VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o kontrolu logu - WiFi vypadává

https://forum.viry.cz:443/viewtopic.php?t=150802

Stránka 1 z 2

Prosím o kontrolu logu - WiFi vypadává

Napsal: 09 pro 2016 13:31
od ImKubass
Dobrý den, poslední dobou se mi stává že se mi sekne chrome a poté mi to shodí Wifi pak mizí ovladač na WiFi a po nějakých 3-5 resetů pak ovladač naskočí a Wifi zase chvíli chodí. Připojení přes LAN v pohodě, bez problému. Rád bych poprosil o kontrolu logu.

Logfile of random's system information tool 1.10 (written by random/random)
Run by User at 2016-12-09 13:27:19
Microsoft Windows 8.1
System drive C: has 250 GB (28%) free of 907 GB
Total RAM: 8116 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:27:22, on 9. 12. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\USB Camera\VM331STI.EXE
C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.1\Lightshot.exe
C:\Hry\Gaming Keyboard\Monitor.EXE
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Hry\Gaming Keyboard\OSD.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\User.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE12DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll
O4 - HKLM\..\Run: [331BigDog] "C:\Program Files (x86)\USB Camera\VM331STI.EXE"
O4 - HKLM\..\Run: [Lenovo App Shop] "C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
O4 - HKLM\..\Run: [Lightshot] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [VICTORY Gaming Keyboard] "C:\Hry\Gaming Keyboard\Monitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - Global Startup: SteelSeries Engine 3.lnk = C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted IP range: http://192.168.1.1
O15 - ESC Trusted IP range: http://192.168.1.1
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FortiClient SSLVPN (FortiSslvpnDaemon) - Fortinet Inc. - C:\windows\SysWOW64\FortiSSLVPNdaemon.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Bitdefender Antivirus Free Edition (gzserv) - Bitdefender - C:\Programy\Bitdefender\Antivirus Free Edition\gzserv.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Wireless Bluetooth(R) 4.0 Radio Management - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Programy\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: VeriFaceSrv - Unknown owner - C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11835 bytes

======Listing Processes======





wininit.exe

C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
"C:\Programy\Bitdefender\Antivirus Free Edition\gzserv.exe" /service
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\igfxCUIService.exe
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
C:\windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Elantech\ETDService.exe"
C:\windows\SysWOW64\FortiSSLVPNdaemon.exe
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe"
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Programy\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe"
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-9760835f-afd3-49c2-b1fb-507fc9f81628 -SystemEventPortName:HostProcess-1ffa2359-9b8b-4b18-8196-51f52878a9f2 -IoCancelEventPortName:HostProcess-832fcf4f-5d8c-4902-845e-181611df813d -NonStateChangingEventPortName:HostProcess-00715d94-5bde-49c9-ac0b-7f4187e70f89 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:d4c19ced-0511-40f6-9339-835a5edf7191 -DeviceGroupId:26165dc1-09d6-4ecb-935c-e98c5dc11981
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-18a7ac3b-5369-4179-b77f-b98d7a00b606 -SystemEventPortName:HostProcess-37d19c08-7f3d-4c4c-b518-4a766f048f81 -IoCancelEventPortName:HostProcess-74f57d2c-de4a-413a-bcff-71ec1be622b8 -NonStateChangingEventPortName:HostProcess-c4965657-2713-42f9-8bd2-2c6c149dd9bf -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:449e1896-806d-41c0-bc89-5fe52ed3d4e6 -DeviceGroupId:WudfDefaultDevicePool
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"

C:\windows\System32\WinLogon.exe -SpecialSession
-hiberboot
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Programy\Bitdefender\Antivirus Free Edition\gziface.exe" -noshow
taskhostex.exe
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Elantech\ETDIntelligent.exe"
C:\windows\Explorer.EXE
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1"
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
"C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe" -start
"C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe" -dataPath="C:\ProgramData\SteelSeries\SteelSeries Engine 3" -dbEnv=production -auto=true
"C:\Program Files (x86)\USB Camera\VM331STI.EXE"
"C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.1\Lightshot.exe"
"C:\Hry\Gaming Keyboard\Monitor.EXE"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Hry\Gaming Keyboard\OSD.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 "--database=C:\Users\User\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=54.0.2840.99 --handshake-handle=0x130
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,SecurityWarningIconUpdate<SecurityWarningIconUpdate,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/ClientSideDetectionModel/Model0/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/NonValidatingReloadOnNormalReload/Enabled2/OmniboxBundledExperimentV1/StandardR7/ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/EnabledAlternativeServicesOctober/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/SSLPostQuantum/disabled/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SecurityWarningIconUpdate/Enabled/SignInPasswordPromo/Default/StrictSecureCookies/Default/SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/NMT/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_14/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/ --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=5,15,16,17,20,34,51,60 --gpu-vendor-id=0x8086 --gpu-device-id=0x0416 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.14.4264 --gpu-driver-date=8-4-2015 --gpu-secondary-vendor-ids=0x10de --gpu-secondary-device-ids=0x1341 --mojo-application-channel-token=C530F1C554162D4ED1733DA685EF2DED --mojo-platform-channel-handle=1140 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,SecurityWarningIconUpdate<SecurityWarningIconUpdate,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/EnabledAlternativeServicesOctober/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SecurityWarningIconUpdate/Enabled/SignInPasswordPromo/Default/StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/NMT/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_14/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/ --primordial-pipe-token=5306DF8DB75484734E579F05C27FF55A --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=5306DF8DB75484734E579F05C27FF55A --channel="4396.2.487347434\1186073787" --mojo-platform-channel-handle=2664 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,SecurityWarningIconUpdate<SecurityWarningIconUpdate,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/EnabledAlternativeServicesOctober/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SecurityWarningIconUpdate/Enabled/SignInPasswordPromo/Default/StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/NMT/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_14/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/ --primordial-pipe-token=403B888908E6837DF8A0BC91369113B1 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=403B888908E6837DF8A0BC91369113B1 --channel="4396.3.217925118\1992944677" --mojo-platform-channel-handle=2716 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,SecurityWarningIconUpdate<SecurityWarningIconUpdate,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/EnabledAlternativeServicesOctober/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SecurityWarningIconUpdate/Enabled/SignInPasswordPromo/Default/StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/NMT/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_14/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/ --primordial-pipe-token=5AFD19A46FA606CFC18B28AC1D075B93 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=5AFD19A46FA606CFC18B28AC1D075B93 --channel="4396.4.1681633380\452914567" --mojo-platform-channel-handle=2416 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,SecurityWarningIconUpdate<SecurityWarningIconUpdate,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/EnabledAlternativeServicesOctober/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SecurityWarningIconUpdate/Enabled/SignInPasswordPromo/Default/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/NMT/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_14/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=9D3DA41318896CBE282AF7E12394DDDF --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=9D3DA41318896CBE282AF7E12394DDDF --channel="4396.5.1164770851\815376284" --mojo-platform-channel-handle=5176 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,SecurityWarningIconUpdate<SecurityWarningIconUpdate,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/*EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/EnabledAlternativeServicesOctober/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SecurityWarningIconUpdate/Enabled/SignInPasswordPromo/Default/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/NMT/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_14/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=99F166BFEF6E230D51A9BE68A2CEFF1C --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=99F166BFEF6E230D51A9BE68A2CEFF1C --channel="4396.6.1186986801\205678437" --mojo-platform-channel-handle=5880 /prefetch:1

"C:\totalcmd\TOTALCMD64.EXE"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,SecurityWarningIconUpdate<SecurityWarningIconUpdate,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/*EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/*GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/EnabledAlternativeServicesOctober/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/SecurityWarningIconUpdate/Enabled/SignInPasswordPromo/Default/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/NMT/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_14/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=303C85E4EB088EC5EAD262E24678E76F --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=303C85E4EB088EC5EAD262E24678E76F --channel="4396.40.1993404735\612977497" --mojo-platform-channel-handle=5912 /prefetch:1
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\Windows\System32\RuntimeBroker.exe -Embedding
taskeng.exe {731E7B34-92B3-4753-A93D-EC91AD8E9DC5}
C:\windows\System32\svchost.exe -k WerSvcGroup
C:\windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\User\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_185_pepper.exe -check pepperplugin
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\tasks\update-S-1-5-21-3202558833-1069189178-1228024318-1001.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
C:\windows\tasks\update-sys.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate

=========Mozilla firefox=========

ProfilePath - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kzn102ke.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@FortinetCacheClean]
"Description"=FortiClient SSLVPN CacheCleaner
"Path"=C:\Program Files (x86)\Fortinet\SslvpnClient\npccplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@FortinetCacheCleanEx]
"Description"=FortiClient SSLVPN CacheCleaner
"Path"=C:\Program Files (x86)\Fortinet\SslvpnClient\npccpluginex.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@FortinetTunnelControl]
"Description"=FortiClient SSLVPN Tunnel Control Plugin
"Path"=C:\Program Files (x86)\Fortinet\SslvpnClient\nptcplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.77.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.77.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.77.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.77.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_77\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll


C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kzn102ke.default\extensions\
{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-12-05 214216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_77\bin\ssv.dll [2016-04-08 553024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-05 2850608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-04-08 214080]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-12-05 151240]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-04-08 462400]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-12-05 1931056]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-04-08 173120]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2015-08-09 404376]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2013-08-07 36352]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2013-08-08 2894664]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [2013-05-21 7830328]
"OnekeyStudio"=C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [2012-09-14 4196432]
"Energy Manager"=C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [2015-05-29 15813616]
"Lenovo Utility"=C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [2015-05-29 80880]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27 558496]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2013-08-11 1703424]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2015-05-15 3933704]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-06-18 4468056]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"331BigDog"=C:\Program Files (x86)\USB Camera\VM331STI.EXE [2013-05-15 552960]
"Lenovo App Shop"=C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\ismagent.exe [2013-07-18 156000]
"Lightshot"=C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [2016-07-11 225944]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2014-10-02 421888]
"VICTORY Gaming Keyboard"=C:\Hry\Gaming Keyboard\Monitor.exe [2013-11-11 270336]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-03-20 595480]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
SteelSeries Engine 3.lnk - C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"msacm.ac3filter"=ac3filter64.acm
"vidc.HFYU"=huffyuv.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"vidc.tscc"=C:\windows\SysWOW64\tsccvid64.dll
"vidc.tsc2"=C:\windows\SysWOW64\tsc2_codec64.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.inf - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.ini - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\windows\System32\WScript.exe" "%1" %*
.txt - open - C:\windows\NOTEPAD.EXE %1

======List of files/folders created in the last 1 month======

2016-12-09 13:18:06 ----D---- C:\Program Files\trend micro
2016-12-09 13:18:05 ----D---- C:\rsit
2016-12-08 16:59:16 ----D---- C:\Users\User\AppData\Roaming\FileZilla Server
2016-12-08 13:22:28 ----D---- C:\AdwCleaner
2016-12-08 10:46:22 ----A---- C:\windows\system32\drivers\avchv.sys
2016-12-07 15:22:02 ----D---- C:\Users\User\AppData\Roaming\npm-cache
2016-12-07 15:06:53 ----D---- C:\Users\User\AppData\Roaming\npm
2016-12-05 09:41:00 ----D---- C:\Program Files\Microsoft Office 15
2016-12-04 22:51:05 ----D---- C:\Program Files\Magic Bullet Looks Vegas
2016-12-04 22:51:04 ----D---- C:\Program Files (x86)\Red Giant Link
2016-12-04 20:56:08 ----D---- C:\windows\LastGood.Tmp
2016-12-04 20:46:54 ----D---- C:\Users\User\AppData\Roaming\Opera Software
2016-12-04 20:41:28 ----D---- C:\Program Files (x86)\Opera
2016-11-26 10:01:18 ----D---- C:\ProgramData\VEGAS Pro
2016-11-26 10:00:48 ----D---- C:\Users\User\AppData\Roaming\VEGAS
2016-11-26 10:00:43 ----D---- C:\Users\User\AppData\Roaming\VEGAS Pro
2016-11-26 10:00:43 ----D---- C:\Users\User\AppData\Roaming\MAGIX
2016-11-26 10:00:43 ----D---- C:\ProgramData\MAGIX
2016-11-26 10:00:23 ----D---- C:\Program Files (x86)\VEGAS
2016-11-26 09:59:27 ----D---- C:\ProgramData\VEGAS
2016-11-26 09:59:27 ----D---- C:\Program Files\VEGAS

======List of files/folders modified in the last 1 month======

2016-12-09 13:26:39 ----AD---- C:\windows\System32
2016-12-09 13:18:16 ----D---- C:\windows\Prefetch
2016-12-09 13:18:06 ----RD---- C:\Program Files
2016-12-09 13:12:05 ----D---- C:\windows\Temp
2016-12-09 13:02:00 ----D---- C:\windows\system32\sru
2016-12-09 12:43:04 ----D---- C:\windows\Microsoft.NET
2016-12-09 09:51:07 ----D---- C:\windows\Inf
2016-12-09 09:51:07 ----A---- C:\windows\system32\PerfStringBackup.INI
2016-12-09 09:48:46 ----D---- C:\windows\system32\Tasks
2016-12-09 09:44:49 ----D---- C:\ProgramData\NVIDIA
2016-12-09 09:27:13 ----SHD---- C:\System Volume Information
2016-12-09 09:24:41 ----D---- C:\Programy
2016-12-08 16:31:34 ----D---- C:\Users\User\AppData\Roaming\Skype
2016-12-08 12:35:03 ----D---- C:\windows\system32\drivers
2016-12-08 11:17:00 ----D---- C:\windows\system32\NDF
2016-12-08 10:07:13 ----D---- C:\Kubas
2016-12-08 09:13:24 ----D---- C:\windows\LiveKernelReports
2016-12-07 15:07:01 ----SHD---- C:\windows\Installer
2016-12-07 14:55:49 ----RSD---- C:\windows\assembly
2016-12-07 13:28:01 ----D---- C:\Program Files (x86)\Steam
2016-12-05 13:06:03 ----RSD---- C:\windows\Fonts
2016-12-05 13:06:03 ----AD---- C:\Windows
2016-12-05 12:21:27 ----D---- C:\Program Files (x86)\Microsoft Office
2016-12-05 10:00:22 ----SD---- C:\Users\User\AppData\Roaming\Microsoft
2016-12-05 09:55:16 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2016-12-05 09:54:36 ----D---- C:\windows\system32\DriverStore
2016-12-05 09:45:26 ----D---- C:\windows\SysWOW64
2016-12-05 09:40:59 ----D---- C:\Program Files\Common Files\microsoft shared
2016-12-04 22:51:53 ----D---- C:\Users\User\AppData\Roaming\Red Giant Link
2016-12-04 22:51:07 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-12-04 22:51:04 ----RD---- C:\Program Files (x86)
2016-12-04 22:51:04 ----D---- C:\Program Files (x86)\LooksBuilder
2016-12-04 21:18:08 ----HD---- C:\Intel
2016-12-04 21:18:08 ----D---- C:\ProgramData\Package Cache
2016-12-04 21:18:07 ----D---- C:\ProgramData\Intel
2016-12-04 21:18:06 ----D---- C:\Program Files (x86)\Intel
2016-12-04 21:18:05 ----D---- C:\Program Files\Common Files
2016-12-04 21:17:47 ----D---- C:\Program Files\Intel
2016-12-04 21:15:36 ----D---- C:\windows\Minidump
2016-12-04 20:56:07 ----D---- C:\windows\system32\catroot
2016-12-04 19:42:56 ----D---- C:\Users\User\AppData\Roaming\vlc
2016-12-04 14:03:48 ----D---- C:\Program Files\mmpicker
2016-12-04 12:21:09 ----D---- C:\Program Files (x86)\Diablo III
2016-12-04 12:20:52 ----D---- C:\Program Files (x86)\Battle.net
2016-12-01 23:47:38 ----D---- C:\windows\SoftwareDistribution
2016-12-01 20:47:03 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-12-01 12:49:15 ----D---- C:\Users\User\AppData\Roaming\TS3Client
2016-12-01 12:49:09 ----D---- C:\windows\debug
2016-11-30 20:35:51 ----D---- C:\Users\User\AppData\Roaming\XnView
2016-11-27 13:37:05 ----D---- C:\Users\User\AppData\Roaming\uTorrent
2016-11-26 10:01:18 ----HD---- C:\ProgramData
2016-11-26 09:59:14 ----D---- C:\Users\User\AppData\Roaming\Sony
2016-11-25 10:56:45 ----D---- C:\windows\system32\config
2016-11-24 16:14:08 ----D---- C:\Users\User\AppData\Roaming\DAEMON Tools Lite
2016-11-24 16:14:07 ----D---- C:\windows\Logs
2016-11-23 08:30:07 ----HD---- C:\Program Files\WindowsApps
2016-11-23 08:30:07 ----D---- C:\windows\AppReadiness
2016-11-20 12:43:06 ----D---- C:\windows\WinSxS
2016-11-17 22:08:24 ----D---- C:\Users\User\AppData\Roaming\The Creative Assembly
2016-11-17 21:39:24 ----D---- C:\Hry
2016-11-17 14:47:06 ----D---- C:\Users\User\AppData\Roaming\steelseries-engine-3-client
2016-11-10 17:59:11 ----D---- C:\windows\system32\wdi
2016-11-10 10:54:00 ----D---- C:\windows\rescache

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 avc3;avc3; C:\windows\system32\DRIVERS\avc3.sys [2013-04-17 718840]
R0 iaStorA;iaStorA; C:\windows\System32\drivers\iaStorA.sys [2013-08-07 644968]
R0 IntelHSWPcc;IntelHSWPcc; C:\windows\System32\drivers\IntelPcc.sys [2013-07-03 74344]
R0 trufos;trufos; C:\windows\system32\DRIVERS\trufos.sys [2013-05-28 382536]
R1 bdfwfpf;bdfwfpf; \??\C:\Programy\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [2013-07-02 121928]
R1 gzflt;gzflt; C:\windows\system32\DRIVERS\gzflt.sys [2013-04-22 148696]
R3 ACPIVPC;@oem24.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\windows\System32\drivers\AcpiVpc.sys [2015-05-29 35600]
R3 AmUStor;@oem10.inf,%AmUStor.SvcDesc%;AM USB Stroage Driver; C:\windows\system32\drivers\AmUStor.SYS [2013-06-25 109336]
R3 avckf;avckf; C:\windows\system32\DRIVERS\avckf.sys [2013-04-17 593144]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\windows\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\windows\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\windows\System32\drivers\bthpan.sys [2015-07-10 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 btmaux;@oem22.inf,%BTMAUX.ServiceDesc%;Intel Bluetooth Auxiliary Service; C:\windows\system32\DRIVERS\btmaux.sys [2013-04-23 132920]
R3 btmhsf;btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [2013-08-19 1386296]
R3 DisplayLinkUsbIo_x64;DisplayLinkUsbIo_x64; C:\windows\system32\DRIVERS\DisplayLinkUsbIo_x64_7.7.60366.0.sys [2015-02-13 46312]
R3 dlcdcncm;dlcdcncm; C:\windows\system32\DRIVERS\dlcdcncm62_x64.sys [2015-02-12 83176]
R3 dlusbaudio;dlusbaudio; C:\windows\system32\DRIVERS\dlusbaudio_x64.sys [2015-02-12 210152]
R3 dtlitescsibus;@oem31.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\windows\System32\drivers\dtlitescsibus.sys [2015-06-25 30264]
R3 ETD;@oem12.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2013-08-05 380680]
R3 ETDSMBus;ETDSMBus; C:\windows\system32\DRIVERS\ETDSMBus.sys [2013-08-05 22280]
R3 ibtusb;@oem23.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R) 4.0 + HS Adapter; C:\windows\system32\DRIVERS\ibtusb.sys [2013-09-10 118216]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2015-08-09 4928256]
R3 iwdbus;@oem7.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\windows\System32\drivers\iwdbus.sys [2015-05-26 30512]
R3 L1C;@oem17.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C63x64.sys [2013-07-18 130248]
R3 MEIx64;@oem14.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\windows\system32\DRIVERS\TeeDriverx64.sys [2013-09-04 99288]
R3 NETwNb64;@oem37.inf,%NIC_Service_DispName_WINB_64%;Ovladač adaptéru Intel(R) Wireless pro systém Windows 8.1 64 Bit; C:\windows\system32\DRIVERS\NETwbw02.sys [2015-03-09 3494680]
R3 nvlddmkm;nvlddmkm; C:\windows\system32\DRIVERS\nvlddmkm.sys [2016-10-25 14033976]
R3 pppop;@oem40.inf,%VER_DEVICE_STR% Adapter;PPPoP WAN Adapter; C:\windows\system32\DRIVERS\pppop64.sys [2009-07-21 42528]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 SensorsAlsDriver;@sensorsalsdriver.inf,%WudfSensorsAlsDriverDisplayName%;UMDF Reflector service for SensorsAlsDriver; C:\windows\System32\drivers\WUDFRd.sys [2014-10-29 226304]
R3 SensorsHIDClassDriver;@sensorshidclassdriver.inf,%WudfSensorsHIDClassDriverDisplayName%;UMDF Reflector service for SensorsHIDClassDriver; C:\windows\System32\drivers\WUDFRd.sys [2014-10-29 226304]
R3 SensorsServiceDriver;@sensorsservicedriver.inf,%WudfSensorsServiceDriverDisplayName%;UMDF Reflector service for SensorsServiceDriver; C:\windows\System32\drivers\WUDFRd.sys [2014-10-29 226304]
R3 SensorsSimulatorDriver;@oem42.inf,%WudfSensorsSimulatorDriverDisplayName%;UMDF Reflector service for SensorsSimulatorDriver; C:\windows\system32\DRIVERS\WUDFRd.sys [2014-10-29 226304]
R3 ssdevfactory;@oem28.inf,%ssdevfactory.SVCDESC%;SteelSeries Device Factory Service; C:\windows\System32\drivers\ssdevfactory.sys [2016-03-09 40576]
R3 sshid;@oem50.inf,%sshid.SvcDesc%;SteelSeries HID Service; C:\windows\System32\drivers\sshid.sys [2016-10-05 52960]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\windows\system32\DRIVERS\stwrt64.sys [2013-08-11 551936]
R3 vm331avs;@oem15.inf,%USBCamera.DeviceDesc2%;Digital Camera 1; C:\windows\System32\Drivers\vm331avs.sys [2013-08-30 1065472]
S2 Hardlock;Hardlock; \??\C:\windows\system32\drivers\hardlock.sys [2005-06-14 296448]
S3 acpials;@sensorsalsdriver.inf,%kbfiltr.SvcDesc%;ALS Sensor Filter; C:\windows\System32\drivers\acpials.sys [2014-10-29 9216]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 dlkmd;dlkmd; C:\windows\system32\drivers\dlkmd.sys [2015-02-12 437480]
S3 intaud_WaveExtensible;@oem6.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\windows\system32\drivers\intelaud.sys [2015-05-26 42288]
S3 IntcDAud;@oem8.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2013-08-20 449528]
S3 NETwNe64;@netwew02.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\windows\system32\DRIVERS\NETwew02.sys [2013-06-18 4649440]
S3 nvvad_WaveExtensible;@oem37.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\windows\system32\drivers\nvvad64v.sys [2015-07-03 47976]
S3 RtlWlanu;@netrtwlanu.inf,%RtlWlanu.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n USB 2.0 Network Adapter; C:\windows\system32\DRIVERS\rtwlanu.sys [2013-07-31 1975000]
S3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;Ovladač zvuků USB (WDM); C:\windows\system32\drivers\usbaudio.sys [2013-12-13 121088]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
S4 dlkmdldr;dlkmdldr; C:\windows\system32\drivers\dlkmdldr.sys [2015-02-12 18664]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2013-06-25 1132920]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2013-07-05 1157496]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2016-10-30 3294912]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2014-10-29 38792]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2013-07-29 92160]
R2 FortiSslvpnDaemon;FortiClient SSLVPN; C:\windows\SysWOW64\FortiSSLVPNdaemon.exe [2014-04-09 954080]
R2 gzserv;Bitdefender Antivirus Free Edition; C:\Programy\Bitdefender\Antivirus Free Edition\gzserv.exe [2016-03-02 79552]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-08-07 15720]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\windows\system32\igfxCUIService.exe [2015-08-09 355232]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-12 733696]
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management;Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [2013-09-21 155448]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-04 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-04 390616]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2016-10-25 458176]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-04-25 390632]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2013-08-11 338944]
R2 TeamViewer;TeamViewer 11; C:\Programy\TeamViewer\TeamViewer_Service.exe [2016-09-20 7500048]
R2 VeriFaceSrv;VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [2015-05-29 68368]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-22 43696]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-25 107848]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-05-23 324224]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-06-22 50352]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\windows\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2015-08-09 288688]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-06-18 1268568]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-25 107848]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-12 822232]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2016-10-30 209104]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-10-13 1459488]
S4 DisplayLinkService;DisplayLinkManager; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [2015-02-12 10997992]

-----------------EOF-----------------

Re: Prosím o kontrolu logu - WiFi vypadává

Napsal: 09 pro 2016 14:35
od sorcer
Dobrý den,

1) Zde je ke stahnutí AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
2) Utilitu uložte na plochu
3) Mate-li spuštěné, ukončete všechny otevřené programy
4) Následně klikněte nejprve na Scan a poté Clean
5) Po dokončení skenováni se objeví log, který sem vložte

Re: Prosím o kontrolu logu - WiFi vypadává

Napsal: 09 pro 2016 21:13
od ImKubass
# AdwCleaner v6.040 - Log vytvořen 09/12/2016 v 21:07:38
# Aktualizováno dne 02/12/2016 z Malwarebytes
# Databáze : 2016-12-09.2 [Server]
# Operační systém : Windows 8.1 (X64)
# Uživatelské jméno : User - KUBAS-PC
# Spuštěno z : C:\Users\User\Desktop\adwcleaner_6.040.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****



***** [ Složky ] *****



***** [ Soubory ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupci ] *****



***** [ Naplánované úlohy ] *****



***** [ Registry ] *****

[-] Klíč smazán: HKU\S-1-5-21-3202558833-1069189178-1228024318-1001\Software\Conduit
[#] Klíč smazán po restartu: HKCU\Software\Conduit
[#] Klíč smazán po restartu: [x64] HKCU\Software\Conduit


***** [ Prohlížeče ] *****

[-] [C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Smazáno: dolnicerekev.cz


*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [3364 Bajty] - [08/12/2016 13:27:02]
C:\AdwCleaner\AdwCleaner[C2].txt - [1180 Bajty] - [09/12/2016 21:07:38]
C:\AdwCleaner\AdwCleaner[S0].txt - [3290 Bajty] - [08/12/2016 13:23:26]
C:\AdwCleaner\AdwCleaner[S1].txt - [1666 Bajty] - [09/12/2016 21:07:05]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1399 Bajty] ##########

Re: Prosím o kontrolu logu - WiFi vypadává

Napsal: 10 pro 2016 20:58
od sorcer
Proveďte prosím sken FRST. http://forum.viry.cz/viewtopic.php?f=24&t=132509

Log z FRST i Addition vložte sem, do Vašeho topicu.

Při varování u stahování FRSTLauncheru, vyberte v pravém dolním rohu Ignorovat

Lépe vypnouti antivir, některé detekují utilitu jako závadnou, ač není!

Nepůjde-li Vám Launcher stáhnout, vytvořte logy použitím samotného FRST (bez Launcheru)

Re: Prosím o kontrolu logu - WiFi vypadává

Napsal: 10 pro 2016 21:27
od ImKubass
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2016
Ran by User (administrator) on KUBAS-PC (10-12-2016 21:24:53)
Running from C:\Users\User\Desktop
Loaded Profiles: User (Available Profiles: User)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Programy\Bitdefender\Antivirus Free Edition\gzserv.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Fortinet Inc.) C:\Windows\SysWOW64\FortiSSLVPNdaemon.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(TeamViewer GmbH) C:\Programy\TeamViewer\TeamViewer_Service.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Bitdefender) C:\Programy\Bitdefender\Antivirus Free Edition\gziface.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo) C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.1\Lightshot.exe
() C:\Hry\Gaming Keyboard\Monitor.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Hry\Gaming Keyboard\OSD.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Ipswitch) C:\Programy\WS_FTP 12\WsftpCOMHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\User\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IgfxTray] => C:\windows\system32\igfxtray.exe [404376 2015-08-09] ()
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2894664 2013-08-08] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-14] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2015-05-29] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2015-05-29] (Lenovo(beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-08-11] (IDT, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [552960 2013-05-15] (Vimicro)
HKLM-x32\...\Run: [Lenovo App Shop] => C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\ismagent.exe [156000 2013-07-18] (Intel Corporation)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [VICTORY Gaming Keyboard] => C:\Hry\Gaming Keyboard\Monitor.exe [270336 2013-11-11] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation)
HKU\S-1-5-21-3202558833-1069189178-1228024318-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-3202558833-1069189178-1228024318-1001\...\MountPoints2: {8de2f1f7-1f12-11e5-825f-801934c2cfbc} - "G:\SETUP.EXE"
HKU\S-1-5-21-3202558833-1069189178-1228024318-1001\...\MountPoints2: {8de2f4bf-1f12-11e5-825f-801934c2cfbc} - "H:\Setup.exe"
HKU\S-1-5-21-3202558833-1069189178-1228024318-1001\...\MountPoints2: {d8076dc7-fcf3-11e5-82d3-801934c2cfbc} - "I:\SETUP.EXE"
HKU\S-1-5-21-3202558833-1069189178-1228024318-1001\...\MountPoints2: {ddd564f2-1cd6-11e5-825c-801934c2cfbc} - "G:\setup.exe"
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2016-07-13]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.226.240.126 213.226.224.12 192.168.1.1
Tcpip\..\Interfaces\{0AC2234A-0EAD-4C09-A28C-B040730D7725}: [DhcpNameServer] 213.226.240.126 213.226.224.12 192.168.1.1
Tcpip\..\Interfaces\{3FC180D1-CCDF-4ED2-A053-141A9071AB03}: [DhcpNameServer] 10.255.255.10 10.255.255.20
Tcpip\..\Interfaces\{B1AA1527-788B-4061-9913-5A5031F54997}: [DhcpNameServer] 213.226.240.126 213.226.224.12 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3202558833-1069189178-1228024318-1001 -> DefaultScope {ECAB31B9-8323-48E7-A7BC-D799254D5967} URL =
SearchScopes: HKU\S-1-5-21-3202558833-1069189178-1228024318-1001 -> {ECAB31B9-8323-48E7-A7BC-D799254D5967} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-12-05] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_77\bin\ssv.dll [2016-04-08] (Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-05] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-04-08] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-12-05] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-04-08] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-12-05] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-04-08] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-05] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-05] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-05] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-05] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: kzn102ke.default
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kzn102ke.default [2016-12-07]
FF Extension: (Html Validator) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kzn102ke.default\Extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e} [2016-07-30]
FF Plugin: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-04-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-04-08] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @FortinetCacheClean -> C:\Program Files (x86)\Fortinet\SslvpnClient\npccplugin.dll [2014-04-09] (Fortinet Inc.)
FF Plugin-x32: @FortinetCacheCleanEx -> C:\Program Files (x86)\Fortinet\SslvpnClient\npccpluginex.dll [2014-04-09] (Fortinet Inc.)
FF Plugin-x32: @FortinetTunnelControl -> C:\Program Files (x86)\Fortinet\SslvpnClient\nptcplugin.dll [2014-04-09] (Fortinet Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-04-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-04-08] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-12-05] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-05] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-10-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-10-25] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3202558833-1069189178-1228024318-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-12-07] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3202558833-1069189178-1228024318-1001: intel.com/AppUp -> C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\npAppUp.dll [2013-07-18] (Intel)
FF Plugin HKU\S-1-5-21-3202558833-1069189178-1228024318-1001: intel.com/AppUpx64 -> C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\npAppUp_x64.dll [2013-07-18] (Intel)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/?clid=13415
CHR StartupUrls: Default -> "hxxp://www.youtube.com/"
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2016-12-10]
CHR Extension: (Prezentace Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-25]
CHR Extension: (Dokumenty Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-25]
CHR Extension: (Zhasnout světla) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2016-11-30]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Ban Checker for Steam) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\canbadmphamemnmdfngmcabnjmjgaiki [2016-07-24]
CHR Extension: (Vyhledávání Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Tabulky Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-12-10]
CHR Extension: (Black carbon + silver metal) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lodhggoaglindpoejnjldimdlikkphph [2016-09-18]
CHR Extension: (Rozšíření Google Keep pro Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2016-08-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-25]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-25]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3294912 2016-10-30] (Microsoft Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
S4 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [10997992 2015-02-12] (DisplayLink Corp.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [92160 2013-07-29] (ELAN Microelectronics Corp.)
R2 FortiSslvpnDaemon; C:\windows\SysWOW64\FortiSSLVPNdaemon.exe [954080 2014-04-09] (Fortinet Inc.)
R2 gzserv; C:\Programy\Bitdefender\Antivirus Free Edition\gzserv.exe [79552 2016-03-02] (Bitdefender)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\windows\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [155448 2013-09-21] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-10-25] (NVIDIA Corporation)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-25] ()
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [338944 2013-08-11] (IDT, Inc.) [File not signed]
R2 TeamViewer; C:\Programy\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH)
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2015-05-29] ()
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-06] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 avc3; C:\windows\System32\DRIVERS\avc3.sys [718840 2013-04-17] (BitDefender)
U5 avchv; C:\Windows\System32\Drivers\avchv.sys [261056 2016-12-08] (BitDefender)
R3 avckf; C:\windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender)
R1 bdfwfpf; C:\Programy\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-07-02] (Bitdefender SRL)
R3 btmaux; C:\windows\system32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.)
R3 btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [1386296 2013-08-19] (Motorola Solutions, Inc.)
R3 DisplayLinkUsbIo_x64; C:\windows\system32\DRIVERS\DisplayLinkUsbIo_x64_7.7.60366.0.sys [46312 2015-02-13] ()
R3 dlcdcncm; C:\windows\system32\DRIVERS\dlcdcncm62_x64.sys [83176 2015-02-12] (DisplayLink Corp.)
R3 dlusbaudio; C:\windows\system32\DRIVERS\dlusbaudio_x64.sys [210152 2015-02-12] (DisplayLink Corp.)
R3 dtlitescsibus; C:\windows\System32\drivers\dtlitescsibus.sys [30264 2015-06-25] (Disc Soft Ltd)
R3 ETDSMBus; C:\windows\system32\DRIVERS\ETDSMBus.sys [22280 2013-08-05] (ELAN Microelectronic Corp.)
R1 gzflt; C:\windows\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (BitDefender LLC)
S2 Hardlock; C:\windows\system32\drivers\hardlock.sys [296448 2005-06-14] (Aladdin Knowledge Systems Ltd.) [File not signed]
R3 ibtusb; C:\windows\system32\DRIVERS\ibtusb.sys [118216 2013-09-10] (Intel Corporation)
R0 IntelHSWPcc; C:\windows\System32\drivers\IntelPcc.sys [74344 2013-07-03] (Intel Corporation)
R3 MEIx64; C:\windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
R3 NETwNb64; C:\windows\system32\DRIVERS\NETwbw02.sys [3494680 2015-03-09] (Intel Corporation)
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
S3 nvvad_WaveExtensible; C:\windows\system32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation)
R3 pppop; C:\windows\system32\DRIVERS\pppop64.sys [42528 2009-07-21] (Fortinet Inc.)
S3 RtlWlanu; C:\windows\system32\DRIVERS\rtwlanu.sys [1975000 2013-07-31] (Realtek Semiconductor Corporation )
R3 SensorsAlsDriver; C:\windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R3 SensorsServiceDriver; C:\windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R3 SensorsSimulatorDriver; C:\windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R3 ssdevfactory; C:\windows\System32\drivers\ssdevfactory.sys [40576 2016-03-09] (SteelSeries ApS)
R3 sshid; C:\windows\System32\drivers\sshid.sys [52960 2016-10-05] (SteelSeries ApS)
R0 trufos; C:\windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.)
R3 vm331avs; C:\windows\System32\Drivers\vm331avs.sys [1065472 2013-08-30] (Vimicro Corporation)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 wdm_usb; C:\windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 wsvd; C:\windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-10 21:24 - 2016-12-10 21:25 - 00024121 _____ C:\Users\User\Desktop\FRST.txt
2016-12-10 21:24 - 2016-12-10 21:24 - 00000000 ____D C:\FRST
2016-12-10 21:23 - 2016-12-10 21:23 - 02420224 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2016-12-10 21:20 - 2016-12-10 21:21 - 00112640 _____ (forum.viry.cz) C:\Users\User\Desktop\FRSTLauncher.exe
2016-12-09 21:04 - 2016-12-09 21:04 - 03968464 _____ C:\Users\User\Downloads\adwcleaner_6.040 (1).exe
2016-12-09 13:18 - 2016-12-09 13:27 - 00000000 ____D C:\Program Files\trend micro
2016-12-09 13:18 - 2016-12-09 13:26 - 00000000 ____D C:\rsit
2016-12-09 13:16 - 2016-12-09 13:16 - 01222144 _____ C:\Users\User\Downloads\RSITx64.exe
2016-12-08 16:59 - 2016-12-08 16:59 - 00000000 ____D C:\Users\User\AppData\Roaming\FileZilla Server
2016-12-08 13:22 - 2016-12-09 21:07 - 00000000 ____D C:\AdwCleaner
2016-12-08 13:21 - 2016-12-08 13:21 - 03968464 _____ C:\Users\User\Desktop\adwcleaner_6.040.exe
2016-12-08 10:46 - 2016-12-08 10:46 - 00261056 _____ (BitDefender) C:\windows\system32\Drivers\avchv.sys
2016-12-07 16:52 - 2016-12-08 17:13 - 00000000 ____D C:\Users\User\AppData\Local\Koala
2016-12-07 16:52 - 2016-12-07 17:08 - 00000000 ____D C:\Users\User\.koala
2016-12-07 16:52 - 2016-12-07 16:52 - 00001652 _____ C:\Users\Public\Desktop\Koala.lnk
2016-12-07 16:52 - 2016-12-07 16:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Koala
2016-12-07 15:22 - 2016-12-07 15:22 - 00000000 ____D C:\Users\User\node_modules
2016-12-07 15:22 - 2016-12-07 15:22 - 00000000 ____D C:\Users\User\AppData\Roaming\npm-cache
2016-12-07 15:06 - 2016-12-07 15:22 - 00000000 ____D C:\Users\User\AppData\Roaming\npm
2016-12-07 15:06 - 2016-12-07 15:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js
2016-12-06 21:51 - 2016-12-06 21:51 - 00001827 _____ C:\Users\User\Desktop\EasyPHP Devserver 16.1.1.lnk
2016-12-06 15:46 - 2016-12-09 09:48 - 00003170 _____ C:\windows\System32\Tasks\OneDrive Standalone Update Task v2
2016-12-05 09:46 - 2016-12-05 09:46 - 00002513 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-12-05 09:46 - 2016-12-05 09:46 - 00002512 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive pro firmy.lnk
2016-12-05 09:46 - 2016-12-05 09:46 - 00002507 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-12-05 09:46 - 2016-12-05 09:46 - 00002484 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-12-05 09:46 - 2016-12-05 09:46 - 00002479 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-12-05 09:46 - 2016-12-05 09:46 - 00002472 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy 2016.lnk
2016-12-05 09:46 - 2016-12-05 09:46 - 00002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-12-05 09:46 - 2016-12-05 09:46 - 00002405 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-12-05 09:46 - 2016-12-05 09:46 - 00002401 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-12-05 09:46 - 2016-12-05 09:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016
2016-12-05 09:41 - 2016-12-05 09:41 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-12-04 22:51 - 2016-12-04 22:51 - 00004196 _____ C:\windows\System32\Tasks\Red Giant Link
2016-12-04 22:51 - 2016-12-04 22:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Giant
2016-12-04 22:51 - 2016-12-04 22:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magic Bullet Looks
2016-12-04 22:51 - 2016-12-04 22:51 - 00000000 ____D C:\Program Files\Magic Bullet Looks Vegas
2016-12-04 22:51 - 2016-12-04 22:51 - 00000000 ____D C:\Program Files (x86)\Red Giant Link
2016-12-04 22:45 - 2016-12-04 22:45 - 00000000 ____D C:\Users\User\AppData\Local\Downloaded Installations
2016-12-04 21:15 - 2016-12-04 21:16 - 00612008 _____ C:\windows\Minidump\120416-23718-01.dmp
2016-12-04 21:15 - 2016-12-04 21:15 - 986535046 _____ C:\windows\MEMORY.DMP
2016-12-04 20:56 - 2016-12-04 20:56 - 00000000 ____D C:\windows\LastGood.Tmp
2016-12-04 20:52 - 2016-12-04 20:52 - 93742208 _____ (Intel(R) Corporation) C:\Users\User\Downloads\Wireless_19.20.0_PROSet64_Win8.1.exe
2016-12-04 20:46 - 2016-12-04 20:46 - 00003834 _____ C:\windows\System32\Tasks\Opera scheduled Autoupdate 1480880807
2016-12-04 20:46 - 2016-12-04 20:46 - 00001162 _____ C:\Users\Public\Desktop\Opera.lnk
2016-12-04 20:46 - 2016-12-04 20:46 - 00001162 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-12-04 20:46 - 2016-12-04 20:46 - 00000000 ____D C:\Users\User\AppData\Roaming\Opera Software
2016-12-04 20:46 - 2016-12-04 20:46 - 00000000 ____D C:\Users\User\AppData\Local\Opera Software
2016-12-04 20:41 - 2016-12-04 20:47 - 00000000 ____D C:\Program Files (x86)\Opera
2016-12-04 20:36 - 2016-12-05 13:43 - 00110966 _____ C:\Users\User\Desktop\format_obsah_bunek_listy.xlsx
2016-12-01 20:47 - 2016-12-07 12:22 - 00000000 ____D C:\Users\User\AppData\LocalLow\Mozilla
2016-11-30 17:20 - 2016-11-30 17:20 - 00000000 ____D C:\Users\User\AppData\Local\ElevatedDiagnostics
2016-11-29 16:41 - 2016-11-29 16:41 - 02238848 _____ (FileZilla Project) C:\Users\User\Downloads\FileZilla_Server-0_9_59.exe
2016-11-27 12:55 - 2016-11-27 12:55 - 00012359 _____ C:\Users\User\Downloads\[CzT]Inside_2016_.torrent
2016-11-27 12:55 - 2016-11-27 12:55 - 00000000 ____D C:\Users\User\Downloads\INSIDE
2016-11-26 10:11 - 2016-11-26 11:02 - 4225924701 _____ C:\Users\User\Downloads\Southpaw.2015.720p.BluRay.x264-HiDt.mkv
2016-11-26 10:01 - 2016-11-26 10:01 - 00000000 ____D C:\ProgramData\VEGAS Pro
2016-11-26 10:00 - 2016-11-26 10:00 - 00000000 ____D C:\Users\User\AppData\Roaming\VEGAS Pro
2016-11-26 10:00 - 2016-11-26 10:00 - 00000000 ____D C:\Users\User\AppData\Roaming\VEGAS
2016-11-26 10:00 - 2016-11-26 10:00 - 00000000 ____D C:\Users\User\AppData\Roaming\MAGIX
2016-11-26 10:00 - 2016-11-26 10:00 - 00000000 ____D C:\Users\User\AppData\Local\VEGAS Pro
2016-11-26 10:00 - 2016-11-26 10:00 - 00000000 ____D C:\ProgramData\MAGIX
2016-11-26 10:00 - 2016-11-26 10:00 - 00000000 ____D C:\Program Files (x86)\VEGAS
2016-11-26 09:59 - 2016-11-26 09:59 - 00001072 _____ C:\Users\Public\Desktop\Vegas Pro 14.0 (64-bit).lnk
2016-11-26 09:59 - 2016-11-26 09:59 - 00000000 ____D C:\Users\User\AppData\Local\VEGAS
2016-11-26 09:59 - 2016-11-26 09:59 - 00000000 ____D C:\ProgramData\VEGAS
2016-11-26 09:59 - 2016-11-26 09:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS
2016-11-26 09:59 - 2016-11-26 09:59 - 00000000 ____D C:\Program Files\VEGAS
2016-11-17 22:04 - 2016-11-17 22:04 - 00000889 _____ C:\Users\Public\Desktop\Total War ROME II - Emperor Edition.lnk
2016-11-17 22:04 - 2016-11-17 22:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SEGA
2016-11-14 10:43 - 2016-11-14 10:43 - 00000585 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brackets.lnk
2016-11-13 22:20 - 2016-11-13 22:20 - 00002900 _____ C:\windows\system32\lic2.xml11606
2016-11-13 19:49 - 2016-11-13 19:49 - 00000000 ____H C:\windows\system32\Drivers\Msft_User_HidBthLE_01_11_00.Wdf
2016-11-13 12:45 - 2016-11-13 12:45 - 00000000 ____D C:\Users\User\Downloads\Never.Back.Down.No.Surrender.2016.DVDRip.XviD.AC3-iFT

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-10 21:25 - 2015-06-25 08:35 - 00000978 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-12-10 21:21 - 2015-06-25 17:53 - 00000000 ____D C:\Kubas
2016-12-10 21:21 - 2015-05-29 04:14 - 00774776 _____ C:\windows\system32\perfh005.dat
2016-12-10 21:21 - 2015-05-29 04:14 - 00169356 _____ C:\windows\system32\perfc005.dat
2016-12-10 21:21 - 2013-08-28 09:36 - 01851412 _____ C:\windows\system32\PerfStringBackup.INI
2016-12-10 21:21 - 2013-08-22 14:36 - 00000000 ____D C:\windows\Inf
2016-12-10 21:16 - 2015-07-06 13:58 - 00000958 _____ C:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-12-10 21:14 - 2015-08-01 20:16 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype
2016-12-10 21:09 - 2015-08-25 12:58 - 00000000 __SHD C:\Users\User\IntelGraphicsProfiles
2016-12-10 21:08 - 2015-06-25 08:35 - 00000974 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-12-10 15:47 - 2015-06-25 09:06 - 00000000 ____D C:\Program Files (x86)\Steam
2016-12-10 15:13 - 2015-06-26 10:11 - 00000406 _____ C:\windows\Tasks\update-S-1-5-21-3202558833-1069189178-1228024318-1001.job
2016-12-10 12:15 - 2015-06-26 10:11 - 00000406 _____ C:\windows\Tasks\update-sys.job
2016-12-10 09:45 - 2015-10-09 14:34 - 00000000 ____D C:\Users\User\OneDrive
2016-12-10 00:37 - 2016-02-11 12:29 - 00000000 ____D C:\Users\User\AppData\Local\CrashDumps
2016-12-09 21:09 - 2015-05-29 07:11 - 00000000 ____D C:\ProgramData\NVIDIA
2016-12-09 21:08 - 2013-08-22 15:45 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-12-09 21:07 - 2015-05-29 03:56 - 00025088 _____ C:\windows\system32\VfService.trf
2016-12-09 21:07 - 2013-08-22 14:25 - 00262144 ___SH C:\windows\system32\config\BBI
2016-12-09 12:36 - 2015-05-29 21:22 - 00003600 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3202558833-1069189178-1228024318-1001
2016-12-09 09:48 - 2016-04-18 21:02 - 00002373 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive pro firmy.lnk
2016-12-09 09:48 - 2015-10-09 14:36 - 00003178 _____ C:\windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3202558833-1069189178-1228024318-1001
2016-12-09 09:24 - 2015-11-14 18:48 - 00000000 ____D C:\Programy
2016-12-08 13:02 - 2016-07-24 15:19 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2016-12-08 11:24 - 2015-07-30 17:23 - 00000000 ___RD C:\Users\User\Desktop\Notes
2016-12-08 11:17 - 2013-08-22 16:36 - 00000000 ____D C:\windows\system32\NDF
2016-12-08 09:13 - 2013-08-22 16:36 - 00000000 ____D C:\windows\LiveKernelReports
2016-12-05 13:06 - 2013-08-22 15:44 - 00529984 _____ C:\windows\system32\FNTCACHE.DAT
2016-12-05 12:29 - 2016-10-09 20:12 - 00000000 ____D C:\Users\User\Documents\SQL Server Management Studio
2016-12-05 12:21 - 2015-07-20 17:11 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-12-05 09:55 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-12-05 09:40 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-12-04 22:51 - 2015-06-26 16:44 - 00000000 ____D C:\Users\User\AppData\Roaming\Red Giant Link
2016-12-04 22:51 - 2015-06-26 16:44 - 00000000 ____D C:\Program Files (x86)\LooksBuilder
2016-12-04 22:51 - 2015-05-29 03:40 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-04 21:18 - 2015-05-29 03:43 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-04 21:18 - 2015-05-29 03:40 - 00000000 ____D C:\ProgramData\Intel
2016-12-04 21:18 - 2015-05-29 03:38 - 00000000 ___HD C:\Intel
2016-12-04 21:18 - 2015-05-29 03:38 - 00000000 ____D C:\Program Files (x86)\Intel
2016-12-04 21:17 - 2015-05-29 03:38 - 00000000 ____D C:\Program Files\Intel
2016-12-04 21:15 - 2015-06-27 15:13 - 00000000 ____D C:\windows\Minidump
2016-12-04 19:42 - 2015-06-27 10:08 - 00000000 ____D C:\Users\User\AppData\Roaming\vlc
2016-12-04 14:03 - 2016-02-05 12:23 - 00000000 ____D C:\Program Files\mmpicker
2016-12-04 12:21 - 2015-06-25 09:08 - 00000000 ____D C:\Program Files (x86)\Diablo III
2016-12-04 12:20 - 2015-06-25 09:07 - 00000000 ____D C:\Users\User\AppData\Local\Battle.net
2016-12-04 12:20 - 2015-06-25 09:07 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-12-01 20:47 - 2016-01-14 16:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-01 12:49 - 2015-06-28 12:01 - 00000000 ____D C:\Users\User\AppData\Roaming\TS3Client
2016-11-30 20:35 - 2016-04-19 09:12 - 00000000 ____D C:\Users\User\AppData\Roaming\XnView
2016-11-27 13:37 - 2016-11-05 12:21 - 00000000 ____D C:\Users\User\AppData\Roaming\uTorrent
2016-11-26 15:36 - 2015-10-05 22:16 - 00108864 _____ C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2016-11-26 10:00 - 2015-06-25 21:39 - 00000000 ____D C:\Users\User\AppData\Local\Sony
2016-11-26 09:59 - 2015-06-25 21:38 - 00000000 ____D C:\Users\User\AppData\Roaming\Sony
2016-11-24 16:14 - 2015-06-25 18:49 - 00000000 ____D C:\Users\User\AppData\Roaming\DAEMON Tools Lite
2016-11-23 08:30 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-11-23 08:30 - 2013-08-22 16:36 - 00000000 ____D C:\windows\AppReadiness
2016-11-17 22:08 - 2016-09-09 09:17 - 00000000 ____D C:\Users\User\AppData\Roaming\The Creative Assembly
2016-11-17 21:39 - 2015-06-26 10:10 - 00000000 ____D C:\Hry
2016-11-17 14:47 - 2016-03-07 16:46 - 00000000 ____D C:\Users\User\AppData\Roaming\steelseries-engine-3-client
2016-11-10 22:26 - 2015-06-25 08:36 - 00002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-10 22:26 - 2015-06-25 08:36 - 00002214 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-11-10 21:32 - 2015-06-25 18:00 - 00000845 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-11-10 10:54 - 2013-08-22 16:36 - 00000000 ____D C:\windows\rescache

==================== Files in the root of some directories =======

2015-05-29 07:43 - 2015-05-29 07:43 - 0000041 _____ () C:\Program Files\smaple.txt
2016-02-09 13:39 - 2016-02-09 14:22 - 0000124 _____ () C:\Users\User\AppData\Roaming\Camdata.ini
2016-02-09 13:39 - 2016-02-09 14:22 - 0000408 _____ () C:\Users\User\AppData\Roaming\CamLayout.ini
2016-02-09 13:39 - 2016-02-09 14:22 - 0000408 _____ () C:\Users\User\AppData\Roaming\CamShapes.ini
2016-02-09 13:39 - 2016-02-09 14:22 - 0004547 _____ () C:\Users\User\AppData\Roaming\CamStudio.cfg
2016-02-09 13:35 - 2016-02-09 13:57 - 0000096 _____ () C:\Users\User\AppData\Roaming\version2.xml
2015-10-15 13:08 - 2016-10-21 21:28 - 0001480 _____ () C:\Users\User\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2015-06-26 10:11 - 2015-06-26 10:11 - 0000003 _____ () C:\Users\User\AppData\Local\updater.log
2015-06-26 10:11 - 2016-08-06 18:01 - 0000424 _____ () C:\Users\User\AppData\Local\UserProducts.xml
2016-07-13 14:13 - 2016-07-13 14:13 - 0206907 _____ () C:\ProgramData\1468415343.bdinstall.bin
2016-07-24 15:15 - 2016-07-24 15:15 - 0037601 _____ () C:\ProgramData\1469369715.bdinstall.bin
2016-07-24 15:17 - 2016-07-24 15:17 - 0097972 _____ () C:\ProgramData\1469369717.bdinstall.bin
2016-07-24 16:01 - 2016-07-24 16:01 - 0197297 _____ () C:\ProgramData\1469372212.bdinstall.bin
2015-05-29 03:42 - 2015-05-29 03:42 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\User\AppData\Local\Temp\libeay32.dll
C:\Users\User\AppData\Local\Temp\msvcr120.dll
C:\Users\User\AppData\Local\Temp\SkypeSetup.exe
C:\Users\User\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-12-09 12:36

==================== End of FRST.txt ============================



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (Windows8_OS) (Fixed) (Total:885.44 GB) (Free:240.97 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.61 GB) NTFS
Drive f: () (Removable) (Total:28.96 GB) (Free:28.81 GB) FAT32

Available physical RAM: 4757.54 MB
Total physical RAM: 8116.27 MB
Percentage of memory in use: 41%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 931.5 GB) (Disk ID: FB3CC2A1)
Disk: 1 (Size: 29 GB) (Disk ID: 00000000)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_185_pepper.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\update-S-1-5-21-3202558833-1069189178-1228024318-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Users\User\Desktop\adwcleaner_6.040.exe:BDU [0]
AlternateDataStreams: C:\Users\User\Desktop\FRST64.exe:BDU [0]
AlternateDataStreams: C:\Users\User\Desktop\FRSTLauncher.exe:BDU [0]
AlternateDataStreams: C:\Users\User\Downloads\adwcleaner_6.040 (1).exe:BDU [0]
AlternateDataStreams: C:\Users\User\Downloads\FileZilla_Server-0_9_59.exe:BDU [0]
AlternateDataStreams: C:\Users\User\Downloads\RSITx64.exe:BDU [0]
AlternateDataStreams: C:\Users\User\Downloads\Wireless_19.20.0_PROSet64_Win8.1.exe:BDU [0]

==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Antivirus Free Edition (Disabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Antivirus Free Edition (Disabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\User\Desktop" je 8 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]


==================== End Of Log ==============================

Re: Prosím o kontrolu logu - WiFi vypadává

Napsal: 10 pro 2016 21:28
od ImKubass
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-12-2016
Ran by User (10-12-2016 21:25:39)
Running from C:\Users\User\Desktop
Windows 8.1 (Update) (X64) (2015-05-29 20:16:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3202558833-1069189178-1228024318-500 - Administrator - Disabled)
Guest (S-1-5-21-3202558833-1069189178-1228024318-501 - Limited - Disabled)
User (S-1-5-21-3202558833-1069189178-1228024318-1001 - Administrator - Enabled) => C:\Users\User

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Antivirus Free Edition (Disabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Antivirus Free Edition (Disabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 19 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)
Advanced BAT to EXE Converter v2.94 (HKLM-x32\...\Advanced BAT to EXE Converter v2.94) (Version: - )
Age of Empires Gold CZ (HKLM-x32\...\{FA0AF25C-9B2F-4038-A559-9978DBB905A1}) (Version: 2.0 - AOE)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 20.2.1245.53580 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 20.2.1245.53580 - Alcor Micro Corp.) Hidden
Alternative Look for Triss (HKLM-x32\...\Alternative Look for Triss_is1) (Version: 1.0.0.0 - GOG.com)
Alternative Look for Yennefer (HKLM-x32\...\Alternative Look for Yennefer_is1) (Version: 1.0.0.0 - GOG.com)
Ansel (Version: 375.70 - NVIDIA Corporation) Hidden
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{313c06de-4aa7-4a1f-930a-f10f80380426}) (Version: 17.14.0 - Intel Corporation)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{544ecb18-5d76-44bb-ac33-8d06719e39e7}) (Version: 19.20.0 - Intel Corporation)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Insights Tools for Visual Studio 2015 (x32 Version: 3.3 - Microsoft Corporation) Hidden
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
AVIcodec (remove only) (HKLM-x32\...\AVIcodec) (Version: - )
Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Ballad Heroes - Neutral Gwent Card Set (HKLM-x32\...\Ballad Heroes - Neutral Gwent Card Set_is1) (Version: 1.0.0.0 - GOG.com)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Beard and Hairstyle Set (HKLM-x32\...\Beard and Hairstyle Set_is1) (Version: 1.0.0.0 - GOG.com)
Bitdefender Antivirus Free Edition (HKLM\...\BitDefender Gonzales) (Version: 1.0.21.1109 - Bitdefender)
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Borderlands 2 GOTY verze v1.8.1.2014 (HKLM-x32\...\Borderlands 2 GOTY_is1) (Version: v1.8.1.2014 - (R.G.Danik1B9))
Bororo 3D Plug-in (HKLM\...\{BBF290F7-EF5C-4955-BBDA-072674AFB8E7}) (Version: 1.2.1 - Pantarheon)
Bororo 3D Plug-in (HKLM-x32\...\{473DDE79-6E9F-47AD-8D76-312D7660E877}) (Version: 1.2.1 - Pantarheon)
Brackets (HKLM-x32\...\{0ED76FF2-9370-4437-8C51-39F27DD0361B}) (Version: 1.8 - brackets.io)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.70.1080 - AB Team, d.o.o.)
Call of Duty Modern Warfare Remastered (HKLM-x32\...\Call of Duty Modern Warfare Remastered_is1) (Version: - )
CamStudio Lossless Codec v1.5 (HKLM-x32\...\camcodec) (Version: 1.5 - CamStudio)
CCleaner (HKLM\...\CCleaner) (Version: 5.23 - Piriform)
CINEMA 4D 17.053 (HKLM\...\MAXON96614A9D) (Version: 17.053 - MAXON Computer GmbH)
CLEO 4.3 (HKLM-x32\...\{A8F37EB0-C741-41D7-8CAB-5B40ECEEF094}_is1) (Version: 4.3 - Seemann, Deji, Alien)
Codec 8.4g (HKLM\...\Codec_is1) (Version: - )
Counter-Strike 1.6 (HKLM-x32\...\{13B792AA-C078-43A4-8A3A-8B12D629940D}) (Version: 1.00.0000 - )
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
CPUID HWMonitor 1.27 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4107 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Dark Souls 3 (HKLM-x32\...\Dark Souls 3_is1) (Version: - )
Diablo II (HKLM-x32\...\Diablo II) (Version: - )
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-3202558833-1069189178-1228024318-1001\...\Discord) (Version: 0.0.296 - Hammer & Chisel, Inc.)
DisplayLink Core Software (HKLM\...\{FFD3DC0E-B5F3-4A03-8FCA-CB5CA1B6C3C4}) (Version: 7.7.60366.0 - DisplayLink Corp.)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.3.2.2 - Dolby Laboratories Inc)
Dotfuscator and Analytics Community Edition 5.18.1 (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
Elite Crossbow Set (HKLM-x32\...\Elite Crossbow Set_is1) (Version: 1.0.0.0 - GOG.com)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.31 - Lenovo)
Energy Manager (x32 Version: 1.0.0.31 - Lenovo) Hidden
Enterprise Architect 9 - 30 Day Trial Edition (HKLM-x32\...\{4C78E7B2-AE8C-492E-8A97-BA6A641C616B}) (Version: 9.0.908.51 - Sparx Systems)
Epic Games Launcher (HKLM\...\{CB510119-C58D-4443-BD87-59B2D951F019}) (Version: 1.1.31.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FortiClient SSLVPN v4.0.2300 (HKLM-x32\...\{A34DCE59-0004-0000-2300-3F8A9926B752}) (Version: 4.0.2300 - Fortinet Inc.)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Gaming Keyboard Driver (HKLM-x32\...\{B3CDED64-7DC2-429D-A325-BBC3CF793AA6}) (Version: 1.0 - Senbiz)
GanttProject (HKLM-x32\...\GanttProject) (Version: - )
GenArts Sapphire Plug-ins 6.10 for OFX (HKLM\...\GenArts Sapphire Plug-ins for OFX_is1) (Version: - )
Git version 2.5.3 (HKLM\...\Git_is1) (Version: 2.5.3 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google SketchUp 6 (HKLM-x32\...\{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}) (Version: 6.0.01623 - Google)
Google SketchUp 6 (x32 Version: 6.4.247 - Google) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.18) (Version: 9.18 - Artifex Software Inc.)
Grand Theft Auto V (HKLM-x32\...\Grand Theft Auto V_is1) (Version: 1.0.350.1 - Rockstar)
GSview 5.0 (HKLM-x32\...\GSview 5.0) (Version: 5.0 - Ghostgum Software Pty Ltd)
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
Huffyuv AVI lossless video codec (Remove Only) (HKLM\...\HUFFYUV) (Version: - )
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6490.0 - IDT)
ImageMagick 7.0.3-0 Q16 (64-bit) (2016-09-05) (HKLM\...\ImageMagick 7.0.3 Q16 (64-bit)_is1) (Version: 7.0.3 - ImageMagick Studio LLC)
Intel A/V Codecs V2.0 (HKLM-x32\...\CodInstl) (Version: - )
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1013 - Intel Corporation)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4264 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 3.0.1337.1) (HKLM\...\{302600C1-6BDF-4FD1-1307-148929CC1385}) (Version: 3.1.1307.0362 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Ipswitch WS_FTP 12 (HKLM-x32\...\{AD88355B-A4E0-4DA1-BAC3-EA4FEA930691}) (Version: 12.3 - Ipswitch)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: - )
Java 8 Update 77 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Java SE Development Kit 8 Update 60 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180600}) (Version: 8.0.600.27 - Oracle Corporation)
K-Lite Mega Codec Pack 11.2.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.2.0 - )
Koala version 2.0.4 (HKLM-x32\...\{434536F5-D7D0-4558-B756-F5D65705068A}_is1) (Version: 2.0.4 - Ethan Lai)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo App Shop (HKLM-x32\...\Lenovo App Shop 45246) (Version: 3.10.0.45246.24 - Lenovo)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 3.13.829.1 - Vimicro)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.25.1 - ELAN Microelectronic Corp.)
Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.5261 - Lenovo)
Lightshot-5.4.0.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.1 - Skillbrains)
LyX 2.1.4 (HKLM-x32\...\LyX214) (Version: 2.1.4 - LyX Team)
Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{26055432-339E-4776-803B-F22240B91864}) (Version: 11.1.2 - Red Giant Software)
Magic Bullet Suite 64-bit (Version: 11.1.2 - Red Giant Software) Hidden
Magic.TXD (HKLM\...\Magic.TXD) (Version: 1.0 - GTA community)
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{3D3CEBE6-40EA-4C48-97FD-73828281AB4A}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.7466.2038 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3202558833-1069189178-1228024318-1001\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{C79A7EAB-9D6F-4072-8A6D-F8F54957CD93}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 Policies (HKLM-x32\...\{01C5A10F-AD9B-405B-853A-6659841A1242}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{056E5A6F-BEF6-4094-8724-D45F0F564312}) (Version: 10.0.1794.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 English (HKLM-x32\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 Query Tools English (HKLM-x32\...\{64CDE8F2-3791-46F5-BAD2-72FFF5252FAB}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{68BA34E8-9B9D-4A74-83F0-7D366B532D75}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{718FFB65-F6E4-4D62-861F-ED10ED32C936}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2015 Tools for Unity (HKLM-x32\...\{F0DB2786-18C8-4B0D-9DC2-BA58856A2821}) (Version: 2.1.0.0 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 (HKLM-x32\...\{4f075c79-8ee3-4c85-9408-828736d1f7f3}) (Version: 14.0.23107.178 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
MiKTeX 2.9 (HKLM-x32\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Minecraft1.8 (HKLM-x32\...\Minecraft1.8) (Version: - )
Mother Russia Bleeds (HKLM-x32\...\Mother Russia Bleeds_is1) (Version: - )
Mozilla Firefox 50.0.2 (x86 cs) (HKLM-x32\...\Mozilla Firefox 50.0.2 (x86 cs)) (Version: 50.0.2 - Mozilla)
Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
NetBeans IDE 8.2 (HKLM\...\nbi-nb-base-8.2.0.0.201609300101) (Version: 8.2 - NetBeans.org)
New Great Effects 1.6 Uninstall (HKLM-x32\...\New Great Effects 1.6 Uninstall) (Version: - )
New Quest - Contract - Skellige's Most Wanted (HKLM-x32\...\New Quest - Contract: Skellige's Most Wanted_is1) (Version: 1.0.0.0 - GOG.com)
New Quest - Contract Missing Miners (HKLM-x32\...\New Quest - Contract Missing Miners_is1) (Version: 1.0.0.0 - GOG.com)
New Quest - Fool's Gold (HKLM-x32\...\New Quest - Fool's Gold_is1) (Version: 1.0.0.0 - GOG.com)
New Quest - Scavenger Hunt - Wolf School Gear (HKLM-x32\...\New Quest - Scavenger Hunt: Wolf School Gear_is1) (Version: 1.0.0.0 - GOG.com)
New Quest - Where the Cat and Wolf Play... (HKLM-x32\...\New Quest - Where the Cat and Wolf Play..._is1) (Version: 1.0.0.0 - GOG.com)
NewBlue Art Effects for Windows (HKLM-x32\...\NewBlue Art Effects for Windows) (Version: 3.0 - NewBlue)
NewBlue ColorFast for Windows (HKLM-x32\...\NewBlue ColorFast for Windows) (Version: 3.0 - NewBlue)
NewBlue Film Effects for Windows (HKLM-x32\...\NewBlue Film Effects for Windows) (Version: 3.0 - NewBlue)
NewBlue Light Effects for Windows (HKLM-x32\...\NewBlue Light Effects for Windows) (Version: 3.0 - NewBlue)
NewBlue Motion Effects for Windows (HKLM-x32\...\NewBlue Motion Effects for Windows) (Version: 3.0 - NewBlue)
NewBlue Paint Effects for Windows (HKLM-x32\...\NewBlue Paint Effects for Windows) (Version: 3.0 - NewBlue)
NewBlue plug-ins bundle patch build 121206 (HKLM\...\NewBlue plug-ins bundle patch build 121206_is1) (Version: 3.0.0.0 - NewBlue Inc.)
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)
NewBlue Video Essentials II for Windows (HKLM-x32\...\NewBlue Video Essentials II for Windows) (Version: 3.0 - NewBlue)
NewBlue Video Essentials III for Windows (HKLM-x32\...\NewBlue Video Essentials III for Windows) (Version: 3.0 - NewBlue)
NewBlue Video Essentials IV for Windows (HKLM-x32\...\NewBlue Video Essentials IV for Windows) (Version: 3.0 - NewBlue)
NewBlue Video Essentials V for Windows (HKLM-x32\...\NewBlue Video Essentials V for Windows) (Version: 3.0 - NewBlue)
NewBlue Video Essentials VI for Windows (HKLM-x32\...\NewBlue Video Essentials VI for Windows) (Version: 3.0 - NewBlue)
Nilfgaardian Armor Set (HKLM-x32\...\Nilfgaardian Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
Node.js (HKLM\...\{EBF9E075-7642-489B-B557-992F349CFB40}) (Version: 6.9.2 - Node.js Foundation)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.1 - Notepad++ Team)
NVIDIA Ovladač 3D Vision 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 375.70 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 375.70 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7466.2038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7426.1015 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7466.2038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7466.2038 - Microsoft Corporation) Hidden
Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.2 - Lenovo)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenIV (HKU\S-1-5-21-3202558833-1069189178-1228024318-1001\...\OpenIV) (Version: 2.7.681 - .black/OpenIV Team)
Opera Stable 41.0.2353.69 (HKLM-x32\...\Opera 41.0.2353.69) (Version: 41.0.2353.69 - Opera Software)
Ovládací panel NVIDIA 375.70 (Version: 375.70 - NVIDIA Corporation) Hidden
PlugY, The Survival Kit (HKLM-x32\...\PlugY, The Survival Kit) (Version: 9.00 - )
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.0.2700 - Jan Fiala)
PyScripter 2.6.0 (HKLM-x32\...\PyScripter_is1) (Version: 2.6.0 - PyScripter)
Python 3.5.0 (32-bit) (HKU\S-1-5-21-3202558833-1069189178-1228024318-1001\...\{1197d2bb-6cf8-488a-b994-d5bf6d7efe7b}) (Version: 3.5.150.0 - Python Software Foundation)
Python 3.5.0 (64-bit) (HKU\S-1-5-21-3202558833-1069189178-1228024318-1001\...\{e599f76f-2b95-44da-a280-77548b1b2a21}) (Version: 3.5.150.0 - Python Software Foundation)
Python 3.5.0 Add to Path (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Add to Path (64-bit) (Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Core Interpreter (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Core Interpreter (64-bit) (Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Development Libraries (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Development Libraries (64-bit) (Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Documentation (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Documentation (64-bit) (Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Executables (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Executables (64-bit) (Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Launcher (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 pip Bootstrap (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 pip Bootstrap (64-bit) (Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Standard Library (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Standard Library (64-bit) (Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Tcl/Tk Support (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Tcl/Tk Support (64-bit) (Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Test Suite (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Test Suite (64-bit) (Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Utility Scripts (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Utility Scripts (64-bit) (Version: 3.5.150.0 - Python Software Foundation) Hidden
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.1 - Rockstar Games)
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Ruby 2.3.1-p112-x64 (HKU\S-1-5-21-3202558833-1069189178-1228024318-1001\...\{96A4CEEE-5ACC-4FB2-AAB6-8152D5AB0C9E}_is1) (Version: 2.3.1-p112 - RubyInstaller Team)
Skellige Armor Set (HKLM-x32\...\Skellige Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.106 - Skype Technologies S.A.)
StarCraft II (HKLM-x32\...\StarCraft II_is1) (Version: 2.1.3.30508 - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine 3.8.2 (HKLM\...\SteelSeries Engine 3) (Version: 3.8.2 - SteelSeries ApS)
Stronghold Crusader (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: - )
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 3.1.1 - Krzysztof Kowalczyk)
Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.23102 - Microsoft Corporation) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.66695 - TeamViewer)
Temerian Armor Set (HKLM-x32\...\Temerian Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Texmaker (HKLM-x32\...\Texmaker) (Version: - )
The Witcher 3: Wild Hunt - Alternative Look for Ciri (HKLM-x32\...\Alternative Look for Ciri_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.20.0.0 - GOG.com)
The Witcher 3: Wild Hunt - New Finisher Animations (HKLM-x32\...\New Finisher Animations_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - NEW GAME + (HKLM-x32\...\NEW GAME +_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - O víně a krvi (HKLM-x32\...\Blood and Wine_is1) (Version: 1.21.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Srdce z kamene (HKLM-x32\...\Hearts of Stone_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt (Not-cracked Repack) (HKLM-x32\...\The Witcher 3: Wild Hunt (Not-cracked Repack)_is1) (Version: - )
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
Total War ROME II - Emperor Edition (HKLM-x32\...\Total War ROME II - Emperor Edition_is1) (Version: - )
Unity (HKLM-x32\...\Unity) (Version: 5.3.0f4 - Unity Technologies ApS)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo)
UserGuide (x32 Version: 1.0.0.15 - Lenovo) Hidden
Vegas Pro 13.0 (64-bit) (HKLM\...\{77CEFB5E-CCC3-11E4-8043-F04DA23A5C58}) (Version: 13.0.444 - Sony)
VEGAS Pro 14.0 (64-bit) (HKLM\...\{4C79D80F-79F9-11E6-8402-BB95F5A309BD}) (Version: 14.0.161 - VEGAS)
Virtualdub FFMpeg Input Plugin (HKLM-x32\...\{F26A7CD7-C187-45DB-A790-C1C103A03C2F}_is1) (Version: 1.8.3.3 - Karl Pritchett)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
Windows Driver Package - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
x264vfw - H.264/MPEG-4 AVC codec (remove only) (HKLM-x32\...\x264vfw) (Version: - )
XnView 2.35 (HKLM-x32\...\XnView_is1) (Version: 2.35 - Gougelet Pierre-e)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3202558833-1069189178-1228024318-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\FileCoAuthLib64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3202558833-1069189178-1228024318-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3202558833-1069189178-1228024318-1001_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AC}\InprocServer32 -> C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\npAppUp_x64.dll (Intel)
CustomCLSID: HKU\S-1-5-21-3202558833-1069189178-1228024318-1001_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AD}\InprocServer32 -> C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\npAppUp_x64.dll (Intel)
CustomCLSID: HKU\S-1-5-21-3202558833-1069189178-1228024318-1001_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Programy\PSPad editor\pspshellx64.dll ()

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {09B82810-8E8C-491F-ACEA-401446D2C75C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-09-28] (Piriform Ltd)
Task: {14EF6E2B-27EB-4DD6-B21D-D55EFA571DA8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-12-05] (Microsoft Corporation)
Task: {16691398-6B1D-497F-A888-38C748FB00FD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-25] (Google Inc.)
Task: {1EE86478-95F4-480F-B495-8243830F814C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-10-25] (NVIDIA Corporation)
Task: {25A4FCA6-8B4F-42EE-9DD3-3466AF61E44E} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-10-25] (NVIDIA Corporation)
Task: {4D8118A4-1BF6-40B7-A5CA-DC5D034062F6} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-10-25] (NVIDIA Corporation)
Task: {78559323-254E-4A87-A49B-53AB6190BC7B} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
Task: {8866FC2A-FF1E-40D2-B330-FE826D106BC8} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-12-05] (Microsoft Corporation)
Task: {956F072B-EC7B-4A0D-A019-9A5CE55F4B0A} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-10-25] (NVIDIA Corporation)
Task: {9DDB8FA0-EFA5-4765-A51D-2F1032C71468} - System32\Tasks\Red Giant Link => C:\Program Files (x86)\Red Giant Link\Common\Red Giant Link.exe [2011-11-23] ()
Task: {AB5B7971-DB4C-4CAF-8BC9-77624520FF13} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-30] (Microsoft Corporation)
Task: {B9D1B2E3-A104-4A3A-B4CE-50E04B3FD5C6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-12-05] (Microsoft Corporation)
Task: {BB09EC9F-CC06-4EF2-AD98-B8BD990CD88E} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-10-25] (NVIDIA Corporation)
Task: {D7BF17CD-B9C5-4AEE-A80F-57692515B93E} - System32\Tasks\update-S-1-5-21-3202558833-1069189178-1228024318-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
Task: {D8C121B8-9F23-454A-87A7-8D7AD22A1485} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-02] (AVAST Software)
Task: {D8C1CF67-206B-4FDA-9DAB-F7A45BB12A40} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2016-11-09] (Microsoft Corporation)
Task: {D9D31E72-37C1-49AF-907C-4D3C56B483EA} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_185_pepper.exe
Task: {DCC49EB5-30D6-4AD4-A0F8-C2696F6C5182} - System32\Tasks\Opera scheduled Autoupdate 1480880807 => C:\Program Files (x86)\Opera\launcher.exe [2016-11-21] (Opera Software)
Task: {EBF7A010-1294-4824-8AF3-C3B7C213A7F3} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-30] (Microsoft Corporation)
Task: {F88F230D-6B4A-4EBF-BD22-53196E0C07BA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-25] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_185_pepper.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\update-S-1-5-21-3202558833-1069189178-1228024318-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft Debugger.lnk -> C:\Users\User\AppData\Roaming\.minecraft\minecraft launcher\Debug.bat ()

ShortcutWithArgument: C:\Users\User\AppData\Local\Google\Chrome\User Data\Spouštěč aplikací Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ruby 2.3.1-p112-x64\Start Command Prompt with Ruby.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /E:ON /K C:\Ruby23-x64\bin\setrbvars.bat
ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Spouštěč aplikací Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Spouštěč aplikací Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list

==================== Loaded Modules (Whitelisted) ==============

2016-07-24 15:57 - 2013-03-19 10:07 - 00712288 _____ () C:\Programy\Bitdefender\Antivirus Free Edition\sqlite3.dll
2016-07-24 15:57 - 2013-09-03 12:29 - 00111832 _____ () C:\Programy\Bitdefender\Antivirus Free Edition\BDMetrics.dll
2015-05-29 03:55 - 2012-04-25 03:43 - 00390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2015-05-29 03:56 - 2015-05-29 03:56 - 00068368 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
2015-05-29 03:56 - 2015-05-29 03:56 - 00669288 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfDataStorageInterface.dll
2015-05-29 07:11 - 2016-10-25 21:17 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-03-02 21:30 - 2010-09-28 15:56 - 06550136 _____ () C:\Program Files\ipswitch\WS_FTP 12\res0409.dll
2016-04-28 19:13 - 2014-11-02 17:45 - 00029184 _____ () C:\Programy\PSPad editor\pspshellx64.dll
2016-05-17 23:42 - 2016-05-17 23:42 - 00230064 _____ () C:\Programy\Notepad++\NppShell_06.dll
2016-12-09 09:48 - 2016-12-09 09:48 - 01678560 _____ () C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\ClientTelemetry.dll
2013-09-02 02:53 - 2015-08-09 03:50 - 00404376 _____ () C:\windows\system32\igfxTray.exe
2015-09-25 08:05 - 2013-11-11 15:38 - 00270336 _____ () C:\Hry\Gaming Keyboard\Monitor.EXE
2015-09-25 08:05 - 2013-11-11 15:42 - 00151552 _____ () C:\Hry\Gaming Keyboard\OSD.exe
2015-05-29 03:41 - 2013-09-04 16:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-09-25 08:05 - 2012-11-05 07:09 - 00057344 _____ () C:\Hry\Gaming Keyboard\lan.dll
2015-09-25 08:05 - 2012-11-05 07:37 - 00061440 _____ () C:\Hry\Gaming Keyboard\hiddriver.dll
2016-11-10 22:26 - 2016-11-08 21:29 - 01819240 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libglesv2.dll
2016-11-10 22:26 - 2016-11-08 21:29 - 00093288 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libegl.dll
2016-03-02 21:30 - 2010-09-28 15:53 - 00948496 _____ () C:\Programy\WS_FTP 12\LIBEAY32.dll
2016-03-02 21:30 - 2010-09-28 15:53 - 00153360 _____ () C:\Programy\WS_FTP 12\SSLEAY32.dll
2016-03-02 21:30 - 2010-09-28 15:56 - 06551672 _____ () C:\Programy\WS_FTP 12\res0409.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\User\Desktop\adwcleaner_6.040.exe:BDU [0]
AlternateDataStreams: C:\Users\User\Desktop\FRST64.exe:BDU [0]
AlternateDataStreams: C:\Users\User\Desktop\FRSTLauncher.exe:BDU [0]
AlternateDataStreams: C:\Users\User\Downloads\adwcleaner_6.040 (1).exe:BDU [0]
AlternateDataStreams: C:\Users\User\Downloads\FileZilla_Server-0_9_59.exe:BDU [0]
AlternateDataStreams: C:\Users\User\Downloads\RSITx64.exe:BDU [0]
AlternateDataStreams: C:\Users\User\Downloads\Wireless_19.20.0_PROSet64_Win8.1.exe:BDU [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2016-02-09 13:17 - 00001077 ____A C:\windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3202558833-1069189178-1228024318-1001\Control Panel\Desktop\\Wallpaper -> C:\Kubas\N8zg3Nd.png
DNS Servers: 213.226.240.126 - 213.226.224.12
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKU\S-1-5-21-3202558833-1069189178-1228024318-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3202558833-1069189178-1228024318-1001\...\StartupApproved\Run: => "Dropbox Update"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{8486BAA2-F7C7-4010-8BDB-48DA023BA013}] => C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{F3A17D38-2E11-4304-A475-09478CB9B04B}] => C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\ismagent.exe
FirewallRules: [{9FF68F22-8CC3-42F1-BA84-1C71EA709ABB}] => C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\ismloader.exe
FirewallRules: [{2D764908-78D7-4FFC-9ABF-6D96F89000A1}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B8439B42-A1D6-4217-B162-9CD5A1597C14}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1E653F15-661D-4313-9FBE-D7066BBF1F14}] => C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{D3EAB7FA-B719-462A-BB2D-817DBA560632}] => C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{8A535D94-1AD8-411E-8D1B-CC3F6118432D}] => C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{A5CE51F8-16F2-41CF-96DC-0015DA848D3F}] => C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{923F6B81-E157-4CB5-A9EC-C8D720FD68E4}C:\program files (x86)\diablo iii\diablo iii.exe] => C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{888F68FC-DD7E-4067-B12A-030C8493614A}C:\program files (x86)\diablo iii\diablo iii.exe] => C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{7C9C0AE3-4BEB-4B70-8FCF-47ACB6A31D0B}C:\users\user\appdata\roaming\utorrent\utorrent.exe] => C:\users\user\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{2A2D6AEF-B3C6-4BC6-B756-AB2DEBFC0B97}C:\users\user\appdata\roaming\utorrent\utorrent.exe] => C:\users\user\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{1861D55F-45CA-41E7-A295-8FB215CA2966}C:\program files\sony\vegas pro 13.0\vegas130.exe] => C:\program files\sony\vegas pro 13.0\vegas130.exe
FirewallRules: [UDP Query User{61B6AC1A-26AF-4934-A8DB-2F94C4512FFD}C:\program files\sony\vegas pro 13.0\vegas130.exe] => C:\program files\sony\vegas pro 13.0\vegas130.exe
FirewallRules: [TCP Query User{197174C8-65FA-4140-A8BC-0A2A4E405566}C:\hry\grand theft auto v\gta5.exe] => C:\hry\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{04EF93C5-866A-4009-BA79-E8CC5DD38409}C:\hry\grand theft auto v\gta5.exe] => C:\hry\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{3CEAC0C5-946C-4698-8E44-9DB1BB1CFFCB}C:\hry\grand theft auto v\fivem\fivem.exe] => C:\hry\grand theft auto v\fivem\fivem.exe
FirewallRules: [UDP Query User{62CBF4AF-DA4F-4F63-B940-4D6BBC563CE6}C:\hry\grand theft auto v\fivem\fivem.exe] => C:\hry\grand theft auto v\fivem\fivem.exe
FirewallRules: [TCP Query User{9C3605BD-1A49-44E6-8BEC-687F8C068BDD}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{04B2D04E-A9B1-4BC6-8D83-3427CCB302C5}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [TCP Query User{66FB70CA-376D-4498-813F-8593C408B1A3}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{D25106FC-D5FB-4283-AC44-BF539BAD1C95}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{E69D2E13-D062-40D7-876B-3C53B86DA565}C:\program files\epic games\4.8\engine\binaries\win64\ue4editor.exe] => C:\program files\epic games\4.8\engine\binaries\win64\ue4editor.exe
FirewallRules: [UDP Query User{93235963-1EC1-464D-BE17-607CB9485596}C:\program files\epic games\4.8\engine\binaries\win64\ue4editor.exe] => C:\program files\epic games\4.8\engine\binaries\win64\ue4editor.exe
FirewallRules: [TCP Query User{98C5718A-82D7-4523-9808-6561BC2AA13D}C:\hry\grand theft auto v\fivem.exe] => C:\hry\grand theft auto v\fivem.exe
FirewallRules: [UDP Query User{3E7AADD1-B332-447A-A44F-7ABCB941AF83}C:\hry\grand theft auto v\fivem.exe] => C:\hry\grand theft auto v\fivem.exe
FirewallRules: [{FC1DF1E1-2E9C-4070-91A7-F2EE84C84E81}] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [TCP Query User{1E54BC15-18DA-4770-909E-0DFBDAA24970}C:\program files\java\jdk1.8.0_60\bin\java.exe] => C:\program files\java\jdk1.8.0_60\bin\java.exe
FirewallRules: [UDP Query User{E6302176-D8E9-4971-B3E9-46A5A45E9CC1}C:\program files\java\jdk1.8.0_60\bin\java.exe] => C:\program files\java\jdk1.8.0_60\bin\java.exe
FirewallRules: [{8B9ED3F3-62C3-4A67-BDFA-B481D4E526B4}] => LPort=25565
FirewallRules: [{6A4F9D04-A7CA-4E49-A759-40517518DC95}] => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{F182ECAE-5B7B-4A06-BCD1-D46F724C76EB}] => C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity\2015\UnityVS.OpenFile.exe
FirewallRules: [{3BA4BAD0-1A15-40F0-A30D-C15791ECCCB7}] => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{226CB389-4436-4128-81E9-7DA88E7D94D7}] => C:\Hry\Unity\Editor\Unity.exe
FirewallRules: [TCP Query User{6C66D936-C19C-4C03-8850-F3FAEE8E8605}C:\hry\counter-strike 1.6\hl.exe] => C:\hry\counter-strike 1.6\hl.exe
FirewallRules: [UDP Query User{07F07B38-4D8C-4B2A-825C-54C0A05DB60D}C:\hry\counter-strike 1.6\hl.exe] => C:\hry\counter-strike 1.6\hl.exe
FirewallRules: [TCP Query User{039CA6A0-557F-4C98-90A8-23BEDF7AE102}C:\hry\counter-strike source\hl2.exe] => C:\hry\counter-strike source\hl2.exe
FirewallRules: [UDP Query User{D9D69A39-9D3D-4F72-A1C5-5BA04C8BB695}C:\hry\counter-strike source\hl2.exe] => C:\hry\counter-strike source\hl2.exe
FirewallRules: [TCP Query User{BC35AD75-0589-4958-B169-42697CA4B156}C:\hry\stronghold crusader\stronghold crusader.exe] => C:\hry\stronghold crusader\stronghold crusader.exe
FirewallRules: [UDP Query User{7CD87555-FF5D-4AE8-8B12-C8275E379B06}C:\hry\stronghold crusader\stronghold crusader.exe] => C:\hry\stronghold crusader\stronghold crusader.exe
FirewallRules: [TCP Query User{7C2FE071-C999-444E-8AE8-E7A560BF33ED}C:\windows\syswow64\dplaysvr.exe] => C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{1FA2CDF7-3950-44E6-832D-9853B060C507}C:\windows\syswow64\dplaysvr.exe] => C:\windows\syswow64\dplaysvr.exe
FirewallRules: [{0295921B-2210-4569-87A1-65D10FECEB06}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{939C9B9D-783A-4414-990E-F14C28473995}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{CA7DA46E-A219-4C6A-A501-2EF860C90301}C:\program files (x86)\mozilla firefox\plugin-container.exe] => C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{BD78E3CA-621D-4963-AEC4-CA18C934E6DC}C:\program files (x86)\mozilla firefox\plugin-container.exe] => C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{743E153F-EDAF-463A-A039-D0A5E8FC4D7E}C:\program files\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => C:\program files\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{6316E358-A857-41D8-A76F-47DB274E4CC6}C:\program files\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => C:\program files\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [{A7A14675-F681-4FBF-B67C-72B4CBF94BE9}] => C:\Users\User\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{53BB9B03-D437-4225-985D-D69F39DF4F85}] => C:\Users\User\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [TCP Query User{5773D4F6-8F7A-4E04-B2CB-B44B79D5E9A2}C:\hry\diablo ii\game.exe] => C:\hry\diablo ii\game.exe
FirewallRules: [UDP Query User{8C62FD77-541B-4EDC-9778-0FD3F160AF0A}C:\hry\diablo ii\game.exe] => C:\hry\diablo ii\game.exe
FirewallRules: [TCP Query User{189470FC-B436-425F-A551-5079584F1856}C:\program files\java\jre1.8.0_77\bin\javaw.exe] => C:\program files\java\jre1.8.0_77\bin\javaw.exe
FirewallRules: [UDP Query User{99AF0582-3A99-47CB-84E1-32BF63B8B3A5}C:\program files\java\jre1.8.0_77\bin\javaw.exe] => C:\program files\java\jre1.8.0_77\bin\javaw.exe
FirewallRules: [TCP Query User{A070FCAF-7419-4E24-928B-1D333E19DF3A}C:\hry\borderlands 2 goty\binaries\win32\borderlands2.exe] => C:\hry\borderlands 2 goty\binaries\win32\borderlands2.exe
FirewallRules: [UDP Query User{1F6F82BA-26A3-426A-8297-93F153384F89}C:\hry\borderlands 2 goty\binaries\win32\borderlands2.exe] => C:\hry\borderlands 2 goty\binaries\win32\borderlands2.exe
FirewallRules: [TCP Query User{74C84F9C-8861-4C22-A702-E9EA3A550A38}C:\programy\brackets\node.exe] => C:\programy\brackets\node.exe
FirewallRules: [UDP Query User{17AF683C-74DB-4451-B870-C02E5ECED9F6}C:\programy\brackets\node.exe] => C:\programy\brackets\node.exe
FirewallRules: [{652B2989-4A45-4FC4-854C-AD1756AF30B9}] => C:\Programy\TeamViewer\TeamViewer.exe
FirewallRules: [{D278B0D4-4AD7-422F-9282-55637BD3547D}] => C:\Programy\TeamViewer\TeamViewer.exe
FirewallRules: [{0A70BD12-6B03-4B3F-AA1B-EE36863CAE20}] => C:\Programy\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{69E98CC0-8C60-47D0-BFA2-10D955B39D14}] => C:\Programy\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{7A44CD3D-325C-4C10-868D-A884DF13B3D1}C:\ruby23-x64\bin\ruby.exe] => C:\ruby23-x64\bin\ruby.exe
FirewallRules: [UDP Query User{C0556694-7D1D-4BDA-BFC7-FC07607FEE4A}C:\ruby23-x64\bin\ruby.exe] => C:\ruby23-x64\bin\ruby.exe
FirewallRules: [{9F19F3FE-451F-4012-B04A-BAB40D840BA2}] => C:\Hry\StarCraft II\Versions\Base28667\SC2.exe
FirewallRules: [{8A0E8977-124F-4E85-A1C0-39BE6DBCC939}] => C:\Hry\StarCraft II\Versions\Base24944\SC2-26147-Win.SC2Archive.md5s\SC2.exe.md5
FirewallRules: [TCP Query User{8ADCA5B7-64ED-4615-855A-8CC55B13B42D}C:\hry\call of duty modern warfare remastered\h1_sp64_ship.exe] => C:\hry\call of duty modern warfare remastered\h1_sp64_ship.exe
FirewallRules: [UDP Query User{9DB63381-0A6F-434D-B959-45EB86BCFACC}C:\hry\call of duty modern warfare remastered\h1_sp64_ship.exe] => C:\hry\call of duty modern warfare remastered\h1_sp64_ship.exe
FirewallRules: [{193BA512-D882-4883-97D0-EA6F7A52327F}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{6AD60060-437F-421E-8A0A-41AF32A64068}C:\hry\total war rome ii - emperor edition\rome2.exe] => C:\hry\total war rome ii - emperor edition\rome2.exe
FirewallRules: [UDP Query User{7A998F31-2415-4C73-AA8D-603839A179A3}C:\hry\total war rome ii - emperor edition\rome2.exe] => C:\hry\total war rome ii - emperor edition\rome2.exe
FirewallRules: [TCP Query User{7B1DAD07-E7A6-4F5D-8B32-CC193DF56D4D}C:\program files\vegas\vegas pro 14.0\vegas140.exe] => C:\program files\vegas\vegas pro 14.0\vegas140.exe
FirewallRules: [UDP Query User{68341CC6-3AE4-4C29-9591-78A9F14AC052}C:\program files\vegas\vegas pro 14.0\vegas140.exe] => C:\program files\vegas\vegas pro 14.0\vegas140.exe
FirewallRules: [{E1F55A28-E6F7-45B1-A47A-4D4F5C290356}] => C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{B6EFD863-DDBD-4CEC-9EB1-3C78C5907DBA}] => C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{440F2A76-AF34-400B-8401-7B8D644A64CC}] => C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{57CA804F-54B2-450A-B783-2D1D55ACE11F}] => C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{98DC00D8-E681-4163-AF67-4AB833499778}] => C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe

==================== Restore Points =========================

14-11-2016 10:43:05 Installed Brackets
17-11-2016 22:05:05 Nainstalováno rozhraní DirectX
04-12-2016 20:54:20 Aplikace Intel® PROSet/Wireless
07-12-2016 15:01:07 Installed Node.js
09-12-2016 09:26:39 Aplikace Intel® PROSet/Wireless

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/10/2016 02:34:16 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

Error: (12/10/2016 12:45:38 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

Error: (12/10/2016 12:37:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: steamwebhelper.exe, verze: 3.65.13.80, časové razítko: 0x57fed9f2
Název chybujícího modulu: steamwebhelper.exe, verze: 3.65.13.80, časové razítko: 0x57fed9f2
Kód výjimky: 0xc0000005
Posun chyby: 0x00037b59
ID chybujícího procesu: 0x1600
Čas spuštění chybující aplikace: 0x01d252753b75997e
Cesta k chybující aplikaci: C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
ID zprávy: 82735959-be68-11e6-8336-801934c2cfbc
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/10/2016 12:37:41 AM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

Error: (12/09/2016 02:12:11 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

Error: (12/09/2016 01:26:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program RSITx64.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 18d4

Čas spuštění: 01d2521643958763

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Users\User\Downloads\RSITx64.exe

ID hlášení: bd526a7d-be0a-11e6-8335-801934c2cfbc

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (12/09/2016 09:15:48 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program mmc.exe verze 6.3.9600.17415 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 20

Čas spuštění: 01d251f3d4c8207b

Čas ukončení: 3

Cesta k aplikaci: C:\windows\system32\mmc.exe

ID hlášení: af03114a-bde7-11e6-832e-801934c2cfbc

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (12/09/2016 09:11:47 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program chrome.exe verze 54.0.2840.99 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1b40

Čas spuštění: 01d251f39dfc8efa

Čas ukončení: 60000

Cesta k aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

ID hlášení: ed540435-bde6-11e6-832e-801934c2cfbc

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (12/08/2016 11:56:35 PM) (Source: ESENT) (EventID: 489) (User: )
Description: CCleaner64 (1144) Pokus o otevření souboru C:\Users\User\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat jen pro čtení se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error: (12/08/2016 11:52:42 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Generování kontextu aktivace pro C:\Programy\Sparx Systems\SSInvoke.exe se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Programy\Sparx Systems\SSInvoke.exe na řádku 0.
Neplatná syntaxe XML.


System errors:
=============
Error: (12/10/2016 09:45:55 AM) (Source: DCOM) (EventID: 10010) (User: KUBAS-PC)
Description: Server {14286318-B6CF-49A1-81FC-D74AD94902F9} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/10/2016 01:30:52 AM) (Source: DCOM) (EventID: 10010) (User: KUBAS-PC)
Description: Server {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/10/2016 01:30:52 AM) (Source: DCOM) (EventID: 10010) (User: KUBAS-PC)
Description: Server {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/10/2016 01:30:52 AM) (Source: DCOM) (EventID: 10010) (User: KUBAS-PC)
Description: Server {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/10/2016 01:30:52 AM) (Source: DCOM) (EventID: 10010) (User: KUBAS-PC)
Description: Server {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/09/2016 09:13:02 PM) (Source: DCOM) (EventID: 10010) (User: KUBAS-PC)
Description: Server {14286318-B6CF-49A1-81FC-D74AD94902F9} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/09/2016 09:09:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Hardlock neuspěla při spuštění v důsledku následující chyby:
V systému Windows nelze ověřit digitální podpis tohoto souboru. Při nedávné změně hardwaru nebo softwaru mohl být nainstalován nesprávně podepsaný nebo poškozený soubor nebo soubor škodlivého softwaru z neznámého zdroje.

Error: (12/09/2016 09:07:52 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Superfetch byla ukončena s následující chybou:
Služba nebyla spuštěna.

Error: (12/09/2016 09:07:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/09/2016 09:07:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Rapid Storage Technology byla neočekávaně ukončena. Tento stav nastal již 1krát.


CodeIntegrity:
===================================
Date: 2016-12-09 21:09:51.010
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\hardlock.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-12-09 09:44:48.931
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\hardlock.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-12-09 09:38:32.411
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\hardlock.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-12-09 09:35:04.753
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\hardlock.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-12-09 09:31:01.281
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\hardlock.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-12-09 09:29:15.923
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\hardlock.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-12-09 09:23:27.841
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\hardlock.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-12-09 09:20:34.342
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\hardlock.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-12-08 15:39:22.463
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\hardlock.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-12-08 13:32:45.082
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\hardlock.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4710MQ CPU @ 2.50GHz
Percentage of memory in use: 41%
Total physical RAM: 8116.27 MB
Available physical RAM: 4757.54 MB
Total Virtual: 16308.27 MB
Available Virtual: 12485.55 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:885.44 GB) (Free:240.97 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.61 GB) NTFS
Drive f: () (Removable) (Total:28.96 GB) (Free:28.81 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: FB3CC2A1)

Partition: GPT.

========================================================
Disk: 1 (Size: 29 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

Re: Prosím o kontrolu logu - WiFi vypadává

Napsal: 11 pro 2016 22:43
od sorcer
1) Obsah fixu níže, nakopírujte do Notepadu + uložte jej jako: fixlist.txt
2) Soubor uložte na stejné místo, kde má aktuálně utilitu FRST

Kód: Vybrat vše

Start
CreateRestorePoint:
EmptyTemp:
CloseProcesses:
Hosts:

HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

Task: C:\windows\Tasks\update-S-1-5-21-3202558833-1069189178-1228024318-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: {D8C121B8-9F23-454A-87A7-8D7AD22A1485} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-02] (AVAST Software)

AlternateDataStreams: C:\Users\User\Desktop\adwcleaner_6.040.exe:BDU [0]
AlternateDataStreams: C:\Users\User\Desktop\FRST64.exe:BDU [0]
AlternateDataStreams: C:\Users\User\Desktop\FRSTLauncher.exe:BDU [0]
AlternateDataStreams: C:\Users\User\Downloads\adwcleaner_6.040 (1).exe:BDU [0]
AlternateDataStreams: C:\Users\User\Downloads\FileZilla_Server-0_9_59.exe:BDU [0]
AlternateDataStreams: C:\Users\User\Downloads\RSITx64.exe:BDU [0]
AlternateDataStreams: C:\Users\User\Downloads\Wireless_19.20.0_PROSet64_Win8.1.exe:BDU [0]

END
3) Spusťte FRST a kliněte na tlačítko FIX
4) Restartujte PC.
5) Sledujte PC, jak se chová
5) Obsah FIXLOGU postněte sem do Vašeho topicu

Re: Prosím o kontrolu logu - WiFi vypadává

Napsal: 11 pro 2016 23:09
od ImKubass
Fix result of Farbar Recovery Scan Tool (x64) Version: 07-12-2016
Ran by User (11-12-2016 23:03:37) Run:1
Running from C:\Users\User\Desktop
Loaded Profiles: User (Available Profiles: User)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
EmptyTemp:
CloseProcesses:
Hosts:

HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

Task: C:\windows\Tasks\update-S-1-5-21-3202558833-1069189178-1228024318-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: {D8C121B8-9F23-454A-87A7-8D7AD22A1485} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-02] (AVAST Software)

AlternateDataStreams: C:\Users\User\Desktop\adwcleaner_6.040.exe:BDU [0]
AlternateDataStreams: C:\Users\User\Desktop\FRST64.exe:BDU [0]
AlternateDataStreams: C:\Users\User\Desktop\FRSTLauncher.exe:BDU [0]
AlternateDataStreams: C:\Users\User\Downloads\adwcleaner_6.040 (1).exe:BDU [0]
AlternateDataStreams: C:\Users\User\Downloads\FileZilla_Server-0_9_59.exe:BDU [0]
AlternateDataStreams: C:\Users\User\Downloads\RSITx64.exe:BDU [0]
AlternateDataStreams: C:\Users\User\Downloads\Wireless_19.20.0_PROSet64_Win8.1.exe:BDU [0]

END
*****************

Restore point was successfully created.
Processes closed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE => value removed successfully
C:\windows\Tasks\update-S-1-5-21-3202558833-1069189178-1228024318-1001.job => moved successfully
C:\windows\Tasks\update-sys.job => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{D8C121B8-9F23-454A-87A7-8D7AD22A1485}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D8C121B8-9F23-454A-87A7-8D7AD22A1485}" => key removed successfully
C:\windows\System32\Tasks\AVAST Software\Avast settings backup => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Avast settings backup" => key removed successfully
C:\Users\User\Desktop\adwcleaner_6.040.exe => ":BDU" ADS removed successfully.
C:\Users\User\Desktop\FRST64.exe => ":BDU" ADS removed successfully.
"C:\Users\User\Desktop\FRSTLauncher.exe" => ":BDU" ADS not found.
C:\Users\User\Downloads\adwcleaner_6.040 (1).exe => ":BDU" ADS removed successfully.
C:\Users\User\Downloads\FileZilla_Server-0_9_59.exe => ":BDU" ADS removed successfully.
C:\Users\User\Downloads\RSITx64.exe => ":BDU" ADS removed successfully.
C:\Users\User\Downloads\Wireless_19.20.0_PROSet64_Win8.1.exe => ":BDU" ADS removed successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 8596595 B
Java, Flash, Steam htmlcache => 362986046 B
Windows/system/drivers => 17257997 B
Edge => 0 B
Chrome => 104858084 B
Firefox => 378310822 B
Opera => 386132288 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 118228 B
LocalService => 292490 B
NetworkService => 0 B
User => 222046038 B

RecycleBin => 0 B
EmptyTemp: => 1.4 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 23:04:41 ====

Re: Prosím o kontrolu logu - WiFi vypadává

Napsal: 11 pro 2016 23:15
od sorcer
Malwarebytes mate instalován, aktualizujte definice malware (druhy radek - Verze databaze), poté spustte sken.


Navod zde: http://forum.viry.cz/viewtopic.php?f=29&t=144868

Re: Prosím o kontrolu logu - WiFi vypadává

Napsal: 12 pro 2016 09:49
od ImKubass
Podařilo se mi, že jsem neuložil log. Zkoušel jsem ho ještě zpětně dohledat jestli se neuložil, ale nepodařilo se mi ho najít. Budu muset udělat sken znovu?

Re: Prosím o kontrolu logu - WiFi vypadává

Napsal: 12 pro 2016 13:57
od sorcer
Prověřte tato umístění:

C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-yyyy-mm-dd

a

C:\Users\<USERNAME>\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs

Případně přímo z programu takto:

https://youtu.be/I6H6RBGsw9o

Re: Prosím o kontrolu logu - WiFi vypadává

Napsal: 12 pro 2016 17:02
od ImKubass
Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 11. 12. 2016
Čas skenování: 23:28
Protokol: log.txt
Správce: Ano

Verze: 2.2.1.1043
Databáze malwaru: v2016.12.11.06
Databáze rootkitů: v2016.11.20.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: User

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 992351
Uplynulý čas: 7 hod, 34 min, 15 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 3
RiskWare.CHP, C:\Programy\EasyPHP-Devserver-16.1\eds-binaries\php\php5619vc11x86x161206215151\eds-app-launch.exe, Žádná akce od uživatele, [c9490bdbd7c3a39353f14468f80b27d9],
RiskWare.CHP, C:\Programy\EasyPHP-Devserver-16.1\eds-binaries\php\php704vc14x86x161206215151\eds-app-launch.exe, Žádná akce od uživatele, [37db8363f5a580b6cd776f3dad564db3],
RiskWare.CHP, C:\Programy\EasyPHP-Devserver-16.1\eds-dashboard\eds-app-launch.exe, Žádná akce od uživatele, [bf539551d9c1dc5a94b0beeeb94ab947],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

Re: Prosím o kontrolu logu - WiFi vypadává

Napsal: 12 pro 2016 18:22
od sorcer
Opět prosím sken z FRST.

Re: Prosím o kontrolu logu - WiFi vypadává

Napsal: 12 pro 2016 21:15
od ImKubass
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2016
Ran by User (administrator) on KUBAS-PC (12-12-2016 21:12:52)
Running from C:\Users\User\Desktop
Loaded Profiles: User (Available Profiles: User)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Programy\Bitdefender\Antivirus Free Edition\gzserv.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Fortinet Inc.) C:\Windows\SysWOW64\FortiSSLVPNdaemon.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(TeamViewer GmbH) C:\Programy\TeamViewer\TeamViewer_Service.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Bitdefender) C:\Programy\Bitdefender\Antivirus Free Edition\gziface.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo) C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.1\Lightshot.exe
() C:\Hry\Gaming Keyboard\Monitor.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Hry\Gaming Keyboard\OSD.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\User\Desktop\frstlauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IgfxTray] => C:\windows\system32\igfxtray.exe [404376 2015-08-09] ()
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2894664 2013-08-08] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-14] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2015-05-29] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2015-05-29] (Lenovo(beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-08-11] (IDT, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [552960 2013-05-15] (Vimicro)
HKLM-x32\...\Run: [Lenovo App Shop] => C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\ismagent.exe [156000 2013-07-18] (Intel Corporation)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [VICTORY Gaming Keyboard] => C:\Hry\Gaming Keyboard\Monitor.exe [270336 2013-11-11] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation)
HKU\S-1-5-21-3202558833-1069189178-1228024318-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-3202558833-1069189178-1228024318-1001\...\MountPoints2: {8de2f1f7-1f12-11e5-825f-801934c2cfbc} - "G:\SETUP.EXE"
HKU\S-1-5-21-3202558833-1069189178-1228024318-1001\...\MountPoints2: {8de2f4bf-1f12-11e5-825f-801934c2cfbc} - "H:\Setup.exe"
HKU\S-1-5-21-3202558833-1069189178-1228024318-1001\...\MountPoints2: {d8076dc7-fcf3-11e5-82d3-801934c2cfbc} - "I:\SETUP.EXE"
HKU\S-1-5-21-3202558833-1069189178-1228024318-1001\...\MountPoints2: {ddd564f2-1cd6-11e5-825c-801934c2cfbc} - "G:\setup.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2016-07-13]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.255.255.10 10.255.255.20
Tcpip\..\Interfaces\{0AC2234A-0EAD-4C09-A28C-B040730D7725}: [DhcpNameServer] 160.217.1.10 160.217.161.1
Tcpip\..\Interfaces\{3FC180D1-CCDF-4ED2-A053-141A9071AB03}: [DhcpNameServer] 10.255.255.10 10.255.255.20
Tcpip\..\Interfaces\{96F2F1CE-0C8A-4BEB-9E1A-33622516705E}: [DhcpNameServer] 10.255.255.10 10.255.255.20
Tcpip\..\Interfaces\{B1AA1527-788B-4061-9913-5A5031F54997}: [DhcpNameServer] 213.226.240.126 213.226.224.12 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3202558833-1069189178-1228024318-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3202558833-1069189178-1228024318-1001 -> DefaultScope {ECAB31B9-8323-48E7-A7BC-D799254D5967} URL =
SearchScopes: HKU\S-1-5-21-3202558833-1069189178-1228024318-1001 -> {ECAB31B9-8323-48E7-A7BC-D799254D5967} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-12-05] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_77\bin\ssv.dll [2016-04-08] (Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-05] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-04-08] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-12-05] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-04-08] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-12-05] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-04-08] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-05] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-05] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-05] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-05] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: kzn102ke.default
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kzn102ke.default [2016-12-11]
FF Extension: (Html Validator) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kzn102ke.default\Extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e} [2016-07-30]
FF Plugin: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-04-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-04-08] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @FortinetCacheClean -> C:\Program Files (x86)\Fortinet\SslvpnClient\npccplugin.dll [2014-04-09] (Fortinet Inc.)
FF Plugin-x32: @FortinetCacheCleanEx -> C:\Program Files (x86)\Fortinet\SslvpnClient\npccpluginex.dll [2014-04-09] (Fortinet Inc.)
FF Plugin-x32: @FortinetTunnelControl -> C:\Program Files (x86)\Fortinet\SslvpnClient\nptcplugin.dll [2014-04-09] (Fortinet Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-04-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-04-08] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-12-05] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-05] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-10-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-10-25] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3202558833-1069189178-1228024318-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-12-07] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3202558833-1069189178-1228024318-1001: intel.com/AppUp -> C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\npAppUp.dll [2013-07-18] (Intel)
FF Plugin HKU\S-1-5-21-3202558833-1069189178-1228024318-1001: intel.com/AppUpx64 -> C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\npAppUp_x64.dll [2013-07-18] (Intel)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/?clid=13415
CHR StartupUrls: Default -> "hxxp://www.youtube.com/"
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2016-12-12]
CHR Extension: (Prezentace Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-25]
CHR Extension: (Dokumenty Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-25]
CHR Extension: (Zhasnout světla) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2016-11-30]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Ban Checker for Steam) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\canbadmphamemnmdfngmcabnjmjgaiki [2016-07-24]
CHR Extension: (Vyhledávání Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Tabulky Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-12-10]
CHR Extension: (Black carbon + silver metal) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lodhggoaglindpoejnjldimdlikkphph [2016-09-18]
CHR Extension: (Rozšíření Google Keep pro Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2016-08-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-25]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-25]

Opera:
=======
OPR Extension: (Adblock Plus) - C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2016-12-11]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3294912 2016-10-30] (Microsoft Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
S4 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [10997992 2015-02-12] (DisplayLink Corp.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [92160 2013-07-29] (ELAN Microelectronics Corp.)
R2 FortiSslvpnDaemon; C:\windows\SysWOW64\FortiSSLVPNdaemon.exe [954080 2014-04-09] (Fortinet Inc.)
R2 gzserv; C:\Programy\Bitdefender\Antivirus Free Edition\gzserv.exe [79552 2016-03-02] (Bitdefender)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\windows\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [155448 2013-09-21] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-10-25] (NVIDIA Corporation)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-25] ()
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [338944 2013-08-11] (IDT, Inc.) [File not signed]
R2 TeamViewer; C:\Programy\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH)
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2015-05-29] ()
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-06] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 avc3; C:\windows\System32\DRIVERS\avc3.sys [718840 2013-04-17] (BitDefender)
U5 avchv; C:\Windows\System32\Drivers\avchv.sys [261056 2016-12-08] (BitDefender)
R3 avckf; C:\windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender)
R1 bdfwfpf; C:\Programy\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-07-02] (Bitdefender SRL)
R3 btmaux; C:\windows\system32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.)
R3 btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [1386296 2013-08-19] (Motorola Solutions, Inc.)
S3 DisplayLinkUsbIo_x64; C:\windows\system32\DRIVERS\DisplayLinkUsbIo_x64_7.7.60366.0.sys [46312 2015-02-13] ()
S3 dlcdcncm; C:\windows\system32\DRIVERS\dlcdcncm62_x64.sys [83176 2015-02-12] (DisplayLink Corp.)
S3 dlusbaudio; C:\windows\system32\DRIVERS\dlusbaudio_x64.sys [210152 2015-02-12] (DisplayLink Corp.)
R3 dtlitescsibus; C:\windows\System32\drivers\dtlitescsibus.sys [30264 2015-06-25] (Disc Soft Ltd)
R3 ETDSMBus; C:\windows\system32\DRIVERS\ETDSMBus.sys [22280 2013-08-05] (ELAN Microelectronic Corp.)
R1 gzflt; C:\windows\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (BitDefender LLC)
S2 Hardlock; C:\windows\system32\drivers\hardlock.sys [296448 2005-06-14] (Aladdin Knowledge Systems Ltd.) [File not signed]
R3 ibtusb; C:\windows\system32\DRIVERS\ibtusb.sys [118216 2013-09-10] (Intel Corporation)
R0 IntelHSWPcc; C:\windows\System32\drivers\IntelPcc.sys [74344 2013-07-03] (Intel Corporation)
R3 MEIx64; C:\windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
S3 NETwNb64; C:\windows\system32\DRIVERS\NETwbw02.sys [3494680 2015-03-09] (Intel Corporation)
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
S3 nvvad_WaveExtensible; C:\windows\system32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation)
R3 pppop; C:\windows\system32\DRIVERS\pppop64.sys [42528 2009-07-21] (Fortinet Inc.)
R3 RtlWlanu; C:\windows\system32\DRIVERS\DRTWlanU.sys [3470040 2014-07-30] (Realtek Semiconductor Corporation )
R3 SensorsAlsDriver; C:\windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R3 SensorsServiceDriver; C:\windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R3 SensorsSimulatorDriver; C:\windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R3 ssdevfactory; C:\windows\System32\drivers\ssdevfactory.sys [40576 2016-03-09] (SteelSeries ApS)
R3 sshid; C:\windows\System32\drivers\sshid.sys [52960 2016-10-05] (SteelSeries ApS)
R0 trufos; C:\windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.)
R3 vm331avs; C:\windows\System32\Drivers\vm331avs.sys [1065472 2013-08-30] (Vimicro Corporation)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 wdm_usb; C:\windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 wsvd; C:\windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-12 21:12 - 2016-12-12 21:13 - 00024550 _____ C:\Users\User\Desktop\FRST.txt
2016-12-12 21:12 - 2016-12-12 21:12 - 00029696 _____ C:\Users\User\AppData\Local\MSGBOX.EXE
2016-12-12 21:12 - 2016-12-12 21:12 - 00015327 _____ C:\Users\User\Desktop\LM.bat
2016-12-12 13:38 - 2016-12-12 13:38 - 09157389 _____ C:\Users\User\Downloads\iSNS.rar
2016-12-12 11:39 - 2016-12-12 11:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D-Link
2016-12-12 11:37 - 2016-12-12 11:37 - 00000000 ____D C:\Program Files (x86)\D-Link
2016-12-12 11:37 - 2014-07-30 12:26 - 03470040 _____ (Realtek Semiconductor Corporation ) C:\windows\system32\Drivers\DRTWlanU.sys
2016-12-12 10:00 - 2016-12-12 10:11 - 00000313 _____ C:\Users\User\Desktop\erdfgdf.txt
2016-12-11 23:03 - 2016-12-11 23:04 - 00003705 _____ C:\Users\User\Desktop\Fixlog.txt
2016-12-11 22:47 - 2016-12-11 22:47 - 00611400 _____ () C:\Users\User\Downloads\LSBsetup (1).exe
2016-12-11 22:46 - 2016-12-11 22:46 - 00611400 _____ () C:\Users\User\Downloads\LSBsetup.exe
2016-12-11 12:45 - 2016-12-11 12:45 - 00112640 _____ (forum.viry.cz) C:\Users\User\Desktop\frstlauncher.exe
2016-12-11 01:28 - 2016-12-11 01:28 - 00000000 ____D C:\Users\User\Documents\Vlastní šablony Office
2016-12-10 21:24 - 2016-12-12 21:12 - 00000000 ____D C:\FRST
2016-12-10 21:23 - 2016-12-10 21:23 - 02420224 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2016-12-09 21:04 - 2016-12-09 21:04 - 03968464 _____ C:\Users\User\Downloads\adwcleaner_6.040 (1).exe
2016-12-09 13:18 - 2016-12-09 13:27 - 00000000 ____D C:\Program Files\trend micro
2016-12-09 13:18 - 2016-12-09 13:26 - 00000000 ____D C:\rsit
2016-12-09 13:16 - 2016-12-09 13:16 - 01222144 _____ C:\Users\User\Downloads\RSITx64.exe
2016-12-08 16:59 - 2016-12-08 16:59 - 00000000 ____D C:\Users\User\AppData\Roaming\FileZilla Server
2016-12-08 13:22 - 2016-12-09 21:07 - 00000000 ____D C:\AdwCleaner
2016-12-08 13:21 - 2016-12-08 13:21 - 03968464 _____ C:\Users\User\Desktop\adwcleaner_6.040.exe
2016-12-08 10:46 - 2016-12-08 10:46 - 00261056 _____ (BitDefender) C:\windows\system32\Drivers\avchv.sys
2016-12-07 16:52 - 2016-12-08 17:13 - 00000000 ____D C:\Users\User\AppData\Local\Koala
2016-12-07 16:52 - 2016-12-07 17:08 - 00000000 ____D C:\Users\User\.koala
2016-12-07 16:52 - 2016-12-07 16:52 - 00001652 _____ C:\Users\Public\Desktop\Koala.lnk
2016-12-07 16:52 - 2016-12-07 16:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Koala
2016-12-07 15:22 - 2016-12-07 15:22 - 00000000 ____D C:\Users\User\node_modules
2016-12-07 15:22 - 2016-12-07 15:22 - 00000000 ____D C:\Users\User\AppData\Roaming\npm-cache
2016-12-07 15:06 - 2016-12-07 15:22 - 00000000 ____D C:\Users\User\AppData\Roaming\npm
2016-12-07 15:06 - 2016-12-07 15:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js
2016-12-06 21:51 - 2016-12-06 21:51 - 00001827 _____ C:\Users\User\Desktop\EasyPHP Devserver 16.1.1.lnk
2016-12-06 15:46 - 2016-12-09 09:48 - 00003170 _____ C:\windows\System32\Tasks\OneDrive Standalone Update Task v2
2016-12-05 09:46 - 2016-12-05 09:46 - 00002513 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-12-05 09:46 - 2016-12-05 09:46 - 00002512 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive pro firmy.lnk
2016-12-05 09:46 - 2016-12-05 09:46 - 00002507 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-12-05 09:46 - 2016-12-05 09:46 - 00002484 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-12-05 09:46 - 2016-12-05 09:46 - 00002479 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-12-05 09:46 - 2016-12-05 09:46 - 00002472 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy 2016.lnk
2016-12-05 09:46 - 2016-12-05 09:46 - 00002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-12-05 09:46 - 2016-12-05 09:46 - 00002405 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-12-05 09:46 - 2016-12-05 09:46 - 00002401 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-12-05 09:46 - 2016-12-05 09:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016
2016-12-05 09:41 - 2016-12-05 09:41 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-12-04 22:51 - 2016-12-04 22:51 - 00004196 _____ C:\windows\System32\Tasks\Red Giant Link
2016-12-04 22:51 - 2016-12-04 22:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Giant
2016-12-04 22:51 - 2016-12-04 22:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magic Bullet Looks
2016-12-04 22:51 - 2016-12-04 22:51 - 00000000 ____D C:\Program Files\Magic Bullet Looks Vegas
2016-12-04 22:51 - 2016-12-04 22:51 - 00000000 ____D C:\Program Files (x86)\Red Giant Link
2016-12-04 22:45 - 2016-12-04 22:45 - 00000000 ____D C:\Users\User\AppData\Local\Downloaded Installations
2016-12-04 21:15 - 2016-12-04 21:16 - 00612008 _____ C:\windows\Minidump\120416-23718-01.dmp
2016-12-04 21:15 - 2016-12-04 21:15 - 986535046 _____ C:\windows\MEMORY.DMP
2016-12-04 20:56 - 2016-12-04 20:56 - 00000000 ____D C:\windows\LastGood.Tmp
2016-12-04 20:52 - 2016-12-04 20:52 - 93742208 _____ (Intel(R) Corporation) C:\Users\User\Downloads\Wireless_19.20.0_PROSet64_Win8.1.exe
2016-12-04 20:46 - 2016-12-04 20:46 - 00003834 _____ C:\windows\System32\Tasks\Opera scheduled Autoupdate 1480880807
2016-12-04 20:46 - 2016-12-04 20:46 - 00001162 _____ C:\Users\Public\Desktop\Opera.lnk
2016-12-04 20:46 - 2016-12-04 20:46 - 00001162 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-12-04 20:46 - 2016-12-04 20:46 - 00000000 ____D C:\Users\User\AppData\Roaming\Opera Software
2016-12-04 20:46 - 2016-12-04 20:46 - 00000000 ____D C:\Users\User\AppData\Local\Opera Software
2016-12-04 20:41 - 2016-12-04 20:47 - 00000000 ____D C:\Program Files (x86)\Opera
2016-12-04 20:36 - 2016-12-05 13:43 - 00110966 _____ C:\Users\User\Desktop\format_obsah_bunek_listy.xlsx
2016-12-01 20:47 - 2016-12-07 12:22 - 00000000 ____D C:\Users\User\AppData\LocalLow\Mozilla
2016-11-30 17:20 - 2016-11-30 17:20 - 00000000 ____D C:\Users\User\AppData\Local\ElevatedDiagnostics
2016-11-29 16:41 - 2016-11-29 16:41 - 02238848 _____ (FileZilla Project) C:\Users\User\Downloads\FileZilla_Server-0_9_59.exe
2016-11-27 12:55 - 2016-11-27 12:55 - 00012359 _____ C:\Users\User\Downloads\[CzT]Inside_2016_.torrent
2016-11-27 12:55 - 2016-11-27 12:55 - 00000000 ____D C:\Users\User\Downloads\INSIDE
2016-11-26 10:11 - 2016-11-26 11:02 - 4225924701 _____ C:\Users\User\Downloads\Southpaw.2015.720p.BluRay.x264-HiDt.mkv
2016-11-26 10:01 - 2016-11-26 10:01 - 00000000 ____D C:\ProgramData\VEGAS Pro
2016-11-26 10:00 - 2016-11-26 10:00 - 00000000 ____D C:\Users\User\AppData\Roaming\VEGAS Pro
2016-11-26 10:00 - 2016-11-26 10:00 - 00000000 ____D C:\Users\User\AppData\Roaming\VEGAS
2016-11-26 10:00 - 2016-11-26 10:00 - 00000000 ____D C:\Users\User\AppData\Roaming\MAGIX
2016-11-26 10:00 - 2016-11-26 10:00 - 00000000 ____D C:\Users\User\AppData\Local\VEGAS Pro
2016-11-26 10:00 - 2016-11-26 10:00 - 00000000 ____D C:\ProgramData\MAGIX
2016-11-26 10:00 - 2016-11-26 10:00 - 00000000 ____D C:\Program Files (x86)\VEGAS
2016-11-26 09:59 - 2016-11-26 09:59 - 00001072 _____ C:\Users\Public\Desktop\Vegas Pro 14.0 (64-bit).lnk
2016-11-26 09:59 - 2016-11-26 09:59 - 00000000 ____D C:\Users\User\AppData\Local\VEGAS
2016-11-26 09:59 - 2016-11-26 09:59 - 00000000 ____D C:\ProgramData\VEGAS
2016-11-26 09:59 - 2016-11-26 09:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS
2016-11-26 09:59 - 2016-11-26 09:59 - 00000000 ____D C:\Program Files\VEGAS
2016-11-14 10:43 - 2016-11-14 10:43 - 00000585 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brackets.lnk
2016-11-13 22:20 - 2016-11-13 22:20 - 00002900 _____ C:\windows\system32\lic2.xml11606
2016-11-13 19:49 - 2016-11-13 19:49 - 00000000 ____H C:\windows\system32\Drivers\Msft_User_HidBthLE_01_11_00.Wdf
2016-11-13 12:45 - 2016-11-13 12:45 - 00000000 ____D C:\Users\User\Downloads\Never.Back.Down.No.Surrender.2016.DVDRip.XviD.AC3-iFT

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-12 20:25 - 2015-06-25 08:35 - 00000978 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-12-12 19:55 - 2015-10-09 14:34 - 00000000 ___RD C:\Users\User\OneDrive
2016-12-12 19:55 - 2015-08-25 12:58 - 00000000 __SHD C:\Users\User\IntelGraphicsProfiles
2016-12-12 19:55 - 2015-06-25 08:35 - 00000974 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-12-12 17:48 - 2015-05-29 21:22 - 00003600 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3202558833-1069189178-1228024318-1001
2016-12-12 17:09 - 2015-08-01 20:16 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype
2016-12-12 16:59 - 2016-07-24 15:19 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2016-12-12 16:59 - 2015-05-29 04:14 - 00774776 _____ C:\windows\system32\perfh005.dat
2016-12-12 16:59 - 2015-05-29 04:14 - 00169356 _____ C:\windows\system32\perfc005.dat
2016-12-12 16:59 - 2013-08-28 09:36 - 01851412 _____ C:\windows\system32\PerfStringBackup.INI
2016-12-12 16:59 - 2013-08-22 14:36 - 00000000 ____D C:\windows\Inf
2016-12-12 13:52 - 2015-05-29 07:11 - 00000000 ____D C:\ProgramData\NVIDIA
2016-12-12 13:52 - 2013-08-22 15:45 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-12-12 13:51 - 2015-05-29 03:56 - 00025088 _____ C:\windows\system32\VfService.trf
2016-12-12 13:40 - 2015-05-29 21:17 - 00000000 ____D C:\Users\User\AppData\Local\Packages
2016-12-12 11:37 - 2015-05-29 03:40 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-12 09:46 - 2015-06-26 10:10 - 00000000 ____D C:\Hry
2016-12-12 09:26 - 2013-08-22 14:25 - 00262144 ___SH C:\windows\system32\config\BBI
2016-12-11 23:04 - 2016-06-09 18:41 - 00000000 ____D C:\Users\User\AppData\LocalLow\Temp
2016-12-11 23:03 - 2015-12-03 17:12 - 00000000 ____D C:\windows\System32\Tasks\AVAST Software
2016-12-11 22:47 - 2015-06-25 08:35 - 00000000 ____D C:\Users\User\AppData\Local\Deployment
2016-12-11 16:24 - 2015-06-27 10:08 - 00000000 ____D C:\Users\User\AppData\Roaming\vlc
2016-12-11 15:25 - 2015-11-14 18:49 - 00000000 ____D C:\Users\User\AppData\Roaming\Audacity
2016-12-11 01:16 - 2015-07-06 13:58 - 00000958 _____ C:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-12-10 22:24 - 2015-06-25 09:06 - 00000000 ____D C:\Program Files (x86)\Steam
2016-12-10 21:21 - 2015-06-25 17:53 - 00000000 ____D C:\Kubas
2016-12-10 00:37 - 2016-02-11 12:29 - 00000000 ____D C:\Users\User\AppData\Local\CrashDumps
2016-12-09 09:48 - 2016-04-18 21:02 - 00002373 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive pro firmy.lnk
2016-12-09 09:48 - 2015-10-09 14:36 - 00003178 _____ C:\windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3202558833-1069189178-1228024318-1001
2016-12-09 09:24 - 2015-11-14 18:48 - 00000000 ____D C:\Programy
2016-12-08 11:24 - 2015-07-30 17:23 - 00000000 ___RD C:\Users\User\Desktop\Notes
2016-12-08 11:17 - 2013-08-22 16:36 - 00000000 ____D C:\windows\system32\NDF
2016-12-08 09:13 - 2013-08-22 16:36 - 00000000 ____D C:\windows\LiveKernelReports
2016-12-05 13:06 - 2013-08-22 15:44 - 00529984 _____ C:\windows\system32\FNTCACHE.DAT
2016-12-05 12:29 - 2016-10-09 20:12 - 00000000 ____D C:\Users\User\Documents\SQL Server Management Studio
2016-12-05 12:21 - 2015-07-20 17:11 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-12-05 09:55 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-12-05 09:40 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-12-04 22:51 - 2015-06-26 16:44 - 00000000 ____D C:\Users\User\AppData\Roaming\Red Giant Link
2016-12-04 22:51 - 2015-06-26 16:44 - 00000000 ____D C:\Program Files (x86)\LooksBuilder
2016-12-04 21:18 - 2015-05-29 03:43 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-04 21:18 - 2015-05-29 03:40 - 00000000 ____D C:\ProgramData\Intel
2016-12-04 21:18 - 2015-05-29 03:38 - 00000000 ___HD C:\Intel
2016-12-04 21:18 - 2015-05-29 03:38 - 00000000 ____D C:\Program Files (x86)\Intel
2016-12-04 21:17 - 2015-05-29 03:38 - 00000000 ____D C:\Program Files\Intel
2016-12-04 21:15 - 2015-06-27 15:13 - 00000000 ____D C:\windows\Minidump
2016-12-04 14:03 - 2016-02-05 12:23 - 00000000 ____D C:\Program Files\mmpicker
2016-12-04 12:21 - 2015-06-25 09:08 - 00000000 ____D C:\Program Files (x86)\Diablo III
2016-12-04 12:20 - 2015-06-25 09:07 - 00000000 ____D C:\Users\User\AppData\Local\Battle.net
2016-12-04 12:20 - 2015-06-25 09:07 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-12-01 20:47 - 2016-01-14 16:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-01 12:49 - 2015-06-28 12:01 - 00000000 ____D C:\Users\User\AppData\Roaming\TS3Client
2016-11-30 20:35 - 2016-04-19 09:12 - 00000000 ____D C:\Users\User\AppData\Roaming\XnView
2016-11-27 13:37 - 2016-11-05 12:21 - 00000000 ____D C:\Users\User\AppData\Roaming\uTorrent
2016-11-26 15:36 - 2015-10-05 22:16 - 00108864 _____ C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2016-11-26 10:00 - 2015-06-25 21:39 - 00000000 ____D C:\Users\User\AppData\Local\Sony
2016-11-26 09:59 - 2015-06-25 21:38 - 00000000 ____D C:\Users\User\AppData\Roaming\Sony
2016-11-24 16:14 - 2015-06-25 18:49 - 00000000 ____D C:\Users\User\AppData\Roaming\DAEMON Tools Lite
2016-11-23 08:30 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-11-23 08:30 - 2013-08-22 16:36 - 00000000 ____D C:\windows\AppReadiness
2016-11-17 22:08 - 2016-09-09 09:17 - 00000000 ____D C:\Users\User\AppData\Roaming\The Creative Assembly
2016-11-17 14:47 - 2016-03-07 16:46 - 00000000 ____D C:\Users\User\AppData\Roaming\steelseries-engine-3-client

==================== Files in the root of some directories =======

2015-05-29 07:43 - 2015-05-29 07:43 - 0000041 _____ () C:\Program Files\smaple.txt
2016-02-09 13:39 - 2016-02-09 14:22 - 0000124 _____ () C:\Users\User\AppData\Roaming\Camdata.ini
2016-02-09 13:39 - 2016-02-09 14:22 - 0000408 _____ () C:\Users\User\AppData\Roaming\CamLayout.ini
2016-02-09 13:39 - 2016-02-09 14:22 - 0000408 _____ () C:\Users\User\AppData\Roaming\CamShapes.ini
2016-02-09 13:39 - 2016-02-09 14:22 - 0004547 _____ () C:\Users\User\AppData\Roaming\CamStudio.cfg
2016-02-09 13:35 - 2016-02-09 13:57 - 0000096 _____ () C:\Users\User\AppData\Roaming\version2.xml
2015-10-15 13:08 - 2016-10-21 21:28 - 0001480 _____ () C:\Users\User\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2016-12-12 21:12 - 2016-12-12 21:12 - 0029696 _____ () C:\Users\User\AppData\Local\MSGBOX.EXE
2015-06-26 10:11 - 2015-06-26 10:11 - 0000003 _____ () C:\Users\User\AppData\Local\updater.log
2015-06-26 10:11 - 2016-08-06 18:01 - 0000424 _____ () C:\Users\User\AppData\Local\UserProducts.xml
2016-07-13 14:13 - 2016-07-13 14:13 - 0206907 _____ () C:\ProgramData\1468415343.bdinstall.bin
2016-07-24 15:15 - 2016-07-24 15:15 - 0037601 _____ () C:\ProgramData\1469369715.bdinstall.bin
2016-07-24 15:17 - 2016-07-24 15:17 - 0097972 _____ () C:\ProgramData\1469369717.bdinstall.bin
2016-07-24 16:01 - 2016-07-24 16:01 - 0197297 _____ () C:\ProgramData\1469372212.bdinstall.bin
2015-05-29 03:42 - 2015-05-29 03:42 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-12-11 17:00

==================== End of FRST.txt ============================

Re: Prosím o kontrolu logu - WiFi vypadává

Napsal: 13 pro 2016 22:37
od sorcer
Další FIXLIST

1) Obsah fixu níže, nakopírujte do Notepadu + uložte jej jako: fixlist.txt
2) Soubor uložte na stejné místo, kde má aktuálně utilitu FRST

Kód: Vybrat vše

Start
CreateRestorePoint:
EmptyTemp:
CloseProcesses:
Hosts:

HKU\S-1-5-21-3202558833-1069189178-1228024318-1001\...\MountPoints2: {8de2f1f7-1f12-11e5-825f-801934c2cfbc} - "G:\SETUP.EXE" 

HKU\S-1-5-21-3202558833-1069189178-1228024318-1001\...\MountPoints2: {8de2f4bf-1f12-11e5-825f-801934c2cfbc} - "H:\Setup.exe"

HKU\S-1-5-21-3202558833-1069189178-1228024318-1001\...\MountPoints2: {d8076dc7-fcf3-11e5-82d3-801934c2cfbc} - "I:\SETUP.EXE"

HKU\S-1-5-21-3202558833-1069189178-1228024318-1001\...\MountPoints2: {ddd564f2-1cd6-11e5-825c-801934c2cfbc} - "G:\setup.exe"

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
END
3) Spusťte FRST a kliněte na tlačítko FIX
4) Restartujte PC.
5) Sledujte PC, jak se chová
5) Obsah FIXLOGU postněte sem do Vašeho topicu
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz