINDOWS\SysWOW64\BRLMW03A.INI
2016-10-09 10:11 - 2014-11-26 08:09 - 00000050 _____ C:\WINDOWS\system32\BRADM13A.DAT
2016-10-09 10:11 - 2014-11-25 17:08 - 00227840 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BRCOM13A.DLL
2016-10-09 10:11 - 2013-07-12 13:03 - 00214016 ____N (brother) C:\WINDOWS\SysWOW64\NSSearch.dll
2016-10-09 10:11 - 2013-07-12 06:03 - 00251392 _____ (brother) C:\WINDOWS\system32\NSSRH64.dll
2016-10-09 10:11 - 2013-07-03 03:46 - 00065024 _____ (Brother Industries,Ltd) C:\WINDOWS\system32\Brnsplg.dll
2016-10-09 10:11 - 2013-03-12 13:50 - 01442304 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BrWi213b.dll
2016-10-09 10:11 - 2013-03-08 07:45 - 00059904 _____ (Brother Industries,Ltd.) C:\WINDOWS\system32\BrWiaNCp.dll
2016-10-09 10:11 - 2013-03-08 07:44 - 00087040 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BrNetSti.dll
2016-10-09 10:11 - 2012-12-03 12:39 - 00002560 ____N (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2S.dll
2016-10-09 10:11 - 2011-09-08 10:36 - 00279040 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BrJDec.dll
2016-10-09 10:11 - 2010-03-15 18:45 - 00073728 ____N (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2.dll
2016-10-09 10:11 - 2007-12-13 21:16 - 00005120 ____N (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2L.dll
2016-10-09 10:11 - 2005-04-22 05:36 - 00143360 _____ C:\WINDOWS\system32\BrSNMP64.dll
2016-10-09 09:58 - 2016-10-09 09:58 - 00000000 ____D C:\Users\Jan\AppData\Local\Granta Design
2016-10-09 09:49 - 2016-10-09 10:16 - 00000000 ____D C:\ProgramData\Brother
2016-10-07 22:32 - 2016-10-07 22:32 - 00000000 ____D C:\ProgramData\FLEXnet
2016-10-07 21:59 - 2016-10-07 22:00 - 00000000 ____D C:\Users\Jan\Documents\Smlouva na byt
2016-10-07 21:58 - 2016-10-07 21:58 - 00000000 ____D C:\Users\Jan\Documents\Počítač pro každého
2016-10-07 21:57 - 2016-10-23 20:45 - 00000000 ____D C:\Users\Jan\Documents\Ostatní
2016-10-07 21:44 - 2016-10-07 21:45 - 00000000 ____D C:\Users\Jan\Desktop\Nová složka

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-05 20:24 - 2016-10-05 06:23 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Skype
2016-11-05 19:14 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-11-05 18:36 - 2014-11-21 05:53 - 01745984 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-05 18:36 - 2014-11-21 05:10 - 00739924 _____ C:\WINDOWS\system32\perfh005.dat
2016-11-05 18:36 - 2014-11-21 05:10 - 00151610 _____ C:\WINDOWS\system32\perfc005.dat
2016-11-05 18:36 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2016-11-05 14:04 - 2016-09-25 01:04 - 00000000 ____D C:\Users\Jan\Downloads\racer
2016-11-04 07:25 - 2016-10-05 18:47 - 00205312 ___SH C:\Users\Jan\Desktop\Thumbs.db
2016-11-03 07:34 - 2016-09-23 19:19 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3840663496-1805175044-893499811-1002
2016-11-03 07:03 - 2016-09-24 06:49 - 00002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-03 07:03 - 2016-09-24 06:49 - 00002214 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-11-02 17:14 - 2016-09-24 06:44 - 00000000 __RDO C:\Users\Jan\OneDrive
2016-11-02 17:05 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-11-02 17:01 - 2016-09-25 00:07 - 00000000 ___RD C:\Users\Jan\Desktop\Programy
2016-11-02 15:57 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-11-02 13:45 - 2016-09-24 03:43 - 00000000 ____D C:\Users\Jan
2016-11-02 13:45 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-10-31 18:59 - 2016-09-24 19:28 - 00000000 ____D C:\Users\UpdatusUser
2016-10-30 21:00 - 2016-09-23 19:10 - 00000000 ____D C:\Users\Jan\AppData\Local\Packages
2016-10-30 20:46 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-10-30 09:56 - 2016-09-24 06:48 - 00000000 ____D C:\Users\Jan\AppData\Local\Google
2016-10-29 09:07 - 2012-11-04 10:25 - 00000000 ____D C:\Program Files (x86)\Amazon
2016-10-29 08:02 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-10-28 09:35 - 2016-09-25 01:27 - 00000000 ____D C:\Users\Jan\Downloads\racer8.40
2016-10-28 02:22 - 2016-09-23 22:21 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-10-27 15:22 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-10-27 15:19 - 2012-11-04 10:16 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-10-26 13:14 - 2016-09-24 22:04 - 00000000 ____D C:\Users\Jan\Documents\Euro Truck Simulator 2
2016-10-24 22:54 - 2016-09-26 20:51 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-10-24 22:54 - 2016-09-26 20:51 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-24 16:14 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2016-10-23 21:27 - 2016-09-30 07:19 - 00000000 ____D C:\Users\Jan\AppData\Roaming\NVIDIA
2016-10-23 21:23 - 2016-10-02 20:44 - 00000000 ____D C:\ProgramData\Package Cache
2016-10-21 07:49 - 2016-09-23 19:10 - 00000000 ____D C:\Users\Jan\AppData\Local\VirtualStore
2016-10-21 07:45 - 2012-11-04 09:57 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-10-19 11:49 - 2016-10-02 21:08 - 00000000 ____D C:\Users\Public\Documents\Autodesk
2016-10-18 18:39 - 2016-10-02 21:12 - 00000000 ____D C:\Users\Jan\AppData\Local\Autodesk
2016-10-18 18:39 - 2016-10-02 20:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2016-10-18 18:39 - 2016-10-02 20:38 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Autodesk
2016-10-18 18:38 - 2016-10-02 21:15 - 00000000 ____D C:\Program Files (x86)\Autodesk
2016-10-15 16:39 - 2016-09-26 11:26 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-10-15 16:21 - 2013-08-22 15:44 - 00586192 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-10-15 16:14 - 2016-09-26 20:43 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-10-15 16:14 - 2014-11-21 13:14 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2016-10-15 16:14 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData
2016-10-15 16:02 - 2016-09-25 00:01 - 00000000 ____D C:\Users\Jan\Desktop\Hry
2016-10-15 15:45 - 2016-09-24 22:23 - 00000000 ____D C:\Users\Jan\Documents\VUT
2016-10-12 12:31 - 2016-09-23 20:59 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-10-12 12:23 - 2016-09-23 20:59 - 143495576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-10-12 09:14 - 2016-09-24 22:52 - 00000000 ____D C:\Users\Jan\Desktop\Filmy od Elišky
2016-10-10 12:48 - 2016-09-25 01:41 - 00000000 ____D C:\Users\Jan\Downloads\Torrenty
2016-10-09 09:58 - 2016-10-03 19:29 - 00000000 ____D C:\Users\Jan\Documents\Inventor
2016-10-09 09:58 - 2016-10-02 20:38 - 00000000 ____D C:\ProgramData\Autodesk
2016-10-09 08:03 - 2016-09-25 21:40 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-10-07 22:04 - 2016-09-24 22:04 - 00000000 ____D C:\Users\Jan\Documents\Dtest
2016-10-07 21:59 - 2016-09-24 22:21 - 00000000 ____D C:\Users\Jan\Documents\SanDisk
2016-10-07 21:56 - 2016-09-24 22:07 - 00000000 ____D C:\Users\Jan\Documents\Hory video stříhání
2016-10-07 21:45 - 2016-09-24 23:15 - 00000000 ___RD C:\Users\Jan\Desktop\Stažené soubory
2016-10-07 21:45 - 2016-09-24 23:12 - 00000000 ____D C:\Users\Jan\Desktop\SD 8GB

==================== Files in the root of some directories =======

2016-09-24 19:07 - 2016-09-24 19:09 - 0011756 _____ () C:\Users\Jan\AppData\Local\WiDiSetupLog.20160924.200744.txt
2012-11-04 10:25 - 2012-11-04 10:25 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-11-02 10:09

==================== End of FRST.txt ============================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119672
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Blikání aktivní/neaktivní okno

#3 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
MercedesJenz
Návštěvník
Návštěvník
Příspěvky: 18
Registrován: 05 lis 2016 20:03

Re: Blikání aktivní/neaktivní okno

#4 Příspěvek od MercedesJenz »

Log z ADWCleaneru

# AdwCleaner v6.030 - Log soubor vytvořen 05/11/2016 na 21:07:21
# Aktualizováno dne 19/10/2016 z Malwarebytes
# Databáze : 2016-11-05.1 [Server]
# Operační systém : Windows 8.1 (X64)
# Uživatelské jméno : Jan - JENZPC
# Beží od : C:\Users\Jan\Downloads\adwcleaner_6.030.exe
# Mod: Skenování
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****

Nebyly nalezeny žádné škodlivé služby.


***** [ Adresáře ] *****

Složka nalezena: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejocekekgcaldnmjngfdbmbeebcekelc


***** [ Soubory ] *****

Nebyly nalezeny žádné škodlivé soubory.


***** [ DLL ] *****

Nebyly nalezeny žádné škodlivé DLL soubory.


***** [ WMI ] *****

Nebyly nalezeny žádné škodlivé klíče.


***** [ Zástupce ] *****

Žádné infikovaný zástupce nenalezen.


***** [ Plánovač úloh ] *****

Žádný nebezpečná úloha nenalezena.


***** [ Registry ] *****

Nebyly nalezeny žádné škodlivé položky registru.


***** [ Internetové prohlížeče ] *****

Nebyly nalezeny žádné škodlivé položky prohlížeče Firefox báze.
Chromium nastavení nalezeno: [C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - ejocekekgcaldnmjngfdbmbeebcekelc

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2600 Bajtů] - [29/10/2016 09:08:00]
C:\AdwCleaner\AdwCleaner[S0].txt - [2643 Bajtů] - [29/10/2016 09:04:14]
C:\AdwCleaner\AdwCleaner[S1].txt - [1523 Bajtů] - [05/11/2016 21:07:21]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1597 Bajtů] ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119672
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Blikání aktivní/neaktivní okno

#5 Příspěvek od Rudy »

Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
MercedesJenz
Návštěvník
Návštěvník
Příspěvky: 18
Registrován: 05 lis 2016 20:03

Re: Blikání aktivní/neaktivní okno

#6 Příspěvek od MercedesJenz »

Logfile of random's system information tool 1.14 (written by random/random)
Run by Jan at 2016-11-05 22:00:31
Microsoft Windows 8.1
System drive C: has 232 GB (26%) free of 905 GB
Total RAM: 8048 MB (74% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:00:41, on 5. 11. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
C:\Users\Jan\AppData\Local\Akamai\netsession_win.exe
C:\Users\Jan\AppData\Local\Akamai\netsession_win.exe
C:\Users\Jan\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe
C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
C:\Program Files (x86)\Microsoft Office\Root\Office16\MsoSync.exe
C:\Program Files\trend micro\Jan_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE12DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [ADSK DLMSession] C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Autodesk Desktop App] "C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Jan\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [f.lux] "C:\Users\Jan\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-21-3840663496-1805175044-893499811-1008\..\Run: [GoogleChromeAutoLaunch_1F14D2380DB1DE09582B9D790BD95BA5] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3840663496-1805175044-893499811-1008\..\Run: [Akamai NetSession Interface] "C:\Users\Jan\AppData\Local\Akamai\netsession_win.exe" (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3840663496-1805175044-893499811-1008\..\Run: [f.lux] "C:\Users\Jan\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3840663496-1805175044-893499811-1008\..\Run: [StartWMDriverWiz] C:\WINDOWS\system32\rundll32.exe C:\PROGRA~2\COMMON~1\Logitech\WmDrivers\wmwizard.dll,WMWizardMain (User 'UpdatusUser')
O4 - Startup: Poslat do aplikace OneNote.lnk = C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: Autodesk Desktop App Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\WINDOWS\system32\HPSIsvc.exe (file missing)
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: Autodesk Simulation Moldflow MITSI 2016 Job Manager (mitsijm2016) - Autodesk, Inc. - C:\Program Files\Autodesk\Inventor 2016\Moldflow\bin\mitsijm.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 13886 bytes

======Enumerating Processes======

C:\WINDOWS\system32\wininit.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"C:\WINDOWS\system32\nvvsvc.exe"
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\system32\HPSIsvc.exe
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe"
"C:\Program Files\Autodesk\Inventor 2016\Moldflow\bin\mitsijm.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-896b7114-d331-4039-a728-ea6d890ac1f2 -SystemEventPortName:HostProcess-f647ffaa-9b79-405c-88e0-6ef59f6f49d0 -IoCancelEventPortName:HostProcess-a4b3aed9-d097-4437-9dec-9294f6da3088 -NonStateChangingEventPortName:HostProcess-6dd038ab-f35d-4f70-ba02-e36695860116 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:3df8fec4-0fdd-45cc-b9b7-275ff4717d99 -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\WINDOWS\system32\taskeng.exe
C:\WINDOWS\system32\taskhostex.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\System32\skydrive.exe -Embedding
"C:\Windows\RTFTrack.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe" /m
"C:\Program Files (x86)\Bluetooth Suite\BtTray.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\Users\Jan\AppData\Local\Akamai\netsession_win.exe"
C:\Users\Jan\AppData\Local\Akamai\netsession_win.exe
"C:\Users\Jan\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
"C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe"
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
"C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe" --approot=SOFTWARE\Autodesk --appAgent=/AUTODESKDESKTOPAPP/6.2.0.174/cs-CZ/0001 --lang=cs-CZ --cache-path="C:\Users\Jan\AppData\Local\Autodesk\Autodesk Desktop App\BrowserCache" --peerPid=5136
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe" --type=gpu-process --channel="4512.0.1440588819\59312679" --no-sandbox --lang=cs-CZ --log-severity=disable --peerpid=5136 --disable-image-transport-surface --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,1,5,14,27 --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2932 --lang=cs-CZ --log-severity=disable --peerpid=5136 /prefetch:822062411
"C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe" --type=renderer --no-sandbox --lang=en-US --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --lang=cs-CZ --log-severity=disable --peerpid=5136 --enable-software-compositing --channel="4512.1.1657160930\1104100888" /prefetch:673131151
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-3840663496-1805175044-893499811-10022_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-3840663496-1805175044-893499811-10022 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE" -Embedding
"C:\Program Files (x86)\Microsoft Office\Root\Office16\MsoSync.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Users\Jan\Desktop\RSITx64.exe"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 572 576 584 65536 580
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\WINDOWS\system32\wermgr.exe" "-queuereporting_svc" "C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_Connect.Service._e376dad147767ac23a3c75b6320567282c29097_a55d52dc_1921c5d8"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3840663496-1805175044-893499811-1002 - %localappdata%\Microsoft\OneDrive\OneDrive.exe /autoupdate
C:\WINDOWS\system32\tasks\MirageAgent - C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\WINDOWS\system32\tasks\OneDrive Standalone Update Task - C:\Users\Jan\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
C:\WINDOWS\system32\tasks\Synaptics TouchPad Enhancements - \Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\WINDOWS\system32\tasks\Microsoft\Windows\WS\License Validation - rundll32.exe WSClient.dll,WSpTLR licensing
C:\WINDOWS\system32\tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask - rundll32.exe WSClient.dll,RefreshBannedAppsList
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - %SystemRoot%\System32\AutoWorkplace.exe join
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION /FIRSTTIME
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCleanup
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - %ProgramFiles%\Windows Defender\MpCmdRun.exe Scan -ScheduleJob
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdVerification
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\Lpksetup - C:\WINDOWS\System32\lpksetup.exe -v
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\Mcbuilder - C:\WINDOWS\System32\mcbuilder.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent /increment
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe %windir%\system32\invagent.dll,RunUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\Office Automatic Updates - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /update SCHEDULEDTASK displaylevel=False
C:\WINDOWS\system32\tasks\Microsoft\Office\Office ClickToRun Service Monitor - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /WatchService
C:\WINDOWS\system32\tasks\Microsoft\Office\Office Subscription Maintenance - C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 - C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe scan upload mininterval:2880
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 - C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe scan upload

=========Google Chrome=========

C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapbdbdomjkkjkaonfhkkikfgjllcleb 1 Překladač Google 2.0.6
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentace Google 0.9
Extension aciahcmjmecflokailenpkdchphgkefd 1 Entanglement Web App 3.4.9
Extension adapibeileacgechmgngdfekbjleadnj
Extension aelbknmfcacjffmgnoaaonhgoghlmlkp
Extension afbpdhiclgghnffhkinjikglgmolhpee 1 Torrent Search 1.2.0.7
Extension agoenciogemlojlhccbcpcfflicgnaak 1 BIODIGITAL HUMAN 3.1.3
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension akjbfncbadcmnkopckegnmjgihagponf 1 HD for YouTube™ 2.0
Extension aknpkdffaafgjchaibgeefbgmgeghloj
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension beapnbfmjmjhhfpaoajfhjbbfnnlfpnc 0
Extension beobeededemalmllhkmnkinmfembdimh 1 TV 1.0.12
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension bgjpfhpjcgdppjbgnpnjllokbmcdllig 1 Seznam Lištička - Email 1.3.14
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension bppbpeijolfcampacpljolaegibfhjph 1 TV 2.6
Extension cgbncpmdcgnaoplhdfakiogmpejpogmj
Extension cihohekcekjgjdkeljpkbaaecgfoimbj 1 Mac OS X Simple Theme 1.0.1
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension ejnkaeblpdcamcioiiabclakabcbjmbl 1 Box 1.2.2
Extension ekbaidcchahkpedbhdenlmleimihkcim
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabulky Google 1.1
Extension fheoggkfdfchfphceeifdbepaooicaho 0 McAfee® WebAdvisor 4.0.0.1
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension gighmmpiobklfepjocnamgkkbiglidom 1 AdBlock 3.4.0
Extension hekhdfjankbhklfkjmnmnefcacndeoll 1 2048 1.2
Extension hepianaooikobedamdjojdfjldpoelbm
Extension hncgklnmcokagjlmdkjneiabailabkop 1 ZenCast 0.1.5
Extension jclipofobaadknkadkpgggmjkebddjam 1 PDF to Word Converter App 2.1
Extension jddfpnmfhodaljeelokfceepbeapgbdn 1 Online PDF Tools 2.0.0.1
Extension jfppgkomfopklagggkjiaddgndkgopgl 0
Extension kdmmkfaghgcicheaimnpffeeekheafkb 1 Autodesk Homestyler 3.0.0
Extension kgcpghlamffckiijcagnbjmagpbfhiai
Extension kjehaadplpgckpgeoddpnijogjaldela 1 Převod měn 1.4
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension lneaknkopdijkpnocmklfnjbeapigfbh 1 Mapy Google 5.4.1
Extension mcafejemebbngbglfoinpoaannbihjna 1 Planner 5D - Interior Design 1.5.1.0
Extension meefjekipolcgabfgaclcpdkbghhmoah 1 HUMAN 3.0 3.2.1
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension mihcahmgecmbnbcchbopgniflfhgnkff 1 Kontrola e-mailu Google 4.4.0
Extension mnaaclhkigagfmmmejenjpgjmemgkipa 1 Math Science Engineering Calculators 1.4
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.0
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.0
Extension nphgeidmkmbmehnihdconhbclfgcdodn
Extension pchjhmiapbbphflbgejhigbmfmmgbngn
Extension pfpeapihoiogbcmdmnibeplnikfnhoge 1 Outlook.com 1.0.2
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5416.905.0.6
Homepage: http://www.seznam.cz/
default_search_provider.search_url:
C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho]
"Path"=


======Registry dump======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={8A3CB235-B68F-4A58-813E-43523810EB77}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8A3CB235-B68F-4A58-813E-43523810EB77}]
"URL"=http://www.bing.com/search?q={searchTer ... &pc=MALNJS


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={8A3CB235-B68F-4A58-813E-43523810EB77}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{8A3CB235-B68F-4A58-813E-43523810EB77}]
"URL"=http://www.bing.com/search?q={searchTer ... &pc=MALNJS

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-10-27 214224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-11 64640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-27 2850608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-10-27 151248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-10-27 1931048]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtsFT"=RTFTrack.exe []
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-08-10 13191824]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2012-08-06 1215632]
"SynLenovoGestureMgr"=C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [2012-08-16 665400]
"BtTray"=C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [2012-08-11 764032]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2012-08-11 127616]
"OnekeyStudio"=C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [2012-08-10 4196432]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2016-09-24 17111056]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2016-09-24 193008]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-08-16 2916152]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2012-12-19 172168]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2012-12-19 400008]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2012-12-19 441992]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"=C:\Users\Jan\AppData\Local\Akamai\netsession_win.exe [2015-09-10 4691384]
"f.lux"=C:\Users\Jan\AppData\Local\FluxSoftware\Flux\flux.exe [2013-10-23 1017224]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-10-17 27021952]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"YouCam Mirage"=C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27 136488]
"YouCam Tray"=C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [2012-07-27 167024]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2012-04-19 217088]
"RemoteControl10"=C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [2012-03-29 91432]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"ADSK DLMSession"=C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [2015-01-28 1627032]
"ControlCenter4"=C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [2014-06-16 139776]
"BrStsMon00"=C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2014-05-22 4513792]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-16 1156824]
"Autodesk Desktop App"=C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [2016-07-01 721856]

C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Poslat do aplikace OneNote.lnk - C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\windows\system32\nvinitx.dll,C:\WINDOWS\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath"="C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-11-05 20:32:57 ----D---- C:\FRST
2016-11-05 20:01:59 ----D---- C:\rsit
2016-11-05 20:01:59 ----D---- C:\Program Files\trend micro
2016-10-30 20:49:04 ----D---- C:\Program Files (x86)\Hewlett-Packard
2016-10-30 20:44:56 ----A---- C:\WINDOWS\system32\HP1100SM.EXE
2016-10-30 20:44:55 ----A---- C:\WINDOWS\system32\HP1100LM.DLL
2016-10-30 20:44:51 ----A---- C:\WINDOWS\system32\HPSIsvc.exe
2016-10-30 20:42:11 ----D---- C:\Program Files\HP
2016-10-30 20:42:11 ----A---- C:\WINDOWS\system32\mvhlewsi.dll
2016-10-30 20:41:33 ----A---- C:\WINDOWS\system32\drivers\mvusbews.sys
2016-10-30 20:41:28 ----A---- C:\WINDOWS\system32\mvusbews.dll
2016-10-30 20:41:23 ----A---- C:\WINDOWS\system32\HP1100SMs.dll
2016-10-30 20:39:38 ----D---- C:\LJP1100_P1560_P1600_Full_Solution
2016-10-30 16:14:33 ----RD---- C:\Program Files (x86)\Skype
2016-10-30 16:14:18 ----D---- C:\ProgramData\Skype
2016-10-29 09:02:42 ----D---- C:\AdwCleaner
2016-10-28 15:42:17 ----D---- C:\_OTM
2016-10-21 15:38:22 ----D---- C:\Users\Jan\AppData\Roaming\vlc
2016-10-21 15:09:32 ----D---- C:\Program Files\VideoLAN
2016-10-21 07:46:45 ----A---- C:\WINDOWS\SYSWOW64\LWCtPl.dll
2016-10-21 07:46:37 ----A---- C:\WINDOWS\SYSWOW64\drivers\LUsbSys.sys
2016-10-21 07:46:37 ----A---- C:\WINDOWS\SYSWOW64\drivers\LHidHi.sys
2016-10-21 07:46:37 ----A---- C:\WINDOWS\SYSWOW64\drivers\ihidfilt.sys
2016-10-21 07:46:36 ----A---- C:\WINDOWS\SYSWOW64\drivers\LHidLo.sys
2016-10-21 07:46:35 ----A---- C:\WINDOWS\SYSWOW64\WMWizard.dll
2016-10-21 07:46:35 ----A---- C:\WINDOWS\SYSWOW64\W9xDAPI.dll
2016-10-21 07:46:34 ----A---- C:\WINDOWS\SYSWOW64\W9XdInst.dll
2016-10-21 07:46:33 ----A---- C:\WINDOWS\SYSWOW64\WmJoyFrc.dll
2016-10-21 07:46:33 ----A---- C:\WINDOWS\SYSWOW64\LFLoad.sys
2016-10-21 07:45:48 ----D---- C:\Program Files (x86)\Logitech
2016-10-19 10:56:40 ----D---- C:\Program Files (x86)\Desktop Lighter
2016-10-14 09:50:24 ----D---- C:\Users\Jan\AppData\Roaming\mioObjects
2016-10-12 06:12:48 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2016-10-12 06:12:48 ----A---- C:\WINDOWS\system32\appraiser.dll
2016-10-12 06:12:48 ----A---- C:\WINDOWS\system32\aeinv.dll
2016-10-12 06:12:48 ----A---- C:\WINDOWS\system32\acmigration.dll
2016-10-12 06:12:47 ----A---- C:\WINDOWS\system32\invagent.dll
2016-10-12 06:12:47 ----A---- C:\WINDOWS\system32\generaltel.dll
2016-10-12 06:12:47 ----A---- C:\WINDOWS\system32\devinv.dll
2016-10-12 06:12:47 ----A---- C:\WINDOWS\system32\aepic.dll
2016-10-12 06:12:46 ----A---- C:\WINDOWS\system32\centel.dll
2016-10-12 06:12:39 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-10-12 06:12:31 ----A---- C:\WINDOWS\system32\wmp.dll
2016-10-12 06:12:28 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2016-10-12 06:12:25 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-10-12 06:12:23 ----A---- C:\WINDOWS\SYSWOW64\esent.dll
2016-10-12 06:12:23 ----A---- C:\WINDOWS\system32\esent.dll
2016-10-12 06:12:22 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-10-12 06:12:22 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-10-12 06:12:19 ----A---- C:\WINDOWS\system32\d3d11.dll
2016-10-12 06:12:18 ----A---- C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-10-12 06:12:17 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-10-12 06:12:17 ----A---- C:\WINDOWS\system32\DWrite.dll
2016-10-12 06:12:16 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-10-12 06:12:16 ----A---- C:\WINDOWS\SYSWOW64\d3d11.dll
2016-10-12 06:12:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Streaming.dll
2016-10-12 06:12:11 ----A---- C:\WINDOWS\system32\MSVidCtl.dll
2016-10-12 06:12:10 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-10-12 06:12:10 ----A---- C:\WINDOWS\system32\wininet.dll
2016-10-12 06:12:10 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-10-12 06:12:10 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-10-12 06:12:10 ----A---- C:\WINDOWS\system32\FntCache.dll
2016-10-12 06:12:09 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-10-12 06:12:09 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-10-12 06:12:09 ----A---- C:\WINDOWS\SYSWOW64\ntshrui.dll
2016-10-12 06:12:09 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2016-10-12 06:12:09 ----A---- C:\WINDOWS\system32\win32k.sys
2016-10-12 06:12:09 ----A---- C:\WINDOWS\system32\ntshrui.dll
2016-10-12 06:12:09 ----A---- C:\WINDOWS\system32\drivers\mrxdav.sys
2016-10-12 06:12:09 ----A---- C:\WINDOWS\system32\drivers\dfsc.sys
2016-10-12 06:12:08 ----A---- C:\WINDOWS\system32\wbengine.exe
2016-10-12 06:12:08 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-10-12 06:12:08 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2016-10-12 06:12:08 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2016-10-12 06:12:07 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2016-10-12 06:12:07 ----A---- C:\WINDOWS\system32\winload.exe
2016-10-12 06:12:06 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-10-12 06:12:06 ----A---- C:\WINDOWS\system32\drivers\parport.sys
2016-10-12 06:12:05 ----A---- C:\WINDOWS\SYSWOW64\wmploc.DLL
2016-10-12 06:12:05 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2016-10-12 06:12:05 ----A---- C:\WINDOWS\system32\wmploc.DLL
2016-10-12 06:12:05 ----A---- C:\WINDOWS\system32\vbscript.dll
2016-10-12 06:12:04 ----A---- C:\WINDOWS\SYSWOW64\rastapi.dll
2016-10-12 06:12:04 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2016-10-12 06:12:04 ----A---- C:\WINDOWS\system32\PlayToDevice.dll
2016-10-12 06:12:04 ----A---- C:\WINDOWS\system32\inetcomm.dll
2016-10-12 06:12:03 ----A---- C:\WINDOWS\SYSWOW64\PlayToDevice.dll
2016-10-12 06:12:03 ----A---- C:\WINDOWS\SYSWOW64\MSVidCtl.dll
2016-10-12 06:12:03 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2016-10-12 06:12:03 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2016-10-12 06:12:03 ----A---- C:\WINDOWS\system32\winresume.exe
2016-10-12 06:12:03 ----A---- C:\WINDOWS\system32\drivers\tm.sys
2016-10-12 06:12:02 ----A---- C:\WINDOWS\system32\rastapi.dll
2016-10-12 06:12:02 ----A---- C:\WINDOWS\system32\msfeeds.dll
2016-10-12 06:12:02 ----A---- C:\WINDOWS\system32\drivers\vwififlt.sys
2016-10-12 06:12:01 ----A---- C:\WINDOWS\SYSWOW64\adsmsext.dll
2016-10-12 06:12:01 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2016-10-12 06:12:01 ----A---- C:\WINDOWS\system32\drivers\vwifimp.sys
2016-10-12 06:12:01 ----A---- C:\WINDOWS\system32\drivers\serial.sys
2016-10-12 06:12:01 ----A---- C:\WINDOWS\system32\adsmsext.dll
2016-10-12 06:11:54 ----A---- C:\WINDOWS\system32\offreg.dll
2016-10-12 06:11:53 ----A---- C:\WINDOWS\system32\drivers\vwifibus.sys
2016-10-12 06:11:52 ----A---- C:\WINDOWS\SYSWOW64\offreg.dll
2016-10-12 06:11:51 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2016-10-12 06:11:51 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2016-10-12 06:11:51 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2016-10-12 06:11:51 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2016-10-12 06:11:51 ----A---- C:\WINDOWS\system32\drivers\serenum.sys
2016-10-12 06:11:51 ----A---- C:\WINDOWS\system32\certcli.dll
2016-10-12 06:11:50 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2016-10-12 06:11:50 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2016-10-12 06:11:50 ----A---- C:\WINDOWS\system32\jscript.dll
2016-10-12 06:11:50 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2016-10-12 06:11:28 ----A---- C:\WINDOWS\system32\shell32.dll
2016-10-12 06:11:25 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2016-10-12 06:11:24 ----A---- C:\WINDOWS\system32\twinui.dll
2016-10-12 06:11:23 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-10-12 06:11:23 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2016-10-12 06:11:23 ----A---- C:\WINDOWS\system32\authui.dll
2016-10-12 06:11:22 ----A---- C:\WINDOWS\SYSWOW64\RestoreOptIn.exe
2016-10-12 06:11:22 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2016-10-12 06:11:22 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2016-10-12 06:11:22 ----A---- C:\WINDOWS\system32\RestoreOptIn.exe
2016-10-12 06:11:22 ----A---- C:\WINDOWS\system32\actxprxy.dll
2016-10-12 06:11:22 ----A---- C:\WINDOWS\explorer.exe
2016-10-11 13:20:56 ----D---- C:\Program Files (x86)\Euro Truck Simulator 2
2016-10-10 12:45:00 ----D---- C:\Users\Jan\AppData\Roaming\uTorrent
2016-10-09 12:22:37 ----D---- C:\Users\Jan\AppData\Roaming\ControlCenter4
2016-10-09 10:30:40 ----RD---- C:\Users\Jan\AppData\Roaming\Brother
2016-10-09 10:12:16 ----D---- C:\Brother
2016-10-09 10:11:59 ----D---- C:\ProgramData\ControlCenter4
2016-10-09 10:11:59 ----D---- C:\Program Files (x86)\Browny02
2016-10-09 10:11:51 ----D---- C:\Program Files (x86)\ControlCenter4
2016-10-09 10:11:51 ----A---- C:\WINDOWS\system32\NSSRH64.dll
2016-10-09 10:11:51 ----A---- C:\WINDOWS\system32\BrWiaNCp.dll
2016-10-09 10:11:51 ----A---- C:\WINDOWS\system32\BrSNMP64.dll
2016-10-09 10:11:51 ----A---- C:\WINDOWS\system32\Brnsplg.dll
2016-10-09 10:11:51 ----A---- C:\WINDOWS\system32\BrNetSti.dll
2016-10-09 10:11:39 ----A---- C:\WINDOWS\SYSWOW64\BRTCPCON.DLL
2016-10-09 10:11:39 ----A---- C:\WINDOWS\SYSWOW64\BROSNMP.DLL
2016-10-09 10:11:39 ----A---- C:\WINDOWS\SYSWOW64\BRLMW03A.INI
2016-10-09 10:11:39 ----A---- C:\WINDOWS\SYSWOW64\BRLMW03A.DLL
2016-10-09 10:11:39 ----A---- C:\WINDOWS\SYSWOW64\BRLM03A.DLL
2016-10-09 10:11:39 ----A---- C:\WINDOWS\system32\BrWi213b.dll
2016-10-09 10:11:39 ----A---- C:\WINDOWS\system32\BrJDec.dll
2016-10-09 10:11:38 ----A---- C:\WINDOWS\system32\BRCOM13A.DLL
2016-10-09 10:11:37 ----A---- C:\WINDOWS\system32\BRADM13A.DAT
2016-10-09 10:11:31 ----N---- C:\WINDOWS\SYSWOW64\NSSearch.dll
2016-10-09 10:11:31 ----N---- C:\WINDOWS\SYSWOW64\BrDctF2S.dll
2016-10-09 10:11:31 ----N---- C:\WINDOWS\SYSWOW64\BrDctF2L.dll
2016-10-09 10:11:31 ----N---- C:\WINDOWS\SYSWOW64\BrDctF2.dll
2016-10-09 10:11:31 ----D---- C:\Program Files (x86)\Brother
2016-10-09 09:49:52 ----D---- C:\ProgramData\Brother
2016-10-07 22:32:01 ----D---- C:\ProgramData\FLEXnet

======List of files/folders modified in the last 1 month======

2016-11-05 22:00:41 ----D---- C:\WINDOWS\Temp
2016-11-05 22:00:35 ----D---- C:\WINDOWS\Prefetch
2016-11-05 22:00:32 ----D---- C:\Users\Jan\AppData\Roaming\Skype
2016-11-05 22:00:03 ----D---- C:\WINDOWS\system32\sru
2016-11-05 20:37:51 ----D---- C:\Windows
2016-11-05 20:01:59 ----RD---- C:\Program Files
2016-11-05 19:14:39 ----D---- C:\WINDOWS\system32\NDF
2016-11-05 18:36:25 ----RD---- C:\WINDOWS\System32
2016-11-05 18:36:25 ----D---- C:\WINDOWS\Inf
2016-11-05 18:36:25 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-05 14:03:25 ----D---- C:\WINDOWS\Microsoft.NET
2016-11-02 15:57:09 ----D---- C:\WINDOWS\AppReadiness
2016-11-02 07:13:44 ----D---- C:\WINDOWS\system32\config
2016-10-30 20:51:00 ----D---- C:\WINDOWS\system32\catroot
2016-10-30 20:49:04 ----RD---- C:\Program Files (x86)
2016-10-30 20:48:17 ----D---- C:\WINDOWS\system32\drivers
2016-10-30 20:46:53 ----HD---- C:\Program Files\WindowsApps
2016-10-30 20:45:07 ----D---- C:\WINDOWS\system32\DriverStore
2016-10-30 20:42:52 ----SHD---- C:\WINDOWS\Installer
2016-10-30 20:41:35 ----D---- C:\Program Files (x86)\Common Files
2016-10-30 16:14:18 ----HD---- C:\ProgramData
2016-10-30 12:12:17 ----SHD---- C:\System Volume Information
2016-10-29 09:07:27 ----D---- C:\Program Files (x86)\Amazon
2016-10-29 08:02:58 ----D---- C:\WINDOWS\CbsTemp
2016-10-29 08:02:56 ----D---- C:\WINDOWS\WinSxS
2016-10-29 08:02:56 ----D---- C:\WINDOWS\SysWOW64
2016-10-28 02:22:26 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2016-10-27 15:22:16 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2016-10-27 15:19:43 ----D---- C:\Program Files (x86)\Microsoft Office
2016-10-24 22:54:15 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-10-24 16:14:11 ----D---- C:\WINDOWS\rescache
2016-10-24 15:22:18 ----RSD---- C:\WINDOWS\assembly
2016-10-23 21:27:38 ----D---- C:\Users\Jan\AppData\Roaming\NVIDIA
2016-10-23 21:23:27 ----D---- C:\ProgramData\Package Cache
2016-10-23 11:27:00 ----D---- C:\WINDOWS\Tasks
2016-10-21 07:46:37 ----D---- C:\WINDOWS\SYSWOW64\drivers
2016-10-21 07:45:30 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-10-18 18:39:21 ----D---- C:\Users\Jan\AppData\Roaming\Autodesk
2016-10-18 18:38:03 ----D---- C:\Program Files (x86)\Autodesk
2016-10-15 16:14:18 ----SD---- C:\WINDOWS\system32\CompatTel
2016-10-15 16:14:18 ----D---- C:\WINDOWS\system32\appraiser
2016-10-15 16:14:13 ----D---- C:\WINDOWS\SYSWOW64\en-US
2016-10-15 16:14:13 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-10-15 16:14:13 ----D---- C:\Program Files\Internet Explorer
2016-10-15 16:14:13 ----D---- C:\Program Files (x86)\Internet Explorer
2016-10-15 16:14:12 ----D---- C:\WINDOWS\system32\en-US
2016-10-15 16:14:12 ----D---- C:\WINDOWS\system32\cs-CZ
2016-10-15 16:14:12 ----D---- C:\WINDOWS\system32\Boot
2016-10-15 16:14:11 ----D---- C:\WINDOWS\apppatch
2016-10-15 16:14:08 ----RD---- C:\WINDOWS\ToastData
2016-10-12 12:31:14 ----D---- C:\WINDOWS\system32\MRT
2016-10-12 12:23:16 ----AC---- C:\WINDOWS\system32\MRT.exe
2016-10-12 06:10:03 ----D---- C:\WINDOWS\system32\catroot2
2016-10-11 13:59:52 ----D---- C:\WINDOWS\system32\wbem
2016-10-09 10:12:43 ----D---- C:\WINDOWS\twain_32
2016-10-09 09:58:12 ----D---- C:\ProgramData\Autodesk
2016-10-09 08:03:22 ----D---- C:\Program Files (x86)\McAfee

File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-07-09 645952]
R0 LHDmgr;LHDmgr; C:\WINDOWS\System32\DRIVERS\LhdX64.sys [2016-09-24 39008]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2013-12-26 32544]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2016-08-13 71680]
R3 ACPIVPC;@oem66.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2016-09-24 35600]
R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athw8x.sys [2013-06-18 3680256]
R3 BTATH_HCRP;@oem47.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2012-08-11 178840]
R3 BTATH_RCP;@oem50.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2012-08-11 135832]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2012-08-11 567808]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2014-11-21 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-11-21 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Zařízení Bluetooth (síť PAN); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2016-09-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-11-21 81920]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2012-12-13 5353888]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-08-10 4102928]
R3 IntcDAud;@oem35.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 iwdbus;@oem63.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2012-11-29 25568]
R3 MEIx64;@oem60.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2013-08-08 99288]
R3 mfesapsn;McAfee Process Start Notification Service; \??\C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [2016-06-06 46240]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2013-12-26 11311392]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2016-09-24 167424]
R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-18 591360]
R3 rtsuvc;@oem6.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2012-08-27 8227216]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2012-08-16 43832]
R3 StillCam;@sti.inf,%StillCam.SvcDesc%;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\system32\DRIVERS\serscan.sys [2014-11-21 11776]
R3 SynTP;@oem38.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2012-08-16 447800]
R3 usb3Hub;@oem64.inf,%usb3Hub.SVCDESC%;USB-IF USB 3.0 Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [2012-11-29 47072]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2016-08-13 38912]
R3 wdkmd;@oem53.inf,%WiDi.SVCDESC%;Intel WiDi KMD; C:\WINDOWS\System32\drivers\WDKMD.sys [2012-11-29 42392]
S3 AthBTPort;@oem45.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2012-08-11 88728]
S3 BTATH_A2DP;@oem44.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2012-08-11 344216]
S3 btath_avdt;@oem44.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2012-08-11 114840]
S3 BTATH_LWFLT;@oem52.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2012-08-11 76952]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2016-09-24 1201664]
S3 intaud_WaveExtensible;@oem58.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-07-20 50240]
S3 mvusbews;@oem1.inf,%mvusbews.SvcDesc%;USB EWS Device; C:\WINDOWS\System32\Drivers\mvusbews.sys [2012-09-26 20480]
S3 RSUSBVSTOR;@oem52.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUVStor.sys [2012-06-13 315536]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2014-11-21 44544]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdAppMgrSvc;Autodesk Desktop App Service; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [2016-07-01 1295376]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-09-16 82128]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-08-11 211584]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [2015-02-05 31160]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2016-10-19 3293384]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll"=%SystemRoot%\system32\diagtrack.dll
R2 HPSIService;HP SI Service; C:\WINDOWS\system32\HPSIsvc.exe [2012-09-27 126880]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-11 733696]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-08-08 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-08-08 390616]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [2016-10-03 166152]
R2 mitsijm2016;Autodesk Simulation Moldflow MITSI 2016 Job Manager; C:\Program Files\Autodesk\Inventor 2016\Moldflow\bin\mitsijm.exe [2014-09-30 968480]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2013-02-14 884512]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-14 1260320]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-24 153752]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-09-20 324224]
S3 BrYNSvc;BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [2013-09-25 282112]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; %SystemRoot%\System32\svchost.exe -k LocalServiceAndNoImpersonation;"ServiceDll"=%SystemRoot%\System32\BthHFSrv.dll
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2012-12-19 277640]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [2016-10-02 1369856]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-24 153752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-11 822232]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2016-10-19 209112]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119672
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Blikání aktivní/neaktivní okno

#7 Příspěvek od Rudy »

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:files
C:\Users\Jan\AppData\Local\Akamai
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA

:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8A3CB235-B68F-4A58-813E-43523810EB77}]
"URL"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{8A3CB235-B68F-4A58-813E-43523810EB77}]
"URL"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
MercedesJenz
Návštěvník
Návštěvník
Příspěvky: 18
Registrován: 05 lis 2016 20:03

Re: Blikání aktivní/neaktivní okno

#8 Příspěvek od MercedesJenz »

Zpráva z OTM

All processes killed
========== FILES ==========
C:\Users\Jan\AppData\Local\Akamai\Logs\dump folder moved successfully.
C:\Users\Jan\AppData\Local\Akamai\Logs folder moved successfully.
C:\Users\Jan\AppData\Local\Akamai\Languages folder moved successfully.
C:\Users\Jan\AppData\Local\Akamai\Cache\efulfillment.autodesk.com\net16swdld\2016\invntor\wi\{48b409a5-5562-47f4-8be6-3195b4e6bad8} folder moved successfully.
C:\Users\Jan\AppData\Local\Akamai\Cache\efulfillment.autodesk.com\net16swdld\2016\invntor\wi folder moved successfully.
C:\Users\Jan\AppData\Local\Akamai\Cache\efulfillment.autodesk.com\net16swdld\2016\invntor folder moved successfully.
C:\Users\Jan\AppData\Local\Akamai\Cache\efulfillment.autodesk.com\net16swdld\2016\amech_pp\wi\{8a4ef9ca-0c61-44c5-9916-7d1fb8f8878b} folder moved successfully.
C:\Users\Jan\AppData\Local\Akamai\Cache\efulfillment.autodesk.com\net16swdld\2016\amech_pp\wi folder moved successfully.
C:\Users\Jan\AppData\Local\Akamai\Cache\efulfillment.autodesk.com\net16swdld\2016\amech_pp folder moved successfully.
C:\Users\Jan\AppData\Local\Akamai\Cache\efulfillment.autodesk.com\net16swdld\2016 folder moved successfully.
C:\Users\Jan\AppData\Local\Akamai\Cache\efulfillment.autodesk.com\net16swdld folder moved successfully.
C:\Users\Jan\AppData\Local\Akamai\Cache\efulfillment.autodesk.com folder moved successfully.
C:\Users\Jan\AppData\Local\Akamai\Cache folder moved successfully.
C:\Users\Jan\AppData\Local\Akamai folder moved successfully.
File/Folder C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore not found.
File/Folder C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8A3CB235-B68F-4A58-813E-43523810EB77}\\URL deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{8A3CB235-B68F-4A58-813E-43523810EB77}\\URL not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default.migrated

User: Jan
->Temp folder emptied: 7984030 bytes
->Temporary Internet Files folder emptied: 2903251 bytes
->Google Chrome cache emptied: 384871372 bytes
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2920360 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 380,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Default.migrated

User: Jan
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 11052016_223003

Files moved on Reboot...
File C:\Users\Jan\AppData\Local\Temp\etilqs_jrpJOzetGh75wkl not found!
File C:\Users\Jan\AppData\Local\Temp\etilqs_jtwNuRWlm1hBs8r not found!
File C:\Users\Jan\AppData\Local\Temp\etilqs_TXxRtyLNjBqk4GR not found!
C:\Users\Jan\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.
C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0 moved successfully.
C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1 moved successfully.
C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2 moved successfully.
C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3 moved successfully.
C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Cache\index moved successfully.
C:\WINDOWS\temp\JENZPC-20161105-2155.log moved successfully.
File C:\WINDOWS\temp\officeclicktorun.exe_streamserver(20161105215503788).log not found!

Registry entries deleted on Reboot...
Nahoru
MercedesJenz
Návštěvník
Návštěvník
Příspěvky: 18
Registrován: 05 lis 2016 20:03

Re: Blikání aktivní/neaktivní okno

#9 Příspěvek od MercedesJenz »

Log RSIT #1

Logfile of random's system information tool 1.14 (written by random/random)
Run by Jan at 2016-11-05 22:43:54
Microsoft Windows 8.1
System drive C: has 233 GB (26%) free of 905 GB
Total RAM: 8048 MB (76% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:43:56, on 5. 11. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Users\Jan\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe
C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
C:\Program Files (x86)\Microsoft Office\Root\Office16\MsoSync.exe
C:\Program Files\trend micro\Jan_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE12DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [ADSK DLMSession] C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Autodesk Desktop App] "C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray
O4 - HKCU\..\Run: [f.lux] "C:\Users\Jan\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-21-3840663496-1805175044-893499811-1008\..\Run: [GoogleChromeAutoLaunch_1F14D2380DB1DE09582B9D790BD95BA5] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3840663496-1805175044-893499811-1008\..\Run: [Akamai NetSession Interface] "C:\Users\Jan\AppData\Local\Akamai\netsession_win.exe" (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3840663496-1805175044-893499811-1008\..\Run: [f.lux] "C:\Users\Jan\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3840663496-1805175044-893499811-1008\..\Run: [StartWMDriverWiz] C:\WINDOWS\system32\rundll32.exe C:\PROGRA~2\COMMON~1\Logitech\WmDrivers\wmwizard.dll,WMWizardMain (User 'UpdatusUser')
O4 - Startup: Poslat do aplikace OneNote.lnk = C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: Autodesk Desktop App Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\WINDOWS\system32\HPSIsvc.exe (file missing)
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: Autodesk Simulation Moldflow MITSI 2016 Job Manager (mitsijm2016) - Autodesk, Inc. - C:\Program Files\Autodesk\Inventor 2016\Moldflow\bin\mitsijm.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 13580 bytes

======Enumerating Processes======

C:\WINDOWS\system32\wininit.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"C:\WINDOWS\system32\nvvsvc.exe"
C:\WINDOWS\system32\dwm.exe
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\system32\HPSIsvc.exe
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe"
"C:\Program Files\Autodesk\Inventor 2016\Moldflow\bin\mitsijm.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-1d9a9dc9-543b-41c8-a0b3-e5483eb0b208 -SystemEventPortName:HostProcess-d6635651-092a-42a4-98cf-1a475915dba4 -IoCancelEventPortName:HostProcess-27aabd65-eea5-41e8-aab8-8c83deec7b0d -NonStateChangingEventPortName:HostProcess-6f49f807-2bb6-4225-a29e-6b6953ac35b1 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:a67a5f47-be83-430f-b2e6-058927db2d93 -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\WINDOWS\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\taskhostex.exe
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\skydrive.exe -Embedding
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
"C:\Windows\RTFTrack.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe" /m
"C:\Program Files (x86)\Bluetooth Suite\BtTray.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Users\Jan\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
"C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
"C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
"C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe" --approot=SOFTWARE\Autodesk --appAgent=/AUTODESKDESKTOPAPP/6.2.0.174/cs-CZ/0001 --lang=cs-CZ --cache-path="C:\Users\Jan\AppData\Local\Autodesk\Autodesk Desktop App\BrowserCache" --peerPid=5636
"C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe" --type=gpu-process --channel="6476.0.1873258869\1653460417" --no-sandbox --lang=cs-CZ --log-severity=disable --peerpid=5636 --disable-image-transport-surface --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,1,5,14,27 --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2932 --lang=cs-CZ --log-severity=disable --peerpid=5636 /prefetch:822062411
"C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe" --type=renderer --no-sandbox --lang=en-US --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --lang=cs-CZ --log-severity=disable --peerpid=5636 --enable-software-compositing --channel="6476.1.1619373939\616568033" /prefetch:673131151
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE" -Embedding
"C:\Program Files (x86)\Microsoft Office\Root\Office16\MsoSync.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Jan\Desktop\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe"
"C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe"
C:\WINDOWS\system32\WerFault.exe -u -p 4496 -s 1040

======Scheduled tasks folder======

C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3840663496-1805175044-893499811-1002 - %localappdata%\Microsoft\OneDrive\OneDrive.exe /autoupdate
C:\WINDOWS\system32\tasks\MirageAgent - C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\WINDOWS\system32\tasks\OneDrive Standalone Update Task - C:\Users\Jan\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
C:\WINDOWS\system32\tasks\Synaptics TouchPad Enhancements - \Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\WINDOWS\system32\tasks\Microsoft\Windows\WS\License Validation - rundll32.exe WSClient.dll,WSpTLR licensing
C:\WINDOWS\system32\tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask - rundll32.exe WSClient.dll,RefreshBannedAppsList
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - %SystemRoot%\System32\AutoWorkplace.exe join
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION /FIRSTTIME
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCleanup
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - %ProgramFiles%\Windows Defender\MpCmdRun.exe Scan -ScheduleJob
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdVerification
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\Lpksetup - C:\WINDOWS\System32\lpksetup.exe -v
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\Mcbuilder - C:\WINDOWS\System32\mcbuilder.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent /increment
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe %windir%\system32\invagent.dll,RunUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\Office Automatic Updates - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /update SCHEDULEDTASK displaylevel=False
C:\WINDOWS\system32\tasks\Microsoft\Office\Office ClickToRun Service Monitor - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /WatchService
C:\WINDOWS\system32\tasks\Microsoft\Office\Office Subscription Maintenance - C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 - C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe scan upload mininterval:2880
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 - C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe scan upload

=========Google Chrome=========

C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapbdbdomjkkjkaonfhkkikfgjllcleb 1 Překladač Google 2.0.6
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentace Google 0.9
Extension aciahcmjmecflokailenpkdchphgkefd 1 Entanglement Web App 3.4.9
Extension adapibeileacgechmgngdfekbjleadnj
Extension aelbknmfcacjffmgnoaaonhgoghlmlkp
Extension afbpdhiclgghnffhkinjikglgmolhpee 1 Torrent Search 1.2.0.7
Extension agoenciogemlojlhccbcpcfflicgnaak 1 BIODIGITAL HUMAN 3.1.3
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension akjbfncbadcmnkopckegnmjgihagponf 1 HD for YouTube™ 2.0
Extension aknpkdffaafgjchaibgeefbgmgeghloj
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension beapnbfmjmjhhfpaoajfhjbbfnnlfpnc 0
Extension beobeededemalmllhkmnkinmfembdimh 1 TV 1.0.12
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension bgjpfhpjcgdppjbgnpnjllokbmcdllig 1 Seznam Lištička - Email 1.3.14
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension bppbpeijolfcampacpljolaegibfhjph 1 TV 2.6
Extension cgbncpmdcgnaoplhdfakiogmpejpogmj
Extension cihohekcekjgjdkeljpkbaaecgfoimbj 1 Mac OS X Simple Theme 1.0.1
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension ejnkaeblpdcamcioiiabclakabcbjmbl 1 Box 1.2.2
Extension ekbaidcchahkpedbhdenlmleimihkcim
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabulky Google 1.1
Extension fheoggkfdfchfphceeifdbepaooicaho 0 McAfee® WebAdvisor 4.0.0.1
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension gighmmpiobklfepjocnamgkkbiglidom 1 AdBlock 3.4.0
Extension hekhdfjankbhklfkjmnmnefcacndeoll 1 2048 1.2
Extension hepianaooikobedamdjojdfjldpoelbm
Extension hncgklnmcokagjlmdkjneiabailabkop 1 ZenCast 0.1.5
Extension jclipofobaadknkadkpgggmjkebddjam 1 PDF to Word Converter App 2.1
Extension jddfpnmfhodaljeelokfceepbeapgbdn 1 Online PDF Tools 2.0.0.1
Extension jfppgkomfopklagggkjiaddgndkgopgl 0
Extension kdmmkfaghgcicheaimnpffeeekheafkb 1 Autodesk Homestyler 3.0.0
Extension kgcpghlamffckiijcagnbjmagpbfhiai
Extension kjehaadplpgckpgeoddpnijogjaldela 1 Převod měn 1.4
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension lneaknkopdijkpnocmklfnjbeapigfbh 1 Mapy Google 5.4.1
Extension mcafejemebbngbglfoinpoaannbihjna 1 Planner 5D - Interior Design 1.5.1.0
Extension meefjekipolcgabfgaclcpdkbghhmoah 1 HUMAN 3.0 3.2.1
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension mihcahmgecmbnbcchbopgniflfhgnkff 1 Kontrola e-mailu Google 4.4.0
Extension mnaaclhkigagfmmmejenjpgjmemgkipa 1 Math Science Engineering Calculators 1.4
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.0
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.0
Extension nphgeidmkmbmehnihdconhbclfgcdodn
Extension pchjhmiapbbphflbgejhigbmfmmgbngn
Extension pfpeapihoiogbcmdmnibeplnikfnhoge 1 Outlook.com 1.0.2
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5416.905.0.6
Homepage: http://www.seznam.cz/
default_search_provider.search_url:
C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho]
"Path"=
Nahoru
MercedesJenz
Návštěvník
Návštěvník
Příspěvky: 18
Registrován: 05 lis 2016 20:03

Re: Blikání aktivní/neaktivní okno

#10 Příspěvek od MercedesJenz »

Log RSIT #2

======Registry dump======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={8A3CB235-B68F-4A58-813E-43523810EB77}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8A3CB235-B68F-4A58-813E-43523810EB77}]
"URL"=http://www.bing.com/search?q={searchTer ... &pc=MALNJS


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={8A3CB235-B68F-4A58-813E-43523810EB77}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-10-27 214224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-11 64640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-27 2850608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-10-27 151248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-10-27 1931048]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtsFT"=RTFTrack.exe []
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-08-10 13191824]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2012-08-06 1215632]
"SynLenovoGestureMgr"=C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [2012-08-16 665400]
"BtTray"=C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [2012-08-11 764032]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2012-08-11 127616]
"OnekeyStudio"=C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [2012-08-10 4196432]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2016-09-24 17111056]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2016-09-24 193008]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-08-16 2916152]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2012-12-19 172168]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2012-12-19 400008]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2012-12-19 441992]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"f.lux"=C:\Users\Jan\AppData\Local\FluxSoftware\Flux\flux.exe [2013-10-23 1017224]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-10-17 27021952]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"YouCam Mirage"=C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27 136488]
"YouCam Tray"=C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [2012-07-27 167024]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2012-04-19 217088]
"RemoteControl10"=C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [2012-03-29 91432]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"ADSK DLMSession"=C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [2015-01-28 1627032]
"ControlCenter4"=C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [2014-06-16 139776]
"BrStsMon00"=C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2014-05-22 4513792]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-16 1156824]
"Autodesk Desktop App"=C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [2016-07-01 721856]

C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Poslat do aplikace OneNote.lnk - C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\windows\system32\nvinitx.dll,C:\WINDOWS\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath"="C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-11-05 20:32:57 ----D---- C:\FRST
2016-11-05 20:01:59 ----D---- C:\rsit
2016-11-05 20:01:59 ----D---- C:\Program Files\trend micro
2016-10-30 20:49:04 ----D---- C:\Program Files (x86)\Hewlett-Packard
2016-10-30 20:44:56 ----A---- C:\WINDOWS\system32\HP1100SM.EXE
2016-10-30 20:44:55 ----A---- C:\WINDOWS\system32\HP1100LM.DLL
2016-10-30 20:44:51 ----A---- C:\WINDOWS\system32\HPSIsvc.exe
2016-10-30 20:42:11 ----D---- C:\Program Files\HP
2016-10-30 20:42:11 ----A---- C:\WINDOWS\system32\mvhlewsi.dll
2016-10-30 20:41:33 ----A---- C:\WINDOWS\system32\drivers\mvusbews.sys
2016-10-30 20:41:28 ----A---- C:\WINDOWS\system32\mvusbews.dll
2016-10-30 20:41:23 ----A---- C:\WINDOWS\system32\HP1100SMs.dll
2016-10-30 20:39:38 ----D---- C:\LJP1100_P1560_P1600_Full_Solution
2016-10-30 16:14:33 ----RD---- C:\Program Files (x86)\Skype
2016-10-30 16:14:18 ----D---- C:\ProgramData\Skype
2016-10-29 09:02:42 ----D---- C:\AdwCleaner
2016-10-28 15:42:17 ----D---- C:\_OTM
2016-10-21 15:38:22 ----D---- C:\Users\Jan\AppData\Roaming\vlc
2016-10-21 15:09:32 ----D---- C:\Program Files\VideoLAN
2016-10-21 07:46:45 ----A---- C:\WINDOWS\SYSWOW64\LWCtPl.dll
2016-10-21 07:46:37 ----A---- C:\WINDOWS\SYSWOW64\drivers\LUsbSys.sys
2016-10-21 07:46:37 ----A---- C:\WINDOWS\SYSWOW64\drivers\LHidHi.sys
2016-10-21 07:46:37 ----A---- C:\WINDOWS\SYSWOW64\drivers\ihidfilt.sys
2016-10-21 07:46:36 ----A---- C:\WINDOWS\SYSWOW64\drivers\LHidLo.sys
2016-10-21 07:46:35 ----A---- C:\WINDOWS\SYSWOW64\WMWizard.dll
2016-10-21 07:46:35 ----A---- C:\WINDOWS\SYSWOW64\W9xDAPI.dll
2016-10-21 07:46:34 ----A---- C:\WINDOWS\SYSWOW64\W9XdInst.dll
2016-10-21 07:46:33 ----A---- C:\WINDOWS\SYSWOW64\WmJoyFrc.dll
2016-10-21 07:46:33 ----A---- C:\WINDOWS\SYSWOW64\LFLoad.sys
2016-10-21 07:45:48 ----D---- C:\Program Files (x86)\Logitech
2016-10-19 10:56:40 ----D---- C:\Program Files (x86)\Desktop Lighter
2016-10-14 09:50:24 ----D---- C:\Users\Jan\AppData\Roaming\mioObjects
2016-10-12 06:12:48 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2016-10-12 06:12:48 ----A---- C:\WINDOWS\system32\appraiser.dll
2016-10-12 06:12:48 ----A---- C:\WINDOWS\system32\aeinv.dll
2016-10-12 06:12:48 ----A---- C:\WINDOWS\system32\acmigration.dll
2016-10-12 06:12:47 ----A---- C:\WINDOWS\system32\invagent.dll
2016-10-12 06:12:47 ----A---- C:\WINDOWS\system32\generaltel.dll
2016-10-12 06:12:47 ----A---- C:\WINDOWS\system32\devinv.dll
2016-10-12 06:12:47 ----A---- C:\WINDOWS\system32\aepic.dll
2016-10-12 06:12:46 ----A---- C:\WINDOWS\system32\centel.dll
2016-10-12 06:12:39 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-10-12 06:12:31 ----A---- C:\WINDOWS\system32\wmp.dll
2016-10-12 06:12:28 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2016-10-12 06:12:25 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-10-12 06:12:23 ----A---- C:\WINDOWS\SYSWOW64\esent.dll
2016-10-12 06:12:23 ----A---- C:\WINDOWS\system32\esent.dll
2016-10-12 06:12:22 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-10-12 06:12:22 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-10-12 06:12:19 ----A---- C:\WINDOWS\system32\d3d11.dll
2016-10-12 06:12:18 ----A---- C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-10-12 06:12:17 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-10-12 06:12:17 ----A---- C:\WINDOWS\system32\DWrite.dll
2016-10-12 06:12:16 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-10-12 06:12:16 ----A---- C:\WINDOWS\SYSWOW64\d3d11.dll
2016-10-12 06:12:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Streaming.dll
2016-10-12 06:12:11 ----A---- C:\WINDOWS\system32\MSVidCtl.dll
2016-10-12 06:12:10 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-10-12 06:12:10 ----A---- C:\WINDOWS\system32\wininet.dll
2016-10-12 06:12:10 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-10-12 06:12:10 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-10-12 06:12:10 ----A---- C:\WINDOWS\system32\FntCache.dll
2016-10-12 06:12:09 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-10-12 06:12:09 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-10-12 06:12:09 ----A---- C:\WINDOWS\SYSWOW64\ntshrui.dll
2016-10-12 06:12:09 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2016-10-12 06:12:09 ----A---- C:\WINDOWS\system32\win32k.sys
2016-10-12 06:12:09 ----A---- C:\WINDOWS\system32\ntshrui.dll
2016-10-12 06:12:09 ----A---- C:\WINDOWS\system32\drivers\mrxdav.sys
2016-10-12 06:12:09 ----A---- C:\WINDOWS\system32\drivers\dfsc.sys
2016-10-12 06:12:08 ----A---- C:\WINDOWS\system32\wbengine.exe
2016-10-12 06:12:08 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-10-12 06:12:08 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2016-10-12 06:12:08 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2016-10-12 06:12:07 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2016-10-12 06:12:07 ----A---- C:\WINDOWS\system32\winload.exe
2016-10-12 06:12:06 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-10-12 06:12:06 ----A---- C:\WINDOWS\system32\drivers\parport.sys
2016-10-12 06:12:05 ----A---- C:\WINDOWS\SYSWOW64\wmploc.DLL
2016-10-12 06:12:05 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2016-10-12 06:12:05 ----A---- C:\WINDOWS\system32\wmploc.DLL
2016-10-12 06:12:05 ----A---- C:\WINDOWS\system32\vbscript.dll
2016-10-12 06:12:04 ----A---- C:\WINDOWS\SYSWOW64\rastapi.dll
2016-10-12 06:12:04 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2016-10-12 06:12:04 ----A---- C:\WINDOWS\system32\PlayToDevice.dll
2016-10-12 06:12:04 ----A---- C:\WINDOWS\system32\inetcomm.dll
2016-10-12 06:12:03 ----A---- C:\WINDOWS\SYSWOW64\PlayToDevice.dll
2016-10-12 06:12:03 ----A---- C:\WINDOWS\SYSWOW64\MSVidCtl.dll
2016-10-12 06:12:03 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2016-10-12 06:12:03 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2016-10-12 06:12:03 ----A---- C:\WINDOWS\system32\winresume.exe
2016-10-12 06:12:03 ----A---- C:\WINDOWS\system32\drivers\tm.sys
2016-10-12 06:12:02 ----A---- C:\WINDOWS\system32\rastapi.dll
2016-10-12 06:12:02 ----A---- C:\WINDOWS\system32\msfeeds.dll
2016-10-12 06:12:02 ----A---- C:\WINDOWS\system32\drivers\vwififlt.sys
2016-10-12 06:12:01 ----A---- C:\WINDOWS\SYSWOW64\adsmsext.dll
2016-10-12 06:12:01 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2016-10-12 06:12:01 ----A---- C:\WINDOWS\system32\drivers\vwifimp.sys
2016-10-12 06:12:01 ----A---- C:\WINDOWS\system32\drivers\serial.sys
2016-10-12 06:12:01 ----A---- C:\WINDOWS\system32\adsmsext.dll
2016-10-12 06:11:54 ----A---- C:\WINDOWS\system32\offreg.dll
2016-10-12 06:11:53 ----A---- C:\WINDOWS\system32\drivers\vwifibus.sys
2016-10-12 06:11:52 ----A---- C:\WINDOWS\SYSWOW64\offreg.dll
2016-10-12 06:11:51 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2016-10-12 06:11:51 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2016-10-12 06:11:51 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2016-10-12 06:11:51 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2016-10-12 06:11:51 ----A---- C:\WINDOWS\system32\drivers\serenum.sys
2016-10-12 06:11:51 ----A---- C:\WINDOWS\system32\certcli.dll
2016-10-12 06:11:50 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2016-10-12 06:11:50 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2016-10-12 06:11:50 ----A---- C:\WINDOWS\system32\jscript.dll
2016-10-12 06:11:50 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2016-10-12 06:11:28 ----A---- C:\WINDOWS\system32\shell32.dll
2016-10-12 06:11:25 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2016-10-12 06:11:24 ----A---- C:\WINDOWS\system32\twinui.dll
2016-10-12 06:11:23 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-10-12 06:11:23 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2016-10-12 06:11:23 ----A---- C:\WINDOWS\system32\authui.dll
2016-10-12 06:11:22 ----A---- C:\WINDOWS\SYSWOW64\RestoreOptIn.exe
2016-10-12 06:11:22 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2016-10-12 06:11:22 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2016-10-12 06:11:22 ----A---- C:\WINDOWS\system32\RestoreOptIn.exe
2016-10-12 06:11:22 ----A---- C:\WINDOWS\system32\actxprxy.dll
2016-10-12 06:11:22 ----A---- C:\WINDOWS\explorer.exe
2016-10-11 13:20:56 ----D---- C:\Program Files (x86)\Euro Truck Simulator 2
2016-10-10 12:45:00 ----D---- C:\Users\Jan\AppData\Roaming\uTorrent
2016-10-09 12:22:37 ----D---- C:\Users\Jan\AppData\Roaming\ControlCenter4
2016-10-09 10:30:40 ----RD---- C:\Users\Jan\AppData\Roaming\Brother
2016-10-09 10:12:16 ----D---- C:\Brother
2016-10-09 10:11:59 ----D---- C:\ProgramData\ControlCenter4
2016-10-09 10:11:59 ----D---- C:\Program Files (x86)\Browny02
2016-10-09 10:11:51 ----D---- C:\Program Files (x86)\ControlCenter4
2016-10-09 10:11:51 ----A---- C:\WINDOWS\system32\NSSRH64.dll
2016-10-09 10:11:51 ----A---- C:\WINDOWS\system32\BrWiaNCp.dll
2016-10-09 10:11:51 ----A---- C:\WINDOWS\system32\BrSNMP64.dll
2016-10-09 10:11:51 ----A---- C:\WINDOWS\system32\Brnsplg.dll
2016-10-09 10:11:51 ----A---- C:\WINDOWS\system32\BrNetSti.dll
2016-10-09 10:11:39 ----A---- C:\WINDOWS\SYSWOW64\BRTCPCON.DLL
2016-10-09 10:11:39 ----A---- C:\WINDOWS\SYSWOW64\BROSNMP.DLL
2016-10-09 10:11:39 ----A---- C:\WINDOWS\SYSWOW64\BRLMW03A.INI
2016-10-09 10:11:39 ----A---- C:\WINDOWS\SYSWOW64\BRLMW03A.DLL
2016-10-09 10:11:39 ----A---- C:\WINDOWS\SYSWOW64\BRLM03A.DLL
2016-10-09 10:11:39 ----A---- C:\WINDOWS\system32\BrWi213b.dll
2016-10-09 10:11:39 ----A---- C:\WINDOWS\system32\BrJDec.dll
2016-10-09 10:11:38 ----A---- C:\WINDOWS\system32\BRCOM13A.DLL
2016-10-09 10:11:37 ----A---- C:\WINDOWS\system32\BRADM13A.DAT
2016-10-09 10:11:31 ----N---- C:\WINDOWS\SYSWOW64\NSSearch.dll
2016-10-09 10:11:31 ----N---- C:\WINDOWS\SYSWOW64\BrDctF2S.dll
2016-10-09 10:11:31 ----N---- C:\WINDOWS\SYSWOW64\BrDctF2L.dll
2016-10-09 10:11:31 ----N---- C:\WINDOWS\SYSWOW64\BrDctF2.dll
2016-10-09 10:11:31 ----D---- C:\Program Files (x86)\Brother
2016-10-09 09:49:52 ----D---- C:\ProgramData\Brother
2016-10-07 22:32:01 ----D---- C:\ProgramData\FLEXnet

======List of files/folders modified in the last 1 month======

2016-11-05 22:43:56 ----D---- C:\WINDOWS\Temp
2016-11-05 22:39:15 ----D---- C:\Users\Jan\AppData\Roaming\Skype
2016-11-05 22:33:55 ----D---- C:\WINDOWS\Prefetch
2016-11-05 22:00:03 ----D---- C:\WINDOWS\system32\sru
2016-11-05 20:37:51 ----D---- C:\Windows
2016-11-05 20:01:59 ----RD---- C:\Program Files
2016-11-05 19:14:39 ----D---- C:\WINDOWS\system32\NDF
2016-11-05 18:36:25 ----RD---- C:\WINDOWS\System32
2016-11-05 18:36:25 ----D---- C:\WINDOWS\Inf
2016-11-05 18:36:25 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-05 14:03:25 ----D---- C:\WINDOWS\Microsoft.NET
2016-11-02 15:57:09 ----D---- C:\WINDOWS\AppReadiness
2016-11-02 07:13:44 ----D---- C:\WINDOWS\system32\config
2016-10-30 20:51:00 ----D---- C:\WINDOWS\system32\catroot
2016-10-30 20:49:04 ----RD---- C:\Program Files (x86)
2016-10-30 20:48:17 ----D---- C:\WINDOWS\system32\drivers
2016-10-30 20:46:53 ----HD---- C:\Program Files\WindowsApps
2016-10-30 20:45:07 ----D---- C:\WINDOWS\system32\DriverStore
2016-10-30 20:42:52 ----SHD---- C:\WINDOWS\Installer
2016-10-30 20:41:35 ----D---- C:\Program Files (x86)\Common Files
2016-10-30 16:14:18 ----HD---- C:\ProgramData
2016-10-30 12:12:17 ----SHD---- C:\System Volume Information
2016-10-29 09:07:27 ----D---- C:\Program Files (x86)\Amazon
2016-10-29 08:02:58 ----D---- C:\WINDOWS\CbsTemp
2016-10-29 08:02:56 ----D---- C:\WINDOWS\WinSxS
2016-10-29 08:02:56 ----D---- C:\WINDOWS\SysWOW64
2016-10-28 02:22:26 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2016-10-27 15:22:16 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2016-10-27 15:19:43 ----D---- C:\Program Files (x86)\Microsoft Office
2016-10-24 22:54:15 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-10-24 16:14:11 ----D---- C:\WINDOWS\rescache
2016-10-24 15:22:18 ----RSD---- C:\WINDOWS\assembly
2016-10-23 21:27:38 ----D---- C:\Users\Jan\AppData\Roaming\NVIDIA
2016-10-23 21:23:27 ----D---- C:\ProgramData\Package Cache
2016-10-23 11:27:00 ----D---- C:\WINDOWS\Tasks
2016-10-21 07:46:37 ----D---- C:\WINDOWS\SYSWOW64\drivers
2016-10-21 07:45:30 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-10-18 18:39:21 ----D---- C:\Users\Jan\AppData\Roaming\Autodesk
2016-10-18 18:38:03 ----D---- C:\Program Files (x86)\Autodesk
2016-10-15 16:14:18 ----SD---- C:\WINDOWS\system32\CompatTel
2016-10-15 16:14:18 ----D---- C:\WINDOWS\system32\appraiser
2016-10-15 16:14:13 ----D---- C:\WINDOWS\SYSWOW64\en-US
2016-10-15 16:14:13 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-10-15 16:14:13 ----D---- C:\Program Files\Internet Explorer
2016-10-15 16:14:13 ----D---- C:\Program Files (x86)\Internet Explorer
2016-10-15 16:14:12 ----D---- C:\WINDOWS\system32\en-US
2016-10-15 16:14:12 ----D---- C:\WINDOWS\system32\cs-CZ
2016-10-15 16:14:12 ----D---- C:\WINDOWS\system32\Boot
2016-10-15 16:14:11 ----D---- C:\WINDOWS\apppatch
2016-10-15 16:14:08 ----RD---- C:\WINDOWS\ToastData
2016-10-12 12:31:14 ----D---- C:\WINDOWS\system32\MRT
2016-10-12 12:23:16 ----AC---- C:\WINDOWS\system32\MRT.exe
2016-10-12 06:10:03 ----D---- C:\WINDOWS\system32\catroot2
2016-10-11 13:59:52 ----D---- C:\WINDOWS\system32\wbem
2016-10-09 10:12:43 ----D---- C:\WINDOWS\twain_32
2016-10-09 09:58:12 ----D---- C:\ProgramData\Autodesk
2016-10-09 08:03:22 ----D---- C:\Program Files (x86)\McAfee

File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-07-09 645952]
R0 LHDmgr;LHDmgr; C:\WINDOWS\System32\DRIVERS\LhdX64.sys [2016-09-24 39008]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2013-12-26 32544]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2016-08-13 71680]
R3 ACPIVPC;@oem66.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2016-09-24 35600]
R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athw8x.sys [2013-06-18 3680256]
R3 BTATH_HCRP;@oem47.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2012-08-11 178840]
R3 BTATH_RCP;@oem50.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2012-08-11 135832]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2012-08-11 567808]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2014-11-21 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-11-21 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Zařízení Bluetooth (síť PAN); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2016-09-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-11-21 81920]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2012-12-13 5353888]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-08-10 4102928]
R3 IntcDAud;@oem35.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 iwdbus;@oem63.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2012-11-29 25568]
R3 MEIx64;@oem60.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2013-08-08 99288]
R3 mfesapsn;McAfee Process Start Notification Service; \??\C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [2016-06-06 46240]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2013-12-26 11311392]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2016-09-24 167424]
R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-18 591360]
R3 rtsuvc;@oem6.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2012-08-27 8227216]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2012-08-16 43832]
R3 StillCam;@sti.inf,%StillCam.SvcDesc%;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\system32\DRIVERS\serscan.sys [2014-11-21 11776]
R3 SynTP;@oem38.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2012-08-16 447800]
R3 usb3Hub;@oem64.inf,%usb3Hub.SVCDESC%;USB-IF USB 3.0 Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [2012-11-29 47072]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2016-08-13 38912]
R3 wdkmd;@oem53.inf,%WiDi.SVCDESC%;Intel WiDi KMD; C:\WINDOWS\System32\drivers\WDKMD.sys [2012-11-29 42392]
S3 AthBTPort;@oem45.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2012-08-11 88728]
S3 BTATH_A2DP;@oem44.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2012-08-11 344216]
S3 btath_avdt;@oem44.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2012-08-11 114840]
S3 BTATH_LWFLT;@oem52.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2012-08-11 76952]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2016-09-24 1201664]
S3 intaud_WaveExtensible;@oem58.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-07-20 50240]
S3 mvusbews;@oem1.inf,%mvusbews.SvcDesc%;USB EWS Device; C:\WINDOWS\System32\Drivers\mvusbews.sys [2012-09-26 20480]
S3 RSUSBVSTOR;@oem52.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUVStor.sys [2012-06-13 315536]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2014-11-21 44544]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdAppMgrSvc;Autodesk Desktop App Service; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [2016-07-01 1295376]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-09-16 82128]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-08-11 211584]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2016-10-19 3293384]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll"=%SystemRoot%\system32\diagtrack.dll
R2 HPSIService;HP SI Service; C:\WINDOWS\system32\HPSIsvc.exe [2012-09-27 126880]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-11 733696]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-08-08 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-08-08 390616]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [2016-10-03 166152]
R2 mitsijm2016;Autodesk Simulation Moldflow MITSI 2016 Job Manager; C:\Program Files\Autodesk\Inventor 2016\Moldflow\bin\mitsijm.exe [2014-09-30 968480]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2013-02-14 884512]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-14 1260320]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S2 Autodesk Content Service;Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [2015-02-05 31160]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-24 153752]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-09-20 324224]
S3 BrYNSvc;BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [2013-09-25 282112]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; %SystemRoot%\System32\svchost.exe -k LocalServiceAndNoImpersonation;"ServiceDll"=%SystemRoot%\System32\BthHFSrv.dll
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2012-12-19 277640]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [2016-10-02 1369856]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-24 153752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-11 822232]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2016-10-19 209112]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119672
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Blikání aktivní/neaktivní okno

#11 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
MercedesJenz
Návštěvník
Návštěvník
Příspěvky: 18
Registrován: 05 lis 2016 20:03

Re: Blikání aktivní/neaktivní okno

#12 Příspěvek od MercedesJenz »

Zatím je vše v pořádku, uvidíme co to udělá po pár dnech, prozatím mockrát děkuji!!! Mohl bych se řečí laika zeptat co to způsobovalo nebo spíš na co si mám dávat pozor? Děkuji
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119672
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Blikání aktivní/neaktivní okno

#13 Příspěvek od Rudy »

Bylo tam pár AdWarů a nějaké zbytečnosti. Vše jsme odstranili. Jen dodám, že tento problém zůsobují i některé regulérní aplikace.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
MercedesJenz
Návštěvník
Návštěvník
Příspěvky: 18
Registrován: 05 lis 2016 20:03

Re: Blikání aktivní/neaktivní okno

#14 Příspěvek od MercedesJenz »

Super :idea: ještě jednou mockrát děkuji!! A přeji hezký den :)
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119672
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Blikání aktivní/neaktivní okno

#15 Příspěvek od Rudy »

Rádo se stalo a i vám hezký den! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“